2 * BSS client mode implementation
3 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
4 * Copyright 2004, Instant802 Networks, Inc.
5 * Copyright 2005, Devicescape Software, Inc.
6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
7 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 2 as
11 * published by the Free Software Foundation.
15 * order BSS list by RSSI(?) ("quality of AP")
16 * scan result table filtering (by capability (privacy, IBSS/BSS, WPA/RSN IE,
19 #include <linux/delay.h>
20 #include <linux/if_ether.h>
21 #include <linux/skbuff.h>
22 #include <linux/netdevice.h>
23 #include <linux/if_arp.h>
24 #include <linux/wireless.h>
25 #include <linux/random.h>
26 #include <linux/etherdevice.h>
27 #include <linux/rtnetlink.h>
28 #include <net/iw_handler.h>
29 #include <net/mac80211.h>
31 #include "ieee80211_i.h"
36 #define IEEE80211_ASSOC_SCANS_MAX_TRIES 2
37 #define IEEE80211_AUTH_TIMEOUT (HZ / 5)
38 #define IEEE80211_AUTH_MAX_TRIES 3
39 #define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
40 #define IEEE80211_ASSOC_MAX_TRIES 3
41 #define IEEE80211_MONITORING_INTERVAL (2 * HZ)
42 #define IEEE80211_MESH_HOUSEKEEPING_INTERVAL (60 * HZ)
43 #define IEEE80211_PROBE_INTERVAL (60 * HZ)
44 #define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ)
45 #define IEEE80211_SCAN_INTERVAL (2 * HZ)
46 #define IEEE80211_SCAN_INTERVAL_SLOW (15 * HZ)
47 #define IEEE80211_IBSS_JOIN_TIMEOUT (7 * HZ)
49 #define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
50 #define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
51 #define IEEE80211_MESH_PEER_INACTIVITY_LIMIT (1800 * HZ)
53 #define IEEE80211_IBSS_MAX_STA_ENTRIES 128
56 /* mgmt header + 1 byte category code */
57 #define IEEE80211_MIN_ACTION_SIZE (24 + 1)
59 #define IEEE80211_ADDBA_PARAM_POLICY_MASK 0x0002
60 #define IEEE80211_ADDBA_PARAM_TID_MASK 0x003C
61 #define IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK 0xFFA0
62 #define IEEE80211_DELBA_PARAM_TID_MASK 0xF000
63 #define IEEE80211_DELBA_PARAM_INITIATOR_MASK 0x0800
65 /* next values represent the buffer size for A-MPDU frame.
66 * According to IEEE802.11n spec size varies from 8K to 64K (in powers of 2) */
67 #define IEEE80211_MIN_AMPDU_BUF 0x8
68 #define IEEE80211_MAX_AMPDU_BUF 0x40
71 static struct ieee80211_sta_bss *
72 ieee80211_rx_bss_get(struct ieee80211_local *local, u8 *bssid, int freq,
73 u8 *ssid, u8 ssid_len)
75 struct ieee80211_sta_bss *bss;
77 spin_lock_bh(&local->sta_bss_lock);
78 bss = local->sta_bss_hash[STA_HASH(bssid)];
80 if (!bss_mesh_cfg(bss) &&
81 !memcmp(bss->bssid, bssid, ETH_ALEN) &&
83 bss->ssid_len == ssid_len &&
84 (ssid_len == 0 || !memcmp(bss->ssid, ssid, ssid_len))) {
85 atomic_inc(&bss->users);
90 spin_unlock_bh(&local->sta_bss_lock);
94 /* Caller must hold local->sta_bss_lock */
95 static void __ieee80211_rx_bss_hash_add(struct ieee80211_local *local,
96 struct ieee80211_sta_bss *bss)
100 if (bss_mesh_cfg(bss))
101 hash_idx = mesh_id_hash(bss_mesh_id(bss),
102 bss_mesh_id_len(bss));
104 hash_idx = STA_HASH(bss->bssid);
106 bss->hnext = local->sta_bss_hash[hash_idx];
107 local->sta_bss_hash[hash_idx] = bss;
110 /* Caller must hold local->sta_bss_lock */
111 static void __ieee80211_rx_bss_hash_del(struct ieee80211_local *local,
112 struct ieee80211_sta_bss *bss)
114 struct ieee80211_sta_bss *b, *prev = NULL;
115 b = local->sta_bss_hash[STA_HASH(bss->bssid)];
119 local->sta_bss_hash[STA_HASH(bss->bssid)] =
122 prev->hnext = bss->hnext;
130 static struct ieee80211_sta_bss *
131 ieee80211_rx_bss_add(struct ieee80211_sub_if_data *sdata, u8 *bssid, int freq,
132 u8 *ssid, u8 ssid_len)
134 struct ieee80211_local *local = sdata->local;
135 struct ieee80211_sta_bss *bss;
137 bss = kzalloc(sizeof(*bss), GFP_ATOMIC);
140 atomic_inc(&bss->users);
141 atomic_inc(&bss->users);
142 memcpy(bss->bssid, bssid, ETH_ALEN);
144 if (ssid && ssid_len <= IEEE80211_MAX_SSID_LEN) {
145 memcpy(bss->ssid, ssid, ssid_len);
146 bss->ssid_len = ssid_len;
149 spin_lock_bh(&local->sta_bss_lock);
150 /* TODO: order by RSSI? */
151 list_add_tail(&bss->list, &local->sta_bss_list);
152 __ieee80211_rx_bss_hash_add(local, bss);
153 spin_unlock_bh(&local->sta_bss_lock);
157 #ifdef CONFIG_MAC80211_MESH
158 static struct ieee80211_sta_bss *
159 ieee80211_rx_mesh_bss_get(struct ieee80211_local *local, u8 *mesh_id, int mesh_id_len,
160 u8 *mesh_cfg, int freq)
162 struct ieee80211_sta_bss *bss;
164 spin_lock_bh(&local->sta_bss_lock);
165 bss = local->sta_bss_hash[mesh_id_hash(mesh_id, mesh_id_len)];
167 if (bss_mesh_cfg(bss) &&
168 !memcmp(bss_mesh_cfg(bss), mesh_cfg, MESH_CFG_CMP_LEN) &&
170 mesh_id_len == bss->mesh_id_len &&
171 (mesh_id_len == 0 || !memcmp(bss->mesh_id, mesh_id,
173 atomic_inc(&bss->users);
178 spin_unlock_bh(&local->sta_bss_lock);
182 static struct ieee80211_sta_bss *
183 ieee80211_rx_mesh_bss_add(struct ieee80211_local *local, u8 *mesh_id, int mesh_id_len,
184 u8 *mesh_cfg, int mesh_config_len, int freq)
186 struct ieee80211_sta_bss *bss;
188 if (mesh_config_len != MESH_CFG_LEN)
191 bss = kzalloc(sizeof(*bss), GFP_ATOMIC);
195 bss->mesh_cfg = kmalloc(MESH_CFG_CMP_LEN, GFP_ATOMIC);
196 if (!bss->mesh_cfg) {
201 if (mesh_id_len && mesh_id_len <= IEEE80211_MAX_MESH_ID_LEN) {
202 bss->mesh_id = kmalloc(mesh_id_len, GFP_ATOMIC);
204 kfree(bss->mesh_cfg);
208 memcpy(bss->mesh_id, mesh_id, mesh_id_len);
211 atomic_inc(&bss->users);
212 atomic_inc(&bss->users);
213 memcpy(bss->mesh_cfg, mesh_cfg, MESH_CFG_CMP_LEN);
214 bss->mesh_id_len = mesh_id_len;
216 spin_lock_bh(&local->sta_bss_lock);
217 /* TODO: order by RSSI? */
218 list_add_tail(&bss->list, &local->sta_bss_list);
219 __ieee80211_rx_bss_hash_add(local, bss);
220 spin_unlock_bh(&local->sta_bss_lock);
225 static void ieee80211_rx_bss_free(struct ieee80211_sta_bss *bss)
228 kfree(bss_mesh_id(bss));
229 kfree(bss_mesh_cfg(bss));
233 static void ieee80211_rx_bss_put(struct ieee80211_local *local,
234 struct ieee80211_sta_bss *bss)
237 if (!atomic_dec_and_lock(&bss->users, &local->sta_bss_lock)) {
242 __ieee80211_rx_bss_hash_del(local, bss);
243 list_del(&bss->list);
244 spin_unlock_bh(&local->sta_bss_lock);
245 ieee80211_rx_bss_free(bss);
248 void ieee80211_rx_bss_list_init(struct ieee80211_local *local)
250 spin_lock_init(&local->sta_bss_lock);
251 INIT_LIST_HEAD(&local->sta_bss_list);
254 void ieee80211_rx_bss_list_deinit(struct ieee80211_local *local)
256 struct ieee80211_sta_bss *bss, *tmp;
258 list_for_each_entry_safe(bss, tmp, &local->sta_bss_list, list)
259 ieee80211_rx_bss_put(local, bss);
262 static u8 *ieee80211_bss_get_ie(struct ieee80211_sta_bss *bss, u8 ie)
269 end = pos + bss->ies_len;
271 while (pos + 1 < end) {
272 if (pos + 2 + pos[1] > end)
283 static int ecw2cw(int ecw)
285 return (1 << ecw) - 1;
288 /* frame sending functions */
289 void ieee80211_sta_tx(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
292 skb->dev = sdata->local->mdev;
293 skb_set_mac_header(skb, 0);
294 skb_set_network_header(skb, 0);
295 skb_set_transport_header(skb, 0);
297 skb->iif = sdata->dev->ifindex;
298 skb->do_not_encrypt = !encrypt;
303 static void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
304 struct ieee80211_if_sta *ifsta,
305 int transaction, u8 *extra, size_t extra_len,
308 struct ieee80211_local *local = sdata->local;
310 struct ieee80211_mgmt *mgmt;
312 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
313 sizeof(*mgmt) + 6 + extra_len);
315 printk(KERN_DEBUG "%s: failed to allocate buffer for auth "
316 "frame\n", sdata->dev->name);
319 skb_reserve(skb, local->hw.extra_tx_headroom);
321 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24 + 6);
322 memset(mgmt, 0, 24 + 6);
323 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
324 IEEE80211_STYPE_AUTH);
326 mgmt->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
327 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
328 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
329 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
330 mgmt->u.auth.auth_alg = cpu_to_le16(ifsta->auth_alg);
331 mgmt->u.auth.auth_transaction = cpu_to_le16(transaction);
332 ifsta->auth_transaction = transaction + 1;
333 mgmt->u.auth.status_code = cpu_to_le16(0);
335 memcpy(skb_put(skb, extra_len), extra, extra_len);
337 ieee80211_sta_tx(sdata, skb, encrypt);
340 void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
341 u8 *ssid, size_t ssid_len)
343 struct ieee80211_local *local = sdata->local;
344 struct ieee80211_supported_band *sband;
346 struct ieee80211_mgmt *mgmt;
347 u8 *pos, *supp_rates, *esupp_rates = NULL;
350 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) + 200);
352 printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
353 "request\n", sdata->dev->name);
356 skb_reserve(skb, local->hw.extra_tx_headroom);
358 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
360 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
361 IEEE80211_STYPE_PROBE_REQ);
362 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
364 memcpy(mgmt->da, dst, ETH_ALEN);
365 memcpy(mgmt->bssid, dst, ETH_ALEN);
367 memset(mgmt->da, 0xff, ETH_ALEN);
368 memset(mgmt->bssid, 0xff, ETH_ALEN);
370 pos = skb_put(skb, 2 + ssid_len);
371 *pos++ = WLAN_EID_SSID;
373 memcpy(pos, ssid, ssid_len);
375 supp_rates = skb_put(skb, 2);
376 supp_rates[0] = WLAN_EID_SUPP_RATES;
378 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
380 for (i = 0; i < sband->n_bitrates; i++) {
381 struct ieee80211_rate *rate = &sband->bitrates[i];
383 pos = skb_put(skb, 1);
385 } else if (supp_rates[1] == 8) {
386 esupp_rates = skb_put(skb, 3);
387 esupp_rates[0] = WLAN_EID_EXT_SUPP_RATES;
389 pos = &esupp_rates[2];
391 pos = skb_put(skb, 1);
394 *pos = rate->bitrate / 5;
397 ieee80211_sta_tx(sdata, skb, 0);
401 static void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata,
402 struct ieee80211_sta_bss *bss,
405 struct ieee80211_local *local = sdata->local;
406 int i, have_higher_than_11mbit = 0;
409 /* cf. IEEE 802.11 9.2.12 */
410 for (i = 0; i < bss->supp_rates_len; i++)
411 if ((bss->supp_rates[i] & 0x7f) * 5 > 110)
412 have_higher_than_11mbit = 1;
414 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
415 have_higher_than_11mbit)
416 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
418 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
421 if (local->ops->conf_tx) {
422 struct ieee80211_tx_queue_params qparam;
424 memset(&qparam, 0, sizeof(qparam));
428 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
429 !(sdata->flags & IEEE80211_SDATA_OPERATING_GMODE))
434 qparam.cw_max = 1023;
437 for (i = 0; i < local_to_hw(local)->queues; i++)
438 local->ops->conf_tx(local_to_hw(local), i, &qparam);
442 static void ieee80211_sta_wmm_params(struct ieee80211_local *local,
443 struct ieee80211_if_sta *ifsta,
444 u8 *wmm_param, size_t wmm_param_len)
446 struct ieee80211_tx_queue_params params;
451 if (!(ifsta->flags & IEEE80211_STA_WMM_ENABLED))
457 if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1)
459 count = wmm_param[6] & 0x0f;
460 if (count == ifsta->wmm_last_param_set)
462 ifsta->wmm_last_param_set = count;
465 left = wmm_param_len - 8;
467 memset(¶ms, 0, sizeof(params));
469 if (!local->ops->conf_tx)
473 for (; left >= 4; left -= 4, pos += 4) {
474 int aci = (pos[0] >> 5) & 0x03;
475 int acm = (pos[0] >> 4) & 0x01;
482 local->wmm_acm |= BIT(0) | BIT(3);
487 local->wmm_acm |= BIT(4) | BIT(5);
492 local->wmm_acm |= BIT(6) | BIT(7);
498 local->wmm_acm |= BIT(1) | BIT(2);
502 params.aifs = pos[0] & 0x0f;
503 params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4);
504 params.cw_min = ecw2cw(pos[1] & 0x0f);
505 params.txop = get_unaligned_le16(pos + 2);
506 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
507 printk(KERN_DEBUG "%s: WMM queue=%d aci=%d acm=%d aifs=%d "
508 "cWmin=%d cWmax=%d txop=%d\n",
509 local->mdev->name, queue, aci, acm, params.aifs, params.cw_min,
510 params.cw_max, params.txop);
512 /* TODO: handle ACM (block TX, fallback to next lowest allowed
514 if (local->ops->conf_tx(local_to_hw(local), queue, ¶ms)) {
515 printk(KERN_DEBUG "%s: failed to set TX queue "
516 "parameters for queue %d\n", local->mdev->name, queue);
521 static u32 ieee80211_handle_protect_preamb(struct ieee80211_sub_if_data *sdata,
523 bool use_short_preamble)
525 struct ieee80211_bss_conf *bss_conf = &sdata->bss_conf;
526 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
527 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
528 DECLARE_MAC_BUF(mac);
532 if (use_protection != bss_conf->use_cts_prot) {
533 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
534 if (net_ratelimit()) {
535 printk(KERN_DEBUG "%s: CTS protection %s (BSSID="
538 use_protection ? "enabled" : "disabled",
539 print_mac(mac, ifsta->bssid));
542 bss_conf->use_cts_prot = use_protection;
543 changed |= BSS_CHANGED_ERP_CTS_PROT;
546 if (use_short_preamble != bss_conf->use_short_preamble) {
547 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
548 if (net_ratelimit()) {
549 printk(KERN_DEBUG "%s: switched to %s barker preamble"
552 use_short_preamble ? "short" : "long",
553 print_mac(mac, ifsta->bssid));
556 bss_conf->use_short_preamble = use_short_preamble;
557 changed |= BSS_CHANGED_ERP_PREAMBLE;
563 static u32 ieee80211_handle_erp_ie(struct ieee80211_sub_if_data *sdata,
566 bool use_protection = (erp_value & WLAN_ERP_USE_PROTECTION) != 0;
567 bool use_short_preamble = (erp_value & WLAN_ERP_BARKER_PREAMBLE) == 0;
569 return ieee80211_handle_protect_preamb(sdata,
570 use_protection, use_short_preamble);
573 static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
574 struct ieee80211_sta_bss *bss)
578 if (bss->has_erp_value)
579 changed |= ieee80211_handle_erp_ie(sdata, bss->erp_value);
581 u16 capab = bss->capability;
582 changed |= ieee80211_handle_protect_preamb(sdata, false,
583 (capab & WLAN_CAPABILITY_SHORT_PREAMBLE) != 0);
589 int ieee80211_ht_cap_ie_to_ht_info(struct ieee80211_ht_cap *ht_cap_ie,
590 struct ieee80211_ht_info *ht_info)
596 memset(ht_info, 0, sizeof(*ht_info));
599 u8 ampdu_info = ht_cap_ie->ampdu_params_info;
601 ht_info->ht_supported = 1;
602 ht_info->cap = le16_to_cpu(ht_cap_ie->cap_info);
603 ht_info->ampdu_factor =
604 ampdu_info & IEEE80211_HT_CAP_AMPDU_FACTOR;
605 ht_info->ampdu_density =
606 (ampdu_info & IEEE80211_HT_CAP_AMPDU_DENSITY) >> 2;
607 memcpy(ht_info->supp_mcs_set, ht_cap_ie->supp_mcs_set, 16);
609 ht_info->ht_supported = 0;
614 int ieee80211_ht_addt_info_ie_to_ht_bss_info(
615 struct ieee80211_ht_addt_info *ht_add_info_ie,
616 struct ieee80211_ht_bss_info *bss_info)
618 if (bss_info == NULL)
621 memset(bss_info, 0, sizeof(*bss_info));
623 if (ht_add_info_ie) {
625 op_mode = le16_to_cpu(ht_add_info_ie->operation_mode);
627 bss_info->primary_channel = ht_add_info_ie->control_chan;
628 bss_info->bss_cap = ht_add_info_ie->ht_param;
629 bss_info->bss_op_mode = (u8)(op_mode & 0xff);
635 static void ieee80211_sta_send_apinfo(struct ieee80211_sub_if_data *sdata,
636 struct ieee80211_if_sta *ifsta)
638 union iwreq_data wrqu;
639 memset(&wrqu, 0, sizeof(wrqu));
640 if (ifsta->flags & IEEE80211_STA_ASSOCIATED)
641 memcpy(wrqu.ap_addr.sa_data, sdata->u.sta.bssid, ETH_ALEN);
642 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
643 wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL);
646 static void ieee80211_sta_send_associnfo(struct ieee80211_sub_if_data *sdata,
647 struct ieee80211_if_sta *ifsta)
649 union iwreq_data wrqu;
651 if (ifsta->assocreq_ies) {
652 memset(&wrqu, 0, sizeof(wrqu));
653 wrqu.data.length = ifsta->assocreq_ies_len;
654 wireless_send_event(sdata->dev, IWEVASSOCREQIE, &wrqu,
655 ifsta->assocreq_ies);
657 if (ifsta->assocresp_ies) {
658 memset(&wrqu, 0, sizeof(wrqu));
659 wrqu.data.length = ifsta->assocresp_ies_len;
660 wireless_send_event(sdata->dev, IWEVASSOCRESPIE, &wrqu,
661 ifsta->assocresp_ies);
666 static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
667 struct ieee80211_if_sta *ifsta)
669 struct ieee80211_local *local = sdata->local;
670 struct ieee80211_conf *conf = &local_to_hw(local)->conf;
671 u32 changed = BSS_CHANGED_ASSOC;
673 struct ieee80211_sta_bss *bss;
675 ifsta->flags |= IEEE80211_STA_ASSOCIATED;
677 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
680 bss = ieee80211_rx_bss_get(local, ifsta->bssid,
681 conf->channel->center_freq,
682 ifsta->ssid, ifsta->ssid_len);
684 /* set timing information */
685 sdata->bss_conf.beacon_int = bss->beacon_int;
686 sdata->bss_conf.timestamp = bss->timestamp;
687 sdata->bss_conf.dtim_period = bss->dtim_period;
689 changed |= ieee80211_handle_bss_capability(sdata, bss);
691 ieee80211_rx_bss_put(local, bss);
694 if (conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE) {
695 changed |= BSS_CHANGED_HT;
696 sdata->bss_conf.assoc_ht = 1;
697 sdata->bss_conf.ht_conf = &conf->ht_conf;
698 sdata->bss_conf.ht_bss_conf = &conf->ht_bss_conf;
701 ifsta->flags |= IEEE80211_STA_PREV_BSSID_SET;
702 memcpy(ifsta->prev_bssid, sdata->u.sta.bssid, ETH_ALEN);
703 ieee80211_sta_send_associnfo(sdata, ifsta);
705 ifsta->last_probe = jiffies;
706 ieee80211_led_assoc(local, 1);
708 sdata->bss_conf.assoc = 1;
709 ieee80211_bss_info_change_notify(sdata, changed);
711 netif_tx_start_all_queues(sdata->dev);
712 netif_carrier_on(sdata->dev);
714 ieee80211_sta_send_apinfo(sdata, ifsta);
717 static void ieee80211_direct_probe(struct ieee80211_sub_if_data *sdata,
718 struct ieee80211_if_sta *ifsta)
720 DECLARE_MAC_BUF(mac);
722 ifsta->direct_probe_tries++;
723 if (ifsta->direct_probe_tries > IEEE80211_AUTH_MAX_TRIES) {
724 printk(KERN_DEBUG "%s: direct probe to AP %s timed out\n",
725 sdata->dev->name, print_mac(mac, ifsta->bssid));
726 ifsta->state = IEEE80211_STA_MLME_DISABLED;
730 printk(KERN_DEBUG "%s: direct probe to AP %s try %d\n",
731 sdata->dev->name, print_mac(mac, ifsta->bssid),
732 ifsta->direct_probe_tries);
734 ifsta->state = IEEE80211_STA_MLME_DIRECT_PROBE;
736 set_bit(IEEE80211_STA_REQ_DIRECT_PROBE, &ifsta->request);
738 /* Direct probe is sent to broadcast address as some APs
739 * will not answer to direct packet in unassociated state.
741 ieee80211_send_probe_req(sdata, NULL,
742 ifsta->ssid, ifsta->ssid_len);
744 mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
748 static void ieee80211_authenticate(struct ieee80211_sub_if_data *sdata,
749 struct ieee80211_if_sta *ifsta)
751 DECLARE_MAC_BUF(mac);
754 if (ifsta->auth_tries > IEEE80211_AUTH_MAX_TRIES) {
755 printk(KERN_DEBUG "%s: authentication with AP %s"
757 sdata->dev->name, print_mac(mac, ifsta->bssid));
758 ifsta->state = IEEE80211_STA_MLME_DISABLED;
762 ifsta->state = IEEE80211_STA_MLME_AUTHENTICATE;
763 printk(KERN_DEBUG "%s: authenticate with AP %s\n",
764 sdata->dev->name, print_mac(mac, ifsta->bssid));
766 ieee80211_send_auth(sdata, ifsta, 1, NULL, 0, 0);
768 mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
771 static int ieee80211_compatible_rates(struct ieee80211_sta_bss *bss,
772 struct ieee80211_supported_band *sband,
778 for (i = 0; i < bss->supp_rates_len; i++) {
779 int rate = (bss->supp_rates[i] & 0x7F) * 5;
781 for (j = 0; j < sband->n_bitrates; j++)
782 if (sband->bitrates[j].bitrate == rate) {
792 static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
793 struct ieee80211_if_sta *ifsta)
795 struct ieee80211_local *local = sdata->local;
797 struct ieee80211_mgmt *mgmt;
798 u8 *pos, *ies, *ht_add_ie;
799 int i, len, count, rates_len, supp_rates_len;
801 struct ieee80211_sta_bss *bss;
803 struct ieee80211_supported_band *sband;
806 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
807 sizeof(*mgmt) + 200 + ifsta->extra_ie_len +
810 printk(KERN_DEBUG "%s: failed to allocate buffer for assoc "
811 "frame\n", sdata->dev->name);
814 skb_reserve(skb, local->hw.extra_tx_headroom);
816 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
818 capab = ifsta->capab;
820 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ) {
821 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
822 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
823 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE))
824 capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
827 bss = ieee80211_rx_bss_get(local, ifsta->bssid,
828 local->hw.conf.channel->center_freq,
829 ifsta->ssid, ifsta->ssid_len);
831 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
832 capab |= WLAN_CAPABILITY_PRIVACY;
836 /* get all rates supported by the device and the AP as
837 * some APs don't like getting a superset of their rates
838 * in the association request (e.g. D-Link DAP 1353 in
840 rates_len = ieee80211_compatible_rates(bss, sband, &rates);
842 if ((bss->capability & WLAN_CAPABILITY_SPECTRUM_MGMT) &&
843 (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT))
844 capab |= WLAN_CAPABILITY_SPECTRUM_MGMT;
846 ieee80211_rx_bss_put(local, bss);
849 rates_len = sband->n_bitrates;
852 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
854 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
855 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
856 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
858 if (ifsta->flags & IEEE80211_STA_PREV_BSSID_SET) {
860 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
861 IEEE80211_STYPE_REASSOC_REQ);
862 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
863 mgmt->u.reassoc_req.listen_interval =
864 cpu_to_le16(local->hw.conf.listen_interval);
865 memcpy(mgmt->u.reassoc_req.current_ap, ifsta->prev_bssid,
869 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
870 IEEE80211_STYPE_ASSOC_REQ);
871 mgmt->u.assoc_req.capab_info = cpu_to_le16(capab);
872 mgmt->u.reassoc_req.listen_interval =
873 cpu_to_le16(local->hw.conf.listen_interval);
877 ies = pos = skb_put(skb, 2 + ifsta->ssid_len);
878 *pos++ = WLAN_EID_SSID;
879 *pos++ = ifsta->ssid_len;
880 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
882 /* add all rates which were marked to be used above */
883 supp_rates_len = rates_len;
884 if (supp_rates_len > 8)
887 len = sband->n_bitrates;
888 pos = skb_put(skb, supp_rates_len + 2);
889 *pos++ = WLAN_EID_SUPP_RATES;
890 *pos++ = supp_rates_len;
893 for (i = 0; i < sband->n_bitrates; i++) {
894 if (BIT(i) & rates) {
895 int rate = sband->bitrates[i].bitrate;
896 *pos++ = (u8) (rate / 5);
902 if (rates_len > count) {
903 pos = skb_put(skb, rates_len - count + 2);
904 *pos++ = WLAN_EID_EXT_SUPP_RATES;
905 *pos++ = rates_len - count;
907 for (i++; i < sband->n_bitrates; i++) {
908 if (BIT(i) & rates) {
909 int rate = sband->bitrates[i].bitrate;
910 *pos++ = (u8) (rate / 5);
915 if (capab & WLAN_CAPABILITY_SPECTRUM_MGMT) {
916 /* 1. power capabilities */
917 pos = skb_put(skb, 4);
918 *pos++ = WLAN_EID_PWR_CAPABILITY;
920 *pos++ = 0; /* min tx power */
921 *pos++ = local->hw.conf.channel->max_power; /* max tx power */
923 /* 2. supported channels */
924 /* TODO: get this in reg domain format */
925 pos = skb_put(skb, 2 * sband->n_channels + 2);
926 *pos++ = WLAN_EID_SUPPORTED_CHANNELS;
927 *pos++ = 2 * sband->n_channels;
928 for (i = 0; i < sband->n_channels; i++) {
929 *pos++ = ieee80211_frequency_to_channel(
930 sband->channels[i].center_freq);
931 *pos++ = 1; /* one channel in the subband*/
935 if (ifsta->extra_ie) {
936 pos = skb_put(skb, ifsta->extra_ie_len);
937 memcpy(pos, ifsta->extra_ie, ifsta->extra_ie_len);
940 if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
941 pos = skb_put(skb, 9);
942 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
943 *pos++ = 7; /* len */
944 *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */
947 *pos++ = 2; /* WME */
948 *pos++ = 0; /* WME info */
949 *pos++ = 1; /* WME ver */
953 /* wmm support is a must to HT */
954 if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED) &&
955 sband->ht_info.ht_supported &&
956 (ht_add_ie = ieee80211_bss_get_ie(bss, WLAN_EID_HT_EXTRA_INFO))) {
957 struct ieee80211_ht_addt_info *ht_add_info =
958 (struct ieee80211_ht_addt_info *)ht_add_ie;
959 u16 cap = sband->ht_info.cap;
961 u32 flags = local->hw.conf.channel->flags;
963 switch (ht_add_info->ht_param & IEEE80211_HT_IE_CHA_SEC_OFFSET) {
964 case IEEE80211_HT_IE_CHA_SEC_ABOVE:
965 if (flags & IEEE80211_CHAN_NO_FAT_ABOVE) {
966 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH;
967 cap &= ~IEEE80211_HT_CAP_SGI_40;
970 case IEEE80211_HT_IE_CHA_SEC_BELOW:
971 if (flags & IEEE80211_CHAN_NO_FAT_BELOW) {
972 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH;
973 cap &= ~IEEE80211_HT_CAP_SGI_40;
978 tmp = cpu_to_le16(cap);
979 pos = skb_put(skb, sizeof(struct ieee80211_ht_cap)+2);
980 *pos++ = WLAN_EID_HT_CAPABILITY;
981 *pos++ = sizeof(struct ieee80211_ht_cap);
982 memset(pos, 0, sizeof(struct ieee80211_ht_cap));
983 memcpy(pos, &tmp, sizeof(u16));
985 /* TODO: needs a define here for << 2 */
986 *pos++ = sband->ht_info.ampdu_factor |
987 (sband->ht_info.ampdu_density << 2);
988 memcpy(pos, sband->ht_info.supp_mcs_set, 16);
991 kfree(ifsta->assocreq_ies);
992 ifsta->assocreq_ies_len = (skb->data + skb->len) - ies;
993 ifsta->assocreq_ies = kmalloc(ifsta->assocreq_ies_len, GFP_KERNEL);
994 if (ifsta->assocreq_ies)
995 memcpy(ifsta->assocreq_ies, ies, ifsta->assocreq_ies_len);
997 ieee80211_sta_tx(sdata, skb, 0);
1001 static void ieee80211_send_deauth(struct ieee80211_sub_if_data *sdata,
1002 struct ieee80211_if_sta *ifsta, u16 reason)
1004 struct ieee80211_local *local = sdata->local;
1005 struct sk_buff *skb;
1006 struct ieee80211_mgmt *mgmt;
1008 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
1010 printk(KERN_DEBUG "%s: failed to allocate buffer for deauth "
1011 "frame\n", sdata->dev->name);
1014 skb_reserve(skb, local->hw.extra_tx_headroom);
1016 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
1017 memset(mgmt, 0, 24);
1018 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
1019 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
1020 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1021 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1022 IEEE80211_STYPE_DEAUTH);
1024 mgmt->u.deauth.reason_code = cpu_to_le16(reason);
1026 ieee80211_sta_tx(sdata, skb, 0);
1029 static int ieee80211_sta_wep_configured(struct ieee80211_sub_if_data *sdata)
1031 if (!sdata || !sdata->default_key ||
1032 sdata->default_key->conf.alg != ALG_WEP)
1037 static void ieee80211_send_disassoc(struct ieee80211_sub_if_data *sdata,
1038 struct ieee80211_if_sta *ifsta, u16 reason)
1040 struct ieee80211_local *local = sdata->local;
1041 struct sk_buff *skb;
1042 struct ieee80211_mgmt *mgmt;
1044 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
1046 printk(KERN_DEBUG "%s: failed to allocate buffer for disassoc "
1047 "frame\n", sdata->dev->name);
1050 skb_reserve(skb, local->hw.extra_tx_headroom);
1052 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
1053 memset(mgmt, 0, 24);
1054 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
1055 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
1056 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1057 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1058 IEEE80211_STYPE_DISASSOC);
1060 mgmt->u.disassoc.reason_code = cpu_to_le16(reason);
1062 ieee80211_sta_tx(sdata, skb, 0);
1065 static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
1066 struct ieee80211_if_sta *ifsta, bool deauth,
1067 bool self_disconnected, u16 reason)
1069 struct ieee80211_local *local = sdata->local;
1070 struct sta_info *sta;
1071 u32 changed = BSS_CHANGED_ASSOC;
1075 sta = sta_info_get(local, ifsta->bssid);
1082 ifsta->direct_probe_tries = 0;
1083 ifsta->auth_tries = 0;
1085 ifsta->assoc_scan_tries = 0;
1086 ifsta->assoc_tries = 0;
1088 netif_tx_stop_all_queues(sdata->dev);
1089 netif_carrier_off(sdata->dev);
1091 ieee80211_sta_tear_down_BA_sessions(sdata, sta->addr);
1093 if (self_disconnected) {
1095 ieee80211_send_deauth(sdata, ifsta, reason);
1097 ieee80211_send_disassoc(sdata, ifsta, reason);
1100 ifsta->flags &= ~IEEE80211_STA_ASSOCIATED;
1101 changed |= ieee80211_reset_erp_info(sdata);
1103 if (sdata->bss_conf.assoc_ht)
1104 changed |= BSS_CHANGED_HT;
1106 sdata->bss_conf.assoc_ht = 0;
1107 sdata->bss_conf.ht_conf = NULL;
1108 sdata->bss_conf.ht_bss_conf = NULL;
1110 ieee80211_led_assoc(local, 0);
1111 sdata->bss_conf.assoc = 0;
1113 ieee80211_sta_send_apinfo(sdata, ifsta);
1115 if (self_disconnected)
1116 ifsta->state = IEEE80211_STA_MLME_DISABLED;
1118 sta_info_unlink(&sta);
1122 sta_info_destroy(sta);
1125 static int ieee80211_privacy_mismatch(struct ieee80211_sub_if_data *sdata,
1126 struct ieee80211_if_sta *ifsta)
1128 struct ieee80211_local *local = sdata->local;
1129 struct ieee80211_sta_bss *bss;
1132 int privacy_invoked;
1134 if (!ifsta || (ifsta->flags & IEEE80211_STA_MIXED_CELL))
1137 bss = ieee80211_rx_bss_get(local, ifsta->bssid,
1138 local->hw.conf.channel->center_freq,
1139 ifsta->ssid, ifsta->ssid_len);
1143 bss_privacy = !!(bss->capability & WLAN_CAPABILITY_PRIVACY);
1144 wep_privacy = !!ieee80211_sta_wep_configured(sdata);
1145 privacy_invoked = !!(ifsta->flags & IEEE80211_STA_PRIVACY_INVOKED);
1147 ieee80211_rx_bss_put(local, bss);
1149 if ((bss_privacy == wep_privacy) || (bss_privacy == privacy_invoked))
1155 static void ieee80211_associate(struct ieee80211_sub_if_data *sdata,
1156 struct ieee80211_if_sta *ifsta)
1158 DECLARE_MAC_BUF(mac);
1160 ifsta->assoc_tries++;
1161 if (ifsta->assoc_tries > IEEE80211_ASSOC_MAX_TRIES) {
1162 printk(KERN_DEBUG "%s: association with AP %s"
1164 sdata->dev->name, print_mac(mac, ifsta->bssid));
1165 ifsta->state = IEEE80211_STA_MLME_DISABLED;
1169 ifsta->state = IEEE80211_STA_MLME_ASSOCIATE;
1170 printk(KERN_DEBUG "%s: associate with AP %s\n",
1171 sdata->dev->name, print_mac(mac, ifsta->bssid));
1172 if (ieee80211_privacy_mismatch(sdata, ifsta)) {
1173 printk(KERN_DEBUG "%s: mismatch in privacy configuration and "
1174 "mixed-cell disabled - abort association\n", sdata->dev->name);
1175 ifsta->state = IEEE80211_STA_MLME_DISABLED;
1179 ieee80211_send_assoc(sdata, ifsta);
1181 mod_timer(&ifsta->timer, jiffies + IEEE80211_ASSOC_TIMEOUT);
1185 static void ieee80211_associated(struct ieee80211_sub_if_data *sdata,
1186 struct ieee80211_if_sta *ifsta)
1188 struct ieee80211_local *local = sdata->local;
1189 struct sta_info *sta;
1191 DECLARE_MAC_BUF(mac);
1193 /* TODO: start monitoring current AP signal quality and number of
1194 * missed beacons. Scan other channels every now and then and search
1195 * for better APs. */
1196 /* TODO: remove expired BSSes */
1198 ifsta->state = IEEE80211_STA_MLME_ASSOCIATED;
1202 sta = sta_info_get(local, ifsta->bssid);
1204 printk(KERN_DEBUG "%s: No STA entry for own AP %s\n",
1205 sdata->dev->name, print_mac(mac, ifsta->bssid));
1209 if (time_after(jiffies,
1210 sta->last_rx + IEEE80211_MONITORING_INTERVAL)) {
1211 if (ifsta->flags & IEEE80211_STA_PROBEREQ_POLL) {
1212 printk(KERN_DEBUG "%s: No ProbeResp from "
1213 "current AP %s - assume out of "
1215 sdata->dev->name, print_mac(mac, ifsta->bssid));
1218 ieee80211_send_probe_req(sdata, ifsta->bssid,
1220 local->scan_ssid_len);
1221 ifsta->flags ^= IEEE80211_STA_PROBEREQ_POLL;
1223 ifsta->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
1224 if (time_after(jiffies, ifsta->last_probe +
1225 IEEE80211_PROBE_INTERVAL)) {
1226 ifsta->last_probe = jiffies;
1227 ieee80211_send_probe_req(sdata, ifsta->bssid,
1237 ieee80211_set_disassoc(sdata, ifsta, true, true,
1238 WLAN_REASON_PREV_AUTH_NOT_VALID);
1240 mod_timer(&ifsta->timer, jiffies +
1241 IEEE80211_MONITORING_INTERVAL);
1245 static void ieee80211_auth_completed(struct ieee80211_sub_if_data *sdata,
1246 struct ieee80211_if_sta *ifsta)
1248 printk(KERN_DEBUG "%s: authenticated\n", sdata->dev->name);
1249 ifsta->flags |= IEEE80211_STA_AUTHENTICATED;
1250 ieee80211_associate(sdata, ifsta);
1254 static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata,
1255 struct ieee80211_if_sta *ifsta,
1256 struct ieee80211_mgmt *mgmt,
1260 struct ieee802_11_elems elems;
1262 pos = mgmt->u.auth.variable;
1263 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
1264 if (!elems.challenge)
1266 ieee80211_send_auth(sdata, ifsta, 3, elems.challenge - 2,
1267 elems.challenge_len + 2, 1);
1270 static void ieee80211_send_addba_resp(struct ieee80211_sub_if_data *sdata, u8 *da, u16 tid,
1271 u8 dialog_token, u16 status, u16 policy,
1272 u16 buf_size, u16 timeout)
1274 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
1275 struct ieee80211_local *local = sdata->local;
1276 struct sk_buff *skb;
1277 struct ieee80211_mgmt *mgmt;
1280 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
1283 printk(KERN_DEBUG "%s: failed to allocate buffer "
1284 "for addba resp frame\n", sdata->dev->name);
1288 skb_reserve(skb, local->hw.extra_tx_headroom);
1289 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
1290 memset(mgmt, 0, 24);
1291 memcpy(mgmt->da, da, ETH_ALEN);
1292 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
1293 if (sdata->vif.type == IEEE80211_IF_TYPE_AP)
1294 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN);
1296 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1297 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1298 IEEE80211_STYPE_ACTION);
1300 skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_resp));
1301 mgmt->u.action.category = WLAN_CATEGORY_BACK;
1302 mgmt->u.action.u.addba_resp.action_code = WLAN_ACTION_ADDBA_RESP;
1303 mgmt->u.action.u.addba_resp.dialog_token = dialog_token;
1305 capab = (u16)(policy << 1); /* bit 1 aggregation policy */
1306 capab |= (u16)(tid << 2); /* bit 5:2 TID number */
1307 capab |= (u16)(buf_size << 6); /* bit 15:6 max size of aggregation */
1309 mgmt->u.action.u.addba_resp.capab = cpu_to_le16(capab);
1310 mgmt->u.action.u.addba_resp.timeout = cpu_to_le16(timeout);
1311 mgmt->u.action.u.addba_resp.status = cpu_to_le16(status);
1313 ieee80211_sta_tx(sdata, skb, 0);
1318 void ieee80211_send_addba_request(struct ieee80211_sub_if_data *sdata, const u8 *da,
1319 u16 tid, u8 dialog_token, u16 start_seq_num,
1320 u16 agg_size, u16 timeout)
1322 struct ieee80211_local *local = sdata->local;
1323 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
1324 struct sk_buff *skb;
1325 struct ieee80211_mgmt *mgmt;
1328 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
1331 printk(KERN_ERR "%s: failed to allocate buffer "
1332 "for addba request frame\n", sdata->dev->name);
1335 skb_reserve(skb, local->hw.extra_tx_headroom);
1336 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
1337 memset(mgmt, 0, 24);
1338 memcpy(mgmt->da, da, ETH_ALEN);
1339 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
1340 if (sdata->vif.type == IEEE80211_IF_TYPE_AP)
1341 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN);
1343 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1345 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1346 IEEE80211_STYPE_ACTION);
1348 skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_req));
1350 mgmt->u.action.category = WLAN_CATEGORY_BACK;
1351 mgmt->u.action.u.addba_req.action_code = WLAN_ACTION_ADDBA_REQ;
1353 mgmt->u.action.u.addba_req.dialog_token = dialog_token;
1354 capab = (u16)(1 << 1); /* bit 1 aggregation policy */
1355 capab |= (u16)(tid << 2); /* bit 5:2 TID number */
1356 capab |= (u16)(agg_size << 6); /* bit 15:6 max size of aggergation */
1358 mgmt->u.action.u.addba_req.capab = cpu_to_le16(capab);
1360 mgmt->u.action.u.addba_req.timeout = cpu_to_le16(timeout);
1361 mgmt->u.action.u.addba_req.start_seq_num =
1362 cpu_to_le16(start_seq_num << 4);
1364 ieee80211_sta_tx(sdata, skb, 0);
1368 * After accepting the AddBA Request we activated a timer,
1369 * resetting it after each frame that arrives from the originator.
1370 * if this timer expires ieee80211_sta_stop_rx_ba_session will be executed.
1372 static void sta_rx_agg_session_timer_expired(unsigned long data)
1374 /* not an elegant detour, but there is no choice as the timer passes
1375 * only one argument, and various sta_info are needed here, so init
1376 * flow in sta_info_create gives the TID as data, while the timer_to_id
1377 * array gives the sta through container_of */
1378 u8 *ptid = (u8 *)data;
1379 u8 *timer_to_id = ptid - *ptid;
1380 struct sta_info *sta = container_of(timer_to_id, struct sta_info,
1383 #ifdef CONFIG_MAC80211_HT_DEBUG
1384 printk(KERN_DEBUG "rx session timer expired on tid %d\n", (u16)*ptid);
1386 ieee80211_sta_stop_rx_ba_session(sta->sdata, sta->addr,
1387 (u16)*ptid, WLAN_BACK_TIMER,
1388 WLAN_REASON_QSTA_TIMEOUT);
1391 static void ieee80211_sta_process_addba_request(struct ieee80211_local *local,
1392 struct ieee80211_mgmt *mgmt,
1395 struct ieee80211_hw *hw = &local->hw;
1396 struct ieee80211_conf *conf = &hw->conf;
1397 struct sta_info *sta;
1398 struct tid_ampdu_rx *tid_agg_rx;
1399 u16 capab, tid, timeout, ba_policy, buf_size, start_seq_num, status;
1401 int ret = -EOPNOTSUPP;
1402 DECLARE_MAC_BUF(mac);
1406 sta = sta_info_get(local, mgmt->sa);
1412 /* extract session parameters from addba request frame */
1413 dialog_token = mgmt->u.action.u.addba_req.dialog_token;
1414 timeout = le16_to_cpu(mgmt->u.action.u.addba_req.timeout);
1416 le16_to_cpu(mgmt->u.action.u.addba_req.start_seq_num) >> 4;
1418 capab = le16_to_cpu(mgmt->u.action.u.addba_req.capab);
1419 ba_policy = (capab & IEEE80211_ADDBA_PARAM_POLICY_MASK) >> 1;
1420 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
1421 buf_size = (capab & IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK) >> 6;
1423 status = WLAN_STATUS_REQUEST_DECLINED;
1425 /* sanity check for incoming parameters:
1426 * check if configuration can support the BA policy
1427 * and if buffer size does not exceeds max value */
1428 if (((ba_policy != 1)
1429 && (!(conf->ht_conf.cap & IEEE80211_HT_CAP_DELAY_BA)))
1430 || (buf_size > IEEE80211_MAX_AMPDU_BUF)) {
1431 status = WLAN_STATUS_INVALID_QOS_PARAM;
1432 #ifdef CONFIG_MAC80211_HT_DEBUG
1433 if (net_ratelimit())
1434 printk(KERN_DEBUG "AddBA Req with bad params from "
1435 "%s on tid %u. policy %d, buffer size %d\n",
1436 print_mac(mac, mgmt->sa), tid, ba_policy,
1438 #endif /* CONFIG_MAC80211_HT_DEBUG */
1441 /* determine default buffer size */
1442 if (buf_size == 0) {
1443 struct ieee80211_supported_band *sband;
1445 sband = local->hw.wiphy->bands[conf->channel->band];
1446 buf_size = IEEE80211_MIN_AMPDU_BUF;
1447 buf_size = buf_size << sband->ht_info.ampdu_factor;
1451 /* examine state machine */
1452 spin_lock_bh(&sta->lock);
1454 if (sta->ampdu_mlme.tid_state_rx[tid] != HT_AGG_STATE_IDLE) {
1455 #ifdef CONFIG_MAC80211_HT_DEBUG
1456 if (net_ratelimit())
1457 printk(KERN_DEBUG "unexpected AddBA Req from "
1459 print_mac(mac, mgmt->sa), tid);
1460 #endif /* CONFIG_MAC80211_HT_DEBUG */
1464 /* prepare A-MPDU MLME for Rx aggregation */
1465 sta->ampdu_mlme.tid_rx[tid] =
1466 kmalloc(sizeof(struct tid_ampdu_rx), GFP_ATOMIC);
1467 if (!sta->ampdu_mlme.tid_rx[tid]) {
1468 #ifdef CONFIG_MAC80211_HT_DEBUG
1469 if (net_ratelimit())
1470 printk(KERN_ERR "allocate rx mlme to tid %d failed\n",
1476 sta->ampdu_mlme.tid_rx[tid]->session_timer.function =
1477 sta_rx_agg_session_timer_expired;
1478 sta->ampdu_mlme.tid_rx[tid]->session_timer.data =
1479 (unsigned long)&sta->timer_to_tid[tid];
1480 init_timer(&sta->ampdu_mlme.tid_rx[tid]->session_timer);
1482 tid_agg_rx = sta->ampdu_mlme.tid_rx[tid];
1484 /* prepare reordering buffer */
1485 tid_agg_rx->reorder_buf =
1486 kmalloc(buf_size * sizeof(struct sk_buff *), GFP_ATOMIC);
1487 if (!tid_agg_rx->reorder_buf) {
1488 #ifdef CONFIG_MAC80211_HT_DEBUG
1489 if (net_ratelimit())
1490 printk(KERN_ERR "can not allocate reordering buffer "
1491 "to tid %d\n", tid);
1493 kfree(sta->ampdu_mlme.tid_rx[tid]);
1496 memset(tid_agg_rx->reorder_buf, 0,
1497 buf_size * sizeof(struct sk_buff *));
1499 if (local->ops->ampdu_action)
1500 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_START,
1501 sta->addr, tid, &start_seq_num);
1502 #ifdef CONFIG_MAC80211_HT_DEBUG
1503 printk(KERN_DEBUG "Rx A-MPDU request on tid %d result %d\n", tid, ret);
1504 #endif /* CONFIG_MAC80211_HT_DEBUG */
1507 kfree(tid_agg_rx->reorder_buf);
1509 sta->ampdu_mlme.tid_rx[tid] = NULL;
1513 /* change state and send addba resp */
1514 sta->ampdu_mlme.tid_state_rx[tid] = HT_AGG_STATE_OPERATIONAL;
1515 tid_agg_rx->dialog_token = dialog_token;
1516 tid_agg_rx->ssn = start_seq_num;
1517 tid_agg_rx->head_seq_num = start_seq_num;
1518 tid_agg_rx->buf_size = buf_size;
1519 tid_agg_rx->timeout = timeout;
1520 tid_agg_rx->stored_mpdu_num = 0;
1521 status = WLAN_STATUS_SUCCESS;
1523 spin_unlock_bh(&sta->lock);
1526 ieee80211_send_addba_resp(sta->sdata, sta->addr, tid,
1527 dialog_token, status, 1, buf_size, timeout);
1531 static void ieee80211_sta_process_addba_resp(struct ieee80211_local *local,
1532 struct ieee80211_mgmt *mgmt,
1535 struct ieee80211_hw *hw = &local->hw;
1536 struct sta_info *sta;
1543 sta = sta_info_get(local, mgmt->sa);
1549 capab = le16_to_cpu(mgmt->u.action.u.addba_resp.capab);
1550 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
1552 state = &sta->ampdu_mlme.tid_state_tx[tid];
1554 spin_lock_bh(&sta->lock);
1556 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
1557 spin_unlock_bh(&sta->lock);
1558 goto addba_resp_exit;
1561 if (mgmt->u.action.u.addba_resp.dialog_token !=
1562 sta->ampdu_mlme.tid_tx[tid]->dialog_token) {
1563 spin_unlock_bh(&sta->lock);
1564 #ifdef CONFIG_MAC80211_HT_DEBUG
1565 printk(KERN_DEBUG "wrong addBA response token, tid %d\n", tid);
1566 #endif /* CONFIG_MAC80211_HT_DEBUG */
1567 goto addba_resp_exit;
1570 del_timer_sync(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
1571 #ifdef CONFIG_MAC80211_HT_DEBUG
1572 printk(KERN_DEBUG "switched off addBA timer for tid %d \n", tid);
1573 #endif /* CONFIG_MAC80211_HT_DEBUG */
1574 if (le16_to_cpu(mgmt->u.action.u.addba_resp.status)
1575 == WLAN_STATUS_SUCCESS) {
1576 *state |= HT_ADDBA_RECEIVED_MSK;
1577 sta->ampdu_mlme.addba_req_num[tid] = 0;
1579 if (*state == HT_AGG_STATE_OPERATIONAL)
1580 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]);
1582 spin_unlock_bh(&sta->lock);
1584 sta->ampdu_mlme.addba_req_num[tid]++;
1585 /* this will allow the state check in stop_BA_session */
1586 *state = HT_AGG_STATE_OPERATIONAL;
1587 spin_unlock_bh(&sta->lock);
1588 ieee80211_stop_tx_ba_session(hw, sta->addr, tid,
1589 WLAN_BACK_INITIATOR);
1596 void ieee80211_send_delba(struct ieee80211_sub_if_data *sdata, const u8 *da, u16 tid,
1597 u16 initiator, u16 reason_code)
1599 struct ieee80211_local *local = sdata->local;
1600 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
1601 struct sk_buff *skb;
1602 struct ieee80211_mgmt *mgmt;
1605 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
1608 printk(KERN_ERR "%s: failed to allocate buffer "
1609 "for delba frame\n", sdata->dev->name);
1613 skb_reserve(skb, local->hw.extra_tx_headroom);
1614 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
1615 memset(mgmt, 0, 24);
1616 memcpy(mgmt->da, da, ETH_ALEN);
1617 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
1618 if (sdata->vif.type == IEEE80211_IF_TYPE_AP)
1619 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN);
1621 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1622 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1623 IEEE80211_STYPE_ACTION);
1625 skb_put(skb, 1 + sizeof(mgmt->u.action.u.delba));
1627 mgmt->u.action.category = WLAN_CATEGORY_BACK;
1628 mgmt->u.action.u.delba.action_code = WLAN_ACTION_DELBA;
1629 params = (u16)(initiator << 11); /* bit 11 initiator */
1630 params |= (u16)(tid << 12); /* bit 15:12 TID number */
1632 mgmt->u.action.u.delba.params = cpu_to_le16(params);
1633 mgmt->u.action.u.delba.reason_code = cpu_to_le16(reason_code);
1635 ieee80211_sta_tx(sdata, skb, 0);
1638 void ieee80211_send_bar(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid, u16 ssn)
1640 struct ieee80211_local *local = sdata->local;
1641 struct sk_buff *skb;
1642 struct ieee80211_bar *bar;
1643 u16 bar_control = 0;
1645 skb = dev_alloc_skb(sizeof(*bar) + local->hw.extra_tx_headroom);
1647 printk(KERN_ERR "%s: failed to allocate buffer for "
1648 "bar frame\n", sdata->dev->name);
1651 skb_reserve(skb, local->hw.extra_tx_headroom);
1652 bar = (struct ieee80211_bar *)skb_put(skb, sizeof(*bar));
1653 memset(bar, 0, sizeof(*bar));
1654 bar->frame_control = cpu_to_le16(IEEE80211_FTYPE_CTL |
1655 IEEE80211_STYPE_BACK_REQ);
1656 memcpy(bar->ra, ra, ETH_ALEN);
1657 memcpy(bar->ta, sdata->dev->dev_addr, ETH_ALEN);
1658 bar_control |= (u16)IEEE80211_BAR_CTRL_ACK_POLICY_NORMAL;
1659 bar_control |= (u16)IEEE80211_BAR_CTRL_CBMTID_COMPRESSED_BA;
1660 bar_control |= (u16)(tid << 12);
1661 bar->control = cpu_to_le16(bar_control);
1662 bar->start_seq_num = cpu_to_le16(ssn);
1664 ieee80211_sta_tx(sdata, skb, 0);
1667 void ieee80211_sta_stop_rx_ba_session(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid,
1668 u16 initiator, u16 reason)
1670 struct ieee80211_local *local = sdata->local;
1671 struct ieee80211_hw *hw = &local->hw;
1672 struct sta_info *sta;
1674 DECLARE_MAC_BUF(mac);
1678 sta = sta_info_get(local, ra);
1684 /* check if TID is in operational state */
1685 spin_lock_bh(&sta->lock);
1686 if (sta->ampdu_mlme.tid_state_rx[tid]
1687 != HT_AGG_STATE_OPERATIONAL) {
1688 spin_unlock_bh(&sta->lock);
1692 sta->ampdu_mlme.tid_state_rx[tid] =
1693 HT_AGG_STATE_REQ_STOP_BA_MSK |
1694 (initiator << HT_AGG_STATE_INITIATOR_SHIFT);
1695 spin_unlock_bh(&sta->lock);
1697 /* stop HW Rx aggregation. ampdu_action existence
1698 * already verified in session init so we add the BUG_ON */
1699 BUG_ON(!local->ops->ampdu_action);
1701 #ifdef CONFIG_MAC80211_HT_DEBUG
1702 printk(KERN_DEBUG "Rx BA session stop requested for %s tid %u\n",
1703 print_mac(mac, ra), tid);
1704 #endif /* CONFIG_MAC80211_HT_DEBUG */
1706 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_STOP,
1709 printk(KERN_DEBUG "HW problem - can not stop rx "
1710 "aggregation for tid %d\n", tid);
1712 /* shutdown timer has not expired */
1713 if (initiator != WLAN_BACK_TIMER)
1714 del_timer_sync(&sta->ampdu_mlme.tid_rx[tid]->session_timer);
1716 /* check if this is a self generated aggregation halt */
1717 if (initiator == WLAN_BACK_RECIPIENT || initiator == WLAN_BACK_TIMER)
1718 ieee80211_send_delba(sdata, ra, tid, 0, reason);
1720 /* free the reordering buffer */
1721 for (i = 0; i < sta->ampdu_mlme.tid_rx[tid]->buf_size; i++) {
1722 if (sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i]) {
1723 /* release the reordered frames */
1724 dev_kfree_skb(sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i]);
1725 sta->ampdu_mlme.tid_rx[tid]->stored_mpdu_num--;
1726 sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i] = NULL;
1729 /* free resources */
1730 kfree(sta->ampdu_mlme.tid_rx[tid]->reorder_buf);
1731 kfree(sta->ampdu_mlme.tid_rx[tid]);
1732 sta->ampdu_mlme.tid_rx[tid] = NULL;
1733 sta->ampdu_mlme.tid_state_rx[tid] = HT_AGG_STATE_IDLE;
1739 static void ieee80211_sta_process_delba(struct ieee80211_sub_if_data *sdata,
1740 struct ieee80211_mgmt *mgmt, size_t len)
1742 struct ieee80211_local *local = sdata->local;
1743 struct sta_info *sta;
1746 DECLARE_MAC_BUF(mac);
1750 sta = sta_info_get(local, mgmt->sa);
1756 params = le16_to_cpu(mgmt->u.action.u.delba.params);
1757 tid = (params & IEEE80211_DELBA_PARAM_TID_MASK) >> 12;
1758 initiator = (params & IEEE80211_DELBA_PARAM_INITIATOR_MASK) >> 11;
1760 #ifdef CONFIG_MAC80211_HT_DEBUG
1761 if (net_ratelimit())
1762 printk(KERN_DEBUG "delba from %s (%s) tid %d reason code %d\n",
1763 print_mac(mac, mgmt->sa),
1764 initiator ? "initiator" : "recipient", tid,
1765 mgmt->u.action.u.delba.reason_code);
1766 #endif /* CONFIG_MAC80211_HT_DEBUG */
1768 if (initiator == WLAN_BACK_INITIATOR)
1769 ieee80211_sta_stop_rx_ba_session(sdata, sta->addr, tid,
1770 WLAN_BACK_INITIATOR, 0);
1771 else { /* WLAN_BACK_RECIPIENT */
1772 spin_lock_bh(&sta->lock);
1773 sta->ampdu_mlme.tid_state_tx[tid] =
1774 HT_AGG_STATE_OPERATIONAL;
1775 spin_unlock_bh(&sta->lock);
1776 ieee80211_stop_tx_ba_session(&local->hw, sta->addr, tid,
1777 WLAN_BACK_RECIPIENT);
1783 * After sending add Block Ack request we activated a timer until
1784 * add Block Ack response will arrive from the recipient.
1785 * If this timer expires sta_addba_resp_timer_expired will be executed.
1787 void sta_addba_resp_timer_expired(unsigned long data)
1789 /* not an elegant detour, but there is no choice as the timer passes
1790 * only one argument, and both sta_info and TID are needed, so init
1791 * flow in sta_info_create gives the TID as data, while the timer_to_id
1792 * array gives the sta through container_of */
1793 u16 tid = *(u8 *)data;
1794 struct sta_info *temp_sta = container_of((void *)data,
1795 struct sta_info, timer_to_tid[tid]);
1797 struct ieee80211_local *local = temp_sta->local;
1798 struct ieee80211_hw *hw = &local->hw;
1799 struct sta_info *sta;
1804 sta = sta_info_get(local, temp_sta->addr);
1810 state = &sta->ampdu_mlme.tid_state_tx[tid];
1811 /* check if the TID waits for addBA response */
1812 spin_lock_bh(&sta->lock);
1813 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
1814 spin_unlock_bh(&sta->lock);
1815 *state = HT_AGG_STATE_IDLE;
1816 #ifdef CONFIG_MAC80211_HT_DEBUG
1817 printk(KERN_DEBUG "timer expired on tid %d but we are not "
1818 "expecting addBA response there", tid);
1820 goto timer_expired_exit;
1823 #ifdef CONFIG_MAC80211_HT_DEBUG
1824 printk(KERN_DEBUG "addBA response timer expired on tid %d\n", tid);
1827 /* go through the state check in stop_BA_session */
1828 *state = HT_AGG_STATE_OPERATIONAL;
1829 spin_unlock_bh(&sta->lock);
1830 ieee80211_stop_tx_ba_session(hw, temp_sta->addr, tid,
1831 WLAN_BACK_INITIATOR);
1837 void ieee80211_sta_tear_down_BA_sessions(struct ieee80211_sub_if_data *sdata, u8 *addr)
1839 struct ieee80211_local *local = sdata->local;
1842 for (i = 0; i < STA_TID_NUM; i++) {
1843 ieee80211_stop_tx_ba_session(&local->hw, addr, i,
1844 WLAN_BACK_INITIATOR);
1845 ieee80211_sta_stop_rx_ba_session(sdata, addr, i,
1846 WLAN_BACK_RECIPIENT,
1847 WLAN_REASON_QSTA_LEAVE_QBSS);
1851 static void ieee80211_send_refuse_measurement_request(struct ieee80211_sub_if_data *sdata,
1852 struct ieee80211_msrment_ie *request_ie,
1853 const u8 *da, const u8 *bssid,
1856 struct ieee80211_local *local = sdata->local;
1857 struct sk_buff *skb;
1858 struct ieee80211_mgmt *msr_report;
1860 skb = dev_alloc_skb(sizeof(*msr_report) + local->hw.extra_tx_headroom +
1861 sizeof(struct ieee80211_msrment_ie));
1864 printk(KERN_ERR "%s: failed to allocate buffer for "
1865 "measurement report frame\n", sdata->dev->name);
1869 skb_reserve(skb, local->hw.extra_tx_headroom);
1870 msr_report = (struct ieee80211_mgmt *)skb_put(skb, 24);
1871 memset(msr_report, 0, 24);
1872 memcpy(msr_report->da, da, ETH_ALEN);
1873 memcpy(msr_report->sa, sdata->dev->dev_addr, ETH_ALEN);
1874 memcpy(msr_report->bssid, bssid, ETH_ALEN);
1875 msr_report->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1876 IEEE80211_STYPE_ACTION);
1878 skb_put(skb, 1 + sizeof(msr_report->u.action.u.measurement));
1879 msr_report->u.action.category = WLAN_CATEGORY_SPECTRUM_MGMT;
1880 msr_report->u.action.u.measurement.action_code =
1881 WLAN_ACTION_SPCT_MSR_RPRT;
1882 msr_report->u.action.u.measurement.dialog_token = dialog_token;
1884 msr_report->u.action.u.measurement.element_id = WLAN_EID_MEASURE_REPORT;
1885 msr_report->u.action.u.measurement.length =
1886 sizeof(struct ieee80211_msrment_ie);
1888 memset(&msr_report->u.action.u.measurement.msr_elem, 0,
1889 sizeof(struct ieee80211_msrment_ie));
1890 msr_report->u.action.u.measurement.msr_elem.token = request_ie->token;
1891 msr_report->u.action.u.measurement.msr_elem.mode |=
1892 IEEE80211_SPCT_MSR_RPRT_MODE_REFUSED;
1893 msr_report->u.action.u.measurement.msr_elem.type = request_ie->type;
1895 ieee80211_sta_tx(sdata, skb, 0);
1898 static void ieee80211_sta_process_measurement_req(struct ieee80211_sub_if_data *sdata,
1899 struct ieee80211_mgmt *mgmt,
1903 * Ignoring measurement request is spec violation.
1904 * Mandatory measurements must be reported optional
1905 * measurements might be refused or reported incapable
1906 * For now just refuse
1907 * TODO: Answer basic measurement as unmeasured
1909 ieee80211_send_refuse_measurement_request(sdata,
1910 &mgmt->u.action.u.measurement.msr_elem,
1911 mgmt->sa, mgmt->bssid,
1912 mgmt->u.action.u.measurement.dialog_token);
1916 static void ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata,
1917 struct ieee80211_if_sta *ifsta,
1918 struct ieee80211_mgmt *mgmt,
1921 u16 auth_alg, auth_transaction, status_code;
1922 DECLARE_MAC_BUF(mac);
1924 if (ifsta->state != IEEE80211_STA_MLME_AUTHENTICATE &&
1925 sdata->vif.type != IEEE80211_IF_TYPE_IBSS)
1931 if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
1932 memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0)
1935 if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
1936 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0)
1939 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
1940 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
1941 status_code = le16_to_cpu(mgmt->u.auth.status_code);
1943 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS) {
1945 * IEEE 802.11 standard does not require authentication in IBSS
1946 * networks and most implementations do not seem to use it.
1947 * However, try to reply to authentication attempts if someone
1948 * has actually implemented this.
1950 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1)
1952 ieee80211_send_auth(sdata, ifsta, 2, NULL, 0, 0);
1955 if (auth_alg != ifsta->auth_alg ||
1956 auth_transaction != ifsta->auth_transaction)
1959 if (status_code != WLAN_STATUS_SUCCESS) {
1960 if (status_code == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) {
1962 const int num_algs = ARRAY_SIZE(algs);
1964 algs[0] = algs[1] = algs[2] = 0xff;
1965 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN)
1966 algs[0] = WLAN_AUTH_OPEN;
1967 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
1968 algs[1] = WLAN_AUTH_SHARED_KEY;
1969 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP)
1970 algs[2] = WLAN_AUTH_LEAP;
1971 if (ifsta->auth_alg == WLAN_AUTH_OPEN)
1973 else if (ifsta->auth_alg == WLAN_AUTH_SHARED_KEY)
1977 for (i = 0; i < num_algs; i++) {
1979 if (pos >= num_algs)
1981 if (algs[pos] == ifsta->auth_alg ||
1984 if (algs[pos] == WLAN_AUTH_SHARED_KEY &&
1985 !ieee80211_sta_wep_configured(sdata))
1987 ifsta->auth_alg = algs[pos];
1994 switch (ifsta->auth_alg) {
1995 case WLAN_AUTH_OPEN:
1996 case WLAN_AUTH_LEAP:
1997 ieee80211_auth_completed(sdata, ifsta);
1999 case WLAN_AUTH_SHARED_KEY:
2000 if (ifsta->auth_transaction == 4)
2001 ieee80211_auth_completed(sdata, ifsta);
2003 ieee80211_auth_challenge(sdata, ifsta, mgmt, len);
2009 static void ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata,
2010 struct ieee80211_if_sta *ifsta,
2011 struct ieee80211_mgmt *mgmt,
2015 DECLARE_MAC_BUF(mac);
2020 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN))
2023 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code);
2025 if (ifsta->flags & IEEE80211_STA_AUTHENTICATED)
2026 printk(KERN_DEBUG "%s: deauthenticated\n", sdata->dev->name);
2028 if (ifsta->state == IEEE80211_STA_MLME_AUTHENTICATE ||
2029 ifsta->state == IEEE80211_STA_MLME_ASSOCIATE ||
2030 ifsta->state == IEEE80211_STA_MLME_ASSOCIATED) {
2031 ifsta->state = IEEE80211_STA_MLME_DIRECT_PROBE;
2032 mod_timer(&ifsta->timer, jiffies +
2033 IEEE80211_RETRY_AUTH_INTERVAL);
2036 ieee80211_set_disassoc(sdata, ifsta, true, false, 0);
2037 ifsta->flags &= ~IEEE80211_STA_AUTHENTICATED;
2041 static void ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata,
2042 struct ieee80211_if_sta *ifsta,
2043 struct ieee80211_mgmt *mgmt,
2047 DECLARE_MAC_BUF(mac);
2052 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN))
2055 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
2057 if (ifsta->flags & IEEE80211_STA_ASSOCIATED)
2058 printk(KERN_DEBUG "%s: disassociated\n", sdata->dev->name);
2060 if (ifsta->state == IEEE80211_STA_MLME_ASSOCIATED) {
2061 ifsta->state = IEEE80211_STA_MLME_ASSOCIATE;
2062 mod_timer(&ifsta->timer, jiffies +
2063 IEEE80211_RETRY_AUTH_INTERVAL);
2066 ieee80211_set_disassoc(sdata, ifsta, false, false, 0);
2070 static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
2071 struct ieee80211_if_sta *ifsta,
2072 struct ieee80211_mgmt *mgmt,
2076 struct ieee80211_local *local = sdata->local;
2077 struct ieee80211_supported_band *sband;
2078 struct sta_info *sta;
2079 u64 rates, basic_rates;
2080 u16 capab_info, status_code, aid;
2081 struct ieee802_11_elems elems;
2082 struct ieee80211_bss_conf *bss_conf = &sdata->bss_conf;
2085 DECLARE_MAC_BUF(mac);
2086 bool have_higher_than_11mbit = false;
2088 /* AssocResp and ReassocResp have identical structure, so process both
2089 * of them in this function. */
2091 if (ifsta->state != IEEE80211_STA_MLME_ASSOCIATE)
2097 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0)
2100 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
2101 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code);
2102 aid = le16_to_cpu(mgmt->u.assoc_resp.aid);
2104 printk(KERN_DEBUG "%s: RX %sssocResp from %s (capab=0x%x "
2105 "status=%d aid=%d)\n",
2106 sdata->dev->name, reassoc ? "Rea" : "A", print_mac(mac, mgmt->sa),
2107 capab_info, status_code, (u16)(aid & ~(BIT(15) | BIT(14))));
2109 if (status_code != WLAN_STATUS_SUCCESS) {
2110 printk(KERN_DEBUG "%s: AP denied association (code=%d)\n",
2111 sdata->dev->name, status_code);
2112 /* if this was a reassociation, ensure we try a "full"
2113 * association next time. This works around some broken APs
2114 * which do not correctly reject reassociation requests. */
2115 ifsta->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
2119 if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14)))
2120 printk(KERN_DEBUG "%s: invalid aid value %d; bits 15:14 not "
2121 "set\n", sdata->dev->name, aid);
2122 aid &= ~(BIT(15) | BIT(14));
2124 pos = mgmt->u.assoc_resp.variable;
2125 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
2127 if (!elems.supp_rates) {
2128 printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n",
2133 printk(KERN_DEBUG "%s: associated\n", sdata->dev->name);
2135 ifsta->ap_capab = capab_info;
2137 kfree(ifsta->assocresp_ies);
2138 ifsta->assocresp_ies_len = len - (pos - (u8 *) mgmt);
2139 ifsta->assocresp_ies = kmalloc(ifsta->assocresp_ies_len, GFP_KERNEL);
2140 if (ifsta->assocresp_ies)
2141 memcpy(ifsta->assocresp_ies, pos, ifsta->assocresp_ies_len);
2145 /* Add STA entry for the AP */
2146 sta = sta_info_get(local, ifsta->bssid);
2148 struct ieee80211_sta_bss *bss;
2151 sta = sta_info_alloc(sdata, ifsta->bssid, GFP_ATOMIC);
2153 printk(KERN_DEBUG "%s: failed to alloc STA entry for"
2154 " the AP\n", sdata->dev->name);
2158 bss = ieee80211_rx_bss_get(local, ifsta->bssid,
2159 local->hw.conf.channel->center_freq,
2160 ifsta->ssid, ifsta->ssid_len);
2162 sta->last_signal = bss->signal;
2163 sta->last_qual = bss->qual;
2164 sta->last_noise = bss->noise;
2165 ieee80211_rx_bss_put(local, bss);
2168 err = sta_info_insert(sta);
2170 printk(KERN_DEBUG "%s: failed to insert STA entry for"
2171 " the AP (error %d)\n", sdata->dev->name, err);
2175 /* update new sta with its last rx activity */
2176 sta->last_rx = jiffies;
2180 * FIXME: Do we really need to update the sta_info's information here?
2181 * We already know about the AP (we found it in our list) so it
2182 * should already be filled with the right info, no?
2183 * As is stands, all this is racy because typically we assume
2184 * the information that is filled in here (except flags) doesn't
2185 * change while a STA structure is alive. As such, it should move
2186 * to between the sta_info_alloc() and sta_info_insert() above.
2189 set_sta_flags(sta, WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_AP |
2190 WLAN_STA_AUTHORIZED);
2194 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2196 for (i = 0; i < elems.supp_rates_len; i++) {
2197 int rate = (elems.supp_rates[i] & 0x7f) * 5;
2200 have_higher_than_11mbit = true;
2202 for (j = 0; j < sband->n_bitrates; j++) {
2203 if (sband->bitrates[j].bitrate == rate)
2205 if (elems.supp_rates[i] & 0x80)
2206 basic_rates |= BIT(j);
2210 for (i = 0; i < elems.ext_supp_rates_len; i++) {
2211 int rate = (elems.ext_supp_rates[i] & 0x7f) * 5;
2214 have_higher_than_11mbit = true;
2216 for (j = 0; j < sband->n_bitrates; j++) {
2217 if (sband->bitrates[j].bitrate == rate)
2219 if (elems.ext_supp_rates[i] & 0x80)
2220 basic_rates |= BIT(j);
2224 sta->supp_rates[local->hw.conf.channel->band] = rates;
2225 sdata->basic_rates = basic_rates;
2227 /* cf. IEEE 802.11 9.2.12 */
2228 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
2229 have_higher_than_11mbit)
2230 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
2232 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
2234 if (elems.ht_cap_elem && elems.ht_info_elem && elems.wmm_param &&
2235 (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
2236 struct ieee80211_ht_bss_info bss_info;
2237 ieee80211_ht_cap_ie_to_ht_info(
2238 (struct ieee80211_ht_cap *)
2239 elems.ht_cap_elem, &sta->ht_info);
2240 ieee80211_ht_addt_info_ie_to_ht_bss_info(
2241 (struct ieee80211_ht_addt_info *)
2242 elems.ht_info_elem, &bss_info);
2243 ieee80211_handle_ht(local, 1, &sta->ht_info, &bss_info);
2246 rate_control_rate_init(sta, local);
2248 if (elems.wmm_param) {
2249 set_sta_flags(sta, WLAN_STA_WME);
2251 ieee80211_sta_wmm_params(local, ifsta, elems.wmm_param,
2252 elems.wmm_param_len);
2256 /* set AID and assoc capability,
2257 * ieee80211_set_associated() will tell the driver */
2258 bss_conf->aid = aid;
2259 bss_conf->assoc_capability = capab_info;
2260 ieee80211_set_associated(sdata, ifsta);
2262 ieee80211_associated(sdata, ifsta);
2266 static int ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
2267 struct ieee80211_if_sta *ifsta,
2268 struct ieee80211_sta_bss *bss)
2270 struct ieee80211_local *local = sdata->local;
2271 int res, rates, i, j;
2272 struct sk_buff *skb;
2273 struct ieee80211_mgmt *mgmt;
2275 struct ieee80211_supported_band *sband;
2276 union iwreq_data wrqu;
2278 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2280 /* Remove possible STA entries from other IBSS networks. */
2281 sta_info_flush_delayed(sdata);
2283 if (local->ops->reset_tsf) {
2284 /* Reset own TSF to allow time synchronization work. */
2285 local->ops->reset_tsf(local_to_hw(local));
2287 memcpy(ifsta->bssid, bss->bssid, ETH_ALEN);
2288 res = ieee80211_if_config(sdata, IEEE80211_IFCC_BSSID);
2292 local->hw.conf.beacon_int = bss->beacon_int >= 10 ? bss->beacon_int : 10;
2294 sdata->drop_unencrypted = bss->capability &
2295 WLAN_CAPABILITY_PRIVACY ? 1 : 0;
2297 res = ieee80211_set_freq(sdata, bss->freq);
2302 /* Build IBSS probe response */
2303 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400);
2305 skb_reserve(skb, local->hw.extra_tx_headroom);
2307 mgmt = (struct ieee80211_mgmt *)
2308 skb_put(skb, 24 + sizeof(mgmt->u.beacon));
2309 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon));
2310 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
2311 IEEE80211_STYPE_PROBE_RESP);
2312 memset(mgmt->da, 0xff, ETH_ALEN);
2313 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
2314 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
2315 mgmt->u.beacon.beacon_int =
2316 cpu_to_le16(local->hw.conf.beacon_int);
2317 mgmt->u.beacon.timestamp = cpu_to_le64(bss->timestamp);
2318 mgmt->u.beacon.capab_info = cpu_to_le16(bss->capability);
2320 pos = skb_put(skb, 2 + ifsta->ssid_len);
2321 *pos++ = WLAN_EID_SSID;
2322 *pos++ = ifsta->ssid_len;
2323 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
2325 rates = bss->supp_rates_len;
2328 pos = skb_put(skb, 2 + rates);
2329 *pos++ = WLAN_EID_SUPP_RATES;
2331 memcpy(pos, bss->supp_rates, rates);
2333 if (bss->band == IEEE80211_BAND_2GHZ) {
2334 pos = skb_put(skb, 2 + 1);
2335 *pos++ = WLAN_EID_DS_PARAMS;
2337 *pos++ = ieee80211_frequency_to_channel(bss->freq);
2340 pos = skb_put(skb, 2 + 2);
2341 *pos++ = WLAN_EID_IBSS_PARAMS;
2343 /* FIX: set ATIM window based on scan results */
2347 if (bss->supp_rates_len > 8) {
2348 rates = bss->supp_rates_len - 8;
2349 pos = skb_put(skb, 2 + rates);
2350 *pos++ = WLAN_EID_EXT_SUPP_RATES;
2352 memcpy(pos, &bss->supp_rates[8], rates);
2355 ifsta->probe_resp = skb;
2357 ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON);
2361 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2362 for (i = 0; i < bss->supp_rates_len; i++) {
2363 int bitrate = (bss->supp_rates[i] & 0x7f) * 5;
2364 for (j = 0; j < sband->n_bitrates; j++)
2365 if (sband->bitrates[j].bitrate == bitrate)
2368 ifsta->supp_rates_bits[local->hw.conf.channel->band] = rates;
2370 ieee80211_sta_def_wmm_params(sdata, bss, 1);
2372 ifsta->state = IEEE80211_STA_MLME_IBSS_JOINED;
2373 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
2375 memset(&wrqu, 0, sizeof(wrqu));
2376 memcpy(wrqu.ap_addr.sa_data, bss->bssid, ETH_ALEN);
2377 wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL);
2382 u64 ieee80211_sta_get_rates(struct ieee80211_local *local,
2383 struct ieee802_11_elems *elems,
2384 enum ieee80211_band band)
2386 struct ieee80211_supported_band *sband;
2387 struct ieee80211_rate *bitrates;
2391 sband = local->hw.wiphy->bands[band];
2395 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2398 bitrates = sband->bitrates;
2399 num_rates = sband->n_bitrates;
2401 for (i = 0; i < elems->supp_rates_len +
2402 elems->ext_supp_rates_len; i++) {
2405 if (i < elems->supp_rates_len)
2406 rate = elems->supp_rates[i];
2407 else if (elems->ext_supp_rates)
2408 rate = elems->ext_supp_rates
2409 [i - elems->supp_rates_len];
2410 own_rate = 5 * (rate & 0x7f);
2411 for (j = 0; j < num_rates; j++)
2412 if (bitrates[j].bitrate == own_rate)
2413 supp_rates |= BIT(j);
2418 static u64 ieee80211_sta_get_mandatory_rates(struct ieee80211_local *local,
2419 enum ieee80211_band band)
2421 struct ieee80211_supported_band *sband;
2422 struct ieee80211_rate *bitrates;
2423 u64 mandatory_rates;
2424 enum ieee80211_rate_flags mandatory_flag;
2427 sband = local->hw.wiphy->bands[band];
2430 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2433 if (band == IEEE80211_BAND_2GHZ)
2434 mandatory_flag = IEEE80211_RATE_MANDATORY_B;
2436 mandatory_flag = IEEE80211_RATE_MANDATORY_A;
2438 bitrates = sband->bitrates;
2439 mandatory_rates = 0;
2440 for (i = 0; i < sband->n_bitrates; i++)
2441 if (bitrates[i].flags & mandatory_flag)
2442 mandatory_rates |= BIT(i);
2443 return mandatory_rates;
2446 static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
2447 struct ieee80211_mgmt *mgmt,
2449 struct ieee80211_rx_status *rx_status,
2450 struct ieee802_11_elems *elems)
2452 struct ieee80211_local *local = sdata->local;
2454 struct ieee80211_sta_bss *bss;
2455 struct sta_info *sta;
2456 struct ieee80211_channel *channel;
2457 u64 beacon_timestamp, rx_timestamp;
2459 bool beacon = ieee80211_is_beacon(mgmt->frame_control);
2460 enum ieee80211_band band = rx_status->band;
2461 DECLARE_MAC_BUF(mac);
2462 DECLARE_MAC_BUF(mac2);
2464 if (elems->ds_params && elems->ds_params_len == 1)
2465 freq = ieee80211_channel_to_frequency(elems->ds_params[0]);
2467 freq = rx_status->freq;
2469 channel = ieee80211_get_channel(local->hw.wiphy, freq);
2471 if (!channel || channel->flags & IEEE80211_CHAN_DISABLED)
2474 if (ieee80211_vif_is_mesh(&sdata->vif) && elems->mesh_id &&
2475 elems->mesh_config && mesh_matches_local(elems, sdata)) {
2476 supp_rates = ieee80211_sta_get_rates(local, elems, band);
2478 mesh_neighbour_update(mgmt->sa, supp_rates, sdata,
2479 mesh_peer_accepts_plinks(elems));
2482 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS && elems->supp_rates &&
2483 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0) {
2484 supp_rates = ieee80211_sta_get_rates(local, elems, band);
2488 sta = sta_info_get(local, mgmt->sa);
2492 prev_rates = sta->supp_rates[band];
2493 /* make sure mandatory rates are always added */
2494 sta->supp_rates[band] = supp_rates |
2495 ieee80211_sta_get_mandatory_rates(local, band);
2497 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2498 if (sta->supp_rates[band] != prev_rates)
2499 printk(KERN_DEBUG "%s: updated supp_rates set "
2500 "for %s based on beacon info (0x%llx | "
2501 "0x%llx -> 0x%llx)\n",
2502 sdata->dev->name, print_mac(mac, sta->addr),
2503 (unsigned long long) prev_rates,
2504 (unsigned long long) supp_rates,
2505 (unsigned long long) sta->supp_rates[band]);
2508 ieee80211_ibss_add_sta(sdata, NULL, mgmt->bssid,
2509 mgmt->sa, supp_rates);
2515 #ifdef CONFIG_MAC80211_MESH
2516 if (elems->mesh_config)
2517 bss = ieee80211_rx_mesh_bss_get(local, elems->mesh_id,
2518 elems->mesh_id_len, elems->mesh_config, freq);
2521 bss = ieee80211_rx_bss_get(local, mgmt->bssid, freq,
2522 elems->ssid, elems->ssid_len);
2524 #ifdef CONFIG_MAC80211_MESH
2525 if (elems->mesh_config)
2526 bss = ieee80211_rx_mesh_bss_add(local, elems->mesh_id,
2527 elems->mesh_id_len, elems->mesh_config,
2528 elems->mesh_config_len, freq);
2531 bss = ieee80211_rx_bss_add(sdata, mgmt->bssid, freq,
2532 elems->ssid, elems->ssid_len);
2537 /* TODO: order by RSSI? */
2538 spin_lock_bh(&local->sta_bss_lock);
2539 list_move_tail(&bss->list, &local->sta_bss_list);
2540 spin_unlock_bh(&local->sta_bss_lock);
2544 /* save the ERP value so that it is available at association time */
2545 if (elems->erp_info && elems->erp_info_len >= 1) {
2546 bss->erp_value = elems->erp_info[0];
2547 bss->has_erp_value = 1;
2550 bss->beacon_int = le16_to_cpu(mgmt->u.beacon.beacon_int);
2551 bss->capability = le16_to_cpu(mgmt->u.beacon.capab_info);
2554 struct ieee80211_tim_ie *tim_ie =
2555 (struct ieee80211_tim_ie *)elems->tim;
2556 bss->dtim_period = tim_ie->dtim_period;
2559 /* set default value for buggy APs */
2560 if (!elems->tim || bss->dtim_period == 0)
2561 bss->dtim_period = 1;
2563 bss->supp_rates_len = 0;
2564 if (elems->supp_rates) {
2565 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len;
2566 if (clen > elems->supp_rates_len)
2567 clen = elems->supp_rates_len;
2568 memcpy(&bss->supp_rates[bss->supp_rates_len], elems->supp_rates,
2570 bss->supp_rates_len += clen;
2572 if (elems->ext_supp_rates) {
2573 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len;
2574 if (clen > elems->ext_supp_rates_len)
2575 clen = elems->ext_supp_rates_len;
2576 memcpy(&bss->supp_rates[bss->supp_rates_len],
2577 elems->ext_supp_rates, clen);
2578 bss->supp_rates_len += clen;
2583 beacon_timestamp = le64_to_cpu(mgmt->u.beacon.timestamp);
2585 bss->timestamp = beacon_timestamp;
2586 bss->last_update = jiffies;
2587 bss->signal = rx_status->signal;
2588 bss->noise = rx_status->noise;
2589 bss->qual = rx_status->qual;
2591 bss->last_probe_resp = jiffies;
2593 * In STA mode, the remaining parameters should not be overridden
2594 * by beacons because they're not necessarily accurate there.
2596 if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
2597 bss->last_probe_resp && beacon) {
2598 ieee80211_rx_bss_put(local, bss);
2602 if (bss->ies == NULL || bss->ies_len < elems->total_len) {
2604 bss->ies = kmalloc(elems->total_len, GFP_ATOMIC);
2607 memcpy(bss->ies, elems->ie_start, elems->total_len);
2608 bss->ies_len = elems->total_len;
2612 bss->wmm_used = elems->wmm_param || elems->wmm_info;
2614 /* check if we need to merge IBSS */
2615 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS && beacon &&
2616 !local->sta_sw_scanning && !local->sta_hw_scanning &&
2617 bss->capability & WLAN_CAPABILITY_IBSS &&
2618 bss->freq == local->oper_channel->center_freq &&
2619 elems->ssid_len == sdata->u.sta.ssid_len &&
2620 memcmp(elems->ssid, sdata->u.sta.ssid,
2621 sdata->u.sta.ssid_len) == 0) {
2622 if (rx_status->flag & RX_FLAG_TSFT) {
2623 /* in order for correct IBSS merging we need mactime
2625 * since mactime is defined as the time the first data
2626 * symbol of the frame hits the PHY, and the timestamp
2627 * of the beacon is defined as "the time that the data
2628 * symbol containing the first bit of the timestamp is
2629 * transmitted to the PHY plus the transmitting STA’s
2630 * delays through its local PHY from the MAC-PHY
2631 * interface to its interface with the WM"
2632 * (802.11 11.1.2) - equals the time this bit arrives at
2633 * the receiver - we have to take into account the
2634 * offset between the two.
2635 * e.g: at 1 MBit that means mactime is 192 usec earlier
2636 * (=24 bytes * 8 usecs/byte) than the beacon timestamp.
2638 int rate = local->hw.wiphy->bands[band]->
2639 bitrates[rx_status->rate_idx].bitrate;
2640 rx_timestamp = rx_status->mactime + (24 * 8 * 10 / rate);
2641 } else if (local && local->ops && local->ops->get_tsf)
2642 /* second best option: get current TSF */
2643 rx_timestamp = local->ops->get_tsf(local_to_hw(local));
2645 /* can't merge without knowing the TSF */
2646 rx_timestamp = -1LLU;
2647 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2648 printk(KERN_DEBUG "RX beacon SA=%s BSSID="
2649 "%s TSF=0x%llx BCN=0x%llx diff=%lld @%lu\n",
2650 print_mac(mac, mgmt->sa),
2651 print_mac(mac2, mgmt->bssid),
2652 (unsigned long long)rx_timestamp,
2653 (unsigned long long)beacon_timestamp,
2654 (unsigned long long)(rx_timestamp - beacon_timestamp),
2656 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
2657 if (beacon_timestamp > rx_timestamp) {
2658 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2659 printk(KERN_DEBUG "%s: beacon TSF higher than "
2660 "local TSF - IBSS merge with BSSID %s\n",
2661 sdata->dev->name, print_mac(mac, mgmt->bssid));
2663 ieee80211_sta_join_ibss(sdata, &sdata->u.sta, bss);
2664 ieee80211_ibss_add_sta(sdata, NULL,
2665 mgmt->bssid, mgmt->sa,
2670 ieee80211_rx_bss_put(local, bss);
2674 static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
2675 struct ieee80211_mgmt *mgmt,
2677 struct ieee80211_rx_status *rx_status)
2680 struct ieee802_11_elems elems;
2681 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2683 if (memcmp(mgmt->da, sdata->dev->dev_addr, ETH_ALEN))
2684 return; /* ignore ProbeResp to foreign address */
2686 baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt;
2690 ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen,
2693 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems);
2695 /* direct probe may be part of the association flow */
2696 if (test_and_clear_bit(IEEE80211_STA_REQ_DIRECT_PROBE,
2698 printk(KERN_DEBUG "%s direct probe responded\n",
2700 ieee80211_authenticate(sdata, ifsta);
2705 static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
2706 struct ieee80211_mgmt *mgmt,
2708 struct ieee80211_rx_status *rx_status)
2710 struct ieee80211_if_sta *ifsta;
2712 struct ieee802_11_elems elems;
2713 struct ieee80211_local *local = sdata->local;
2714 struct ieee80211_conf *conf = &local->hw.conf;
2717 /* Process beacon from the current BSS */
2718 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
2722 ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems);
2724 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems);
2726 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
2728 ifsta = &sdata->u.sta;
2730 if (!(ifsta->flags & IEEE80211_STA_ASSOCIATED) ||
2731 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0)
2734 /* Do not send changes to driver if we are scanning. This removes
2735 * requirement that a driver's bss_info_changed/conf_tx functions
2736 * need to be atomic.
2737 * This is really ugly code, we should rewrite scanning and make
2738 * all this more understandable for humans.
2740 if (local->sta_sw_scanning || local->sta_hw_scanning)
2743 ieee80211_sta_wmm_params(local, ifsta, elems.wmm_param,
2744 elems.wmm_param_len);
2746 if (elems.erp_info && elems.erp_info_len >= 1)
2747 changed |= ieee80211_handle_erp_ie(sdata, elems.erp_info[0]);
2749 u16 capab = le16_to_cpu(mgmt->u.beacon.capab_info);
2750 changed |= ieee80211_handle_protect_preamb(sdata, false,
2751 (capab & WLAN_CAPABILITY_SHORT_PREAMBLE) != 0);
2754 if (elems.ht_cap_elem && elems.ht_info_elem &&
2755 elems.wmm_param && conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE) {
2756 struct ieee80211_ht_bss_info bss_info;
2758 ieee80211_ht_addt_info_ie_to_ht_bss_info(
2759 (struct ieee80211_ht_addt_info *)
2760 elems.ht_info_elem, &bss_info);
2761 changed |= ieee80211_handle_ht(local, 1, &conf->ht_conf,
2765 ieee80211_bss_info_change_notify(sdata, changed);
2769 static void ieee80211_rx_mgmt_probe_req(struct ieee80211_sub_if_data *sdata,
2770 struct ieee80211_if_sta *ifsta,
2771 struct ieee80211_mgmt *mgmt,
2773 struct ieee80211_rx_status *rx_status)
2775 struct ieee80211_local *local = sdata->local;
2777 struct sk_buff *skb;
2778 struct ieee80211_mgmt *resp;
2780 DECLARE_MAC_BUF(mac);
2781 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2782 DECLARE_MAC_BUF(mac2);
2783 DECLARE_MAC_BUF(mac3);
2786 if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS ||
2787 ifsta->state != IEEE80211_STA_MLME_IBSS_JOINED ||
2788 len < 24 + 2 || !ifsta->probe_resp)
2791 if (local->ops->tx_last_beacon)
2792 tx_last_beacon = local->ops->tx_last_beacon(local_to_hw(local));
2796 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2797 printk(KERN_DEBUG "%s: RX ProbeReq SA=%s DA=%s BSSID="
2798 "%s (tx_last_beacon=%d)\n",
2799 sdata->dev->name, print_mac(mac, mgmt->sa), print_mac(mac2, mgmt->da),
2800 print_mac(mac3, mgmt->bssid), tx_last_beacon);
2801 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
2803 if (!tx_last_beacon)
2806 if (memcmp(mgmt->bssid, ifsta->bssid, ETH_ALEN) != 0 &&
2807 memcmp(mgmt->bssid, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0)
2810 end = ((u8 *) mgmt) + len;
2811 pos = mgmt->u.probe_req.variable;
2812 if (pos[0] != WLAN_EID_SSID ||
2813 pos + 2 + pos[1] > end) {
2814 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2815 printk(KERN_DEBUG "%s: Invalid SSID IE in ProbeReq "
2817 sdata->dev->name, print_mac(mac, mgmt->sa));
2822 (pos[1] != ifsta->ssid_len ||
2823 memcmp(pos + 2, ifsta->ssid, ifsta->ssid_len) != 0)) {
2824 /* Ignore ProbeReq for foreign SSID */
2828 /* Reply with ProbeResp */
2829 skb = skb_copy(ifsta->probe_resp, GFP_KERNEL);
2833 resp = (struct ieee80211_mgmt *) skb->data;
2834 memcpy(resp->da, mgmt->sa, ETH_ALEN);
2835 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2836 printk(KERN_DEBUG "%s: Sending ProbeResp to %s\n",
2837 sdata->dev->name, print_mac(mac, resp->da));
2838 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
2839 ieee80211_sta_tx(sdata, skb, 0);
2842 static void ieee80211_rx_mgmt_action(struct ieee80211_sub_if_data *sdata,
2843 struct ieee80211_if_sta *ifsta,
2844 struct ieee80211_mgmt *mgmt,
2846 struct ieee80211_rx_status *rx_status)
2848 struct ieee80211_local *local = sdata->local;
2850 /* all categories we currently handle have action_code */
2851 if (len < IEEE80211_MIN_ACTION_SIZE + 1)
2854 switch (mgmt->u.action.category) {
2855 case WLAN_CATEGORY_SPECTRUM_MGMT:
2856 if (local->hw.conf.channel->band != IEEE80211_BAND_5GHZ)
2858 switch (mgmt->u.action.u.measurement.action_code) {
2859 case WLAN_ACTION_SPCT_MSR_REQ:
2860 if (len < (IEEE80211_MIN_ACTION_SIZE +
2861 sizeof(mgmt->u.action.u.measurement)))
2863 ieee80211_sta_process_measurement_req(sdata, mgmt, len);
2867 case WLAN_CATEGORY_BACK:
2868 switch (mgmt->u.action.u.addba_req.action_code) {
2869 case WLAN_ACTION_ADDBA_REQ:
2870 if (len < (IEEE80211_MIN_ACTION_SIZE +
2871 sizeof(mgmt->u.action.u.addba_req)))
2873 ieee80211_sta_process_addba_request(local, mgmt, len);
2875 case WLAN_ACTION_ADDBA_RESP:
2876 if (len < (IEEE80211_MIN_ACTION_SIZE +
2877 sizeof(mgmt->u.action.u.addba_resp)))
2879 ieee80211_sta_process_addba_resp(local, mgmt, len);
2881 case WLAN_ACTION_DELBA:
2882 if (len < (IEEE80211_MIN_ACTION_SIZE +
2883 sizeof(mgmt->u.action.u.delba)))
2885 ieee80211_sta_process_delba(sdata, mgmt, len);
2889 case PLINK_CATEGORY:
2890 if (ieee80211_vif_is_mesh(&sdata->vif))
2891 mesh_rx_plink_frame(sdata, mgmt, len, rx_status);
2893 case MESH_PATH_SEL_CATEGORY:
2894 if (ieee80211_vif_is_mesh(&sdata->vif))
2895 mesh_rx_path_sel_frame(sdata, mgmt, len);
2900 void ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
2901 struct ieee80211_rx_status *rx_status)
2903 struct ieee80211_local *local = sdata->local;
2904 struct ieee80211_if_sta *ifsta;
2905 struct ieee80211_mgmt *mgmt;
2911 ifsta = &sdata->u.sta;
2913 mgmt = (struct ieee80211_mgmt *) skb->data;
2914 fc = le16_to_cpu(mgmt->frame_control);
2916 switch (fc & IEEE80211_FCTL_STYPE) {
2917 case IEEE80211_STYPE_PROBE_REQ:
2918 case IEEE80211_STYPE_PROBE_RESP:
2919 case IEEE80211_STYPE_BEACON:
2920 case IEEE80211_STYPE_ACTION:
2921 memcpy(skb->cb, rx_status, sizeof(*rx_status));
2922 case IEEE80211_STYPE_AUTH:
2923 case IEEE80211_STYPE_ASSOC_RESP:
2924 case IEEE80211_STYPE_REASSOC_RESP:
2925 case IEEE80211_STYPE_DEAUTH:
2926 case IEEE80211_STYPE_DISASSOC:
2927 skb_queue_tail(&ifsta->skb_queue, skb);
2928 queue_work(local->hw.workqueue, &ifsta->work);
2936 static void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
2937 struct sk_buff *skb)
2939 struct ieee80211_rx_status *rx_status;
2940 struct ieee80211_if_sta *ifsta;
2941 struct ieee80211_mgmt *mgmt;
2944 ifsta = &sdata->u.sta;
2946 rx_status = (struct ieee80211_rx_status *) skb->cb;
2947 mgmt = (struct ieee80211_mgmt *) skb->data;
2948 fc = le16_to_cpu(mgmt->frame_control);
2950 switch (fc & IEEE80211_FCTL_STYPE) {
2951 case IEEE80211_STYPE_PROBE_REQ:
2952 ieee80211_rx_mgmt_probe_req(sdata, ifsta, mgmt, skb->len,
2955 case IEEE80211_STYPE_PROBE_RESP:
2956 ieee80211_rx_mgmt_probe_resp(sdata, mgmt, skb->len, rx_status);
2958 case IEEE80211_STYPE_BEACON:
2959 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len, rx_status);
2961 case IEEE80211_STYPE_AUTH:
2962 ieee80211_rx_mgmt_auth(sdata, ifsta, mgmt, skb->len);
2964 case IEEE80211_STYPE_ASSOC_RESP:
2965 ieee80211_rx_mgmt_assoc_resp(sdata, ifsta, mgmt, skb->len, 0);
2967 case IEEE80211_STYPE_REASSOC_RESP:
2968 ieee80211_rx_mgmt_assoc_resp(sdata, ifsta, mgmt, skb->len, 1);
2970 case IEEE80211_STYPE_DEAUTH:
2971 ieee80211_rx_mgmt_deauth(sdata, ifsta, mgmt, skb->len);
2973 case IEEE80211_STYPE_DISASSOC:
2974 ieee80211_rx_mgmt_disassoc(sdata, ifsta, mgmt, skb->len);
2976 case IEEE80211_STYPE_ACTION:
2977 ieee80211_rx_mgmt_action(sdata, ifsta, mgmt, skb->len, rx_status);
2986 ieee80211_sta_rx_scan(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
2987 struct ieee80211_rx_status *rx_status)
2989 struct ieee80211_mgmt *mgmt;
2993 return RX_DROP_UNUSABLE;
2995 mgmt = (struct ieee80211_mgmt *) skb->data;
2996 fc = mgmt->frame_control;
2998 if (ieee80211_is_ctl(fc))
3002 return RX_DROP_MONITOR;
3004 if (ieee80211_is_probe_resp(fc)) {
3005 ieee80211_rx_mgmt_probe_resp(sdata, mgmt, skb->len, rx_status);
3010 if (ieee80211_is_beacon(fc)) {
3011 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len, rx_status);
3020 static int ieee80211_sta_active_ibss(struct ieee80211_sub_if_data *sdata)
3022 struct ieee80211_local *local = sdata->local;
3024 struct sta_info *sta;
3028 list_for_each_entry_rcu(sta, &local->sta_list, list) {
3029 if (sta->sdata == sdata &&
3030 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL,
3043 static void ieee80211_sta_expire(struct ieee80211_sub_if_data *sdata, unsigned long exp_time)
3045 struct ieee80211_local *local = sdata->local;
3046 struct sta_info *sta, *tmp;
3047 LIST_HEAD(tmp_list);
3048 DECLARE_MAC_BUF(mac);
3049 unsigned long flags;
3051 spin_lock_irqsave(&local->sta_lock, flags);
3052 list_for_each_entry_safe(sta, tmp, &local->sta_list, list)
3053 if (time_after(jiffies, sta->last_rx + exp_time)) {
3054 #ifdef CONFIG_MAC80211_IBSS_DEBUG
3055 printk(KERN_DEBUG "%s: expiring inactive STA %s\n",
3056 sdata->dev->name, print_mac(mac, sta->addr));
3058 __sta_info_unlink(&sta);
3060 list_add(&sta->list, &tmp_list);
3062 spin_unlock_irqrestore(&local->sta_lock, flags);
3064 list_for_each_entry_safe(sta, tmp, &tmp_list, list)
3065 sta_info_destroy(sta);
3069 static void ieee80211_sta_merge_ibss(struct ieee80211_sub_if_data *sdata,
3070 struct ieee80211_if_sta *ifsta)
3072 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
3074 ieee80211_sta_expire(sdata, IEEE80211_IBSS_INACTIVITY_LIMIT);
3075 if (ieee80211_sta_active_ibss(sdata))
3078 printk(KERN_DEBUG "%s: No active IBSS STAs - trying to scan for other "
3079 "IBSS networks with same SSID (merge)\n", sdata->dev->name);
3080 ieee80211_sta_req_scan(sdata, ifsta->ssid, ifsta->ssid_len);
3084 #ifdef CONFIG_MAC80211_MESH
3085 static void ieee80211_mesh_housekeeping(struct ieee80211_sub_if_data *sdata,
3086 struct ieee80211_if_sta *ifsta)
3090 ieee80211_sta_expire(sdata, IEEE80211_MESH_PEER_INACTIVITY_LIMIT);
3091 mesh_path_expire(sdata);
3093 free_plinks = mesh_plink_availables(sdata);
3094 if (free_plinks != sdata->u.sta.accepting_plinks)
3095 ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON);
3097 mod_timer(&ifsta->timer, jiffies +
3098 IEEE80211_MESH_HOUSEKEEPING_INTERVAL);
3102 void ieee80211_start_mesh(struct ieee80211_sub_if_data *sdata)
3104 struct ieee80211_if_sta *ifsta;
3105 ifsta = &sdata->u.sta;
3106 ifsta->state = IEEE80211_STA_MLME_MESH_UP;
3107 ieee80211_sta_timer((unsigned long)sdata);
3108 ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON);
3113 void ieee80211_sta_timer(unsigned long data)
3115 struct ieee80211_sub_if_data *sdata =
3116 (struct ieee80211_sub_if_data *) data;
3117 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3118 struct ieee80211_local *local = sdata->local;
3120 set_bit(IEEE80211_STA_REQ_RUN, &ifsta->request);
3121 queue_work(local->hw.workqueue, &ifsta->work);
3124 static void ieee80211_sta_reset_auth(struct ieee80211_sub_if_data *sdata,
3125 struct ieee80211_if_sta *ifsta)
3127 struct ieee80211_local *local = sdata->local;
3129 if (local->ops->reset_tsf) {
3130 /* Reset own TSF to allow time synchronization work. */
3131 local->ops->reset_tsf(local_to_hw(local));
3134 ifsta->wmm_last_param_set = -1; /* allow any WMM update */
3137 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN)
3138 ifsta->auth_alg = WLAN_AUTH_OPEN;
3139 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
3140 ifsta->auth_alg = WLAN_AUTH_SHARED_KEY;
3141 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP)
3142 ifsta->auth_alg = WLAN_AUTH_LEAP;
3144 ifsta->auth_alg = WLAN_AUTH_OPEN;
3145 ifsta->auth_transaction = -1;
3146 ifsta->flags &= ~IEEE80211_STA_ASSOCIATED;
3147 ifsta->assoc_scan_tries = 0;
3148 ifsta->direct_probe_tries = 0;
3149 ifsta->auth_tries = 0;
3150 ifsta->assoc_tries = 0;
3151 netif_tx_stop_all_queues(sdata->dev);
3152 netif_carrier_off(sdata->dev);
3156 void ieee80211_sta_req_auth(struct ieee80211_sub_if_data *sdata,
3157 struct ieee80211_if_sta *ifsta)
3159 struct ieee80211_local *local = sdata->local;
3161 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
3164 if ((ifsta->flags & (IEEE80211_STA_BSSID_SET |
3165 IEEE80211_STA_AUTO_BSSID_SEL)) &&
3166 (ifsta->flags & (IEEE80211_STA_SSID_SET |
3167 IEEE80211_STA_AUTO_SSID_SEL))) {
3169 if (ifsta->state == IEEE80211_STA_MLME_ASSOCIATED)
3170 ieee80211_set_disassoc(sdata, ifsta, true, true,
3171 WLAN_REASON_DEAUTH_LEAVING);
3173 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request);
3174 queue_work(local->hw.workqueue, &ifsta->work);
3178 static int ieee80211_sta_match_ssid(struct ieee80211_if_sta *ifsta,
3179 const char *ssid, int ssid_len)
3181 int tmp, hidden_ssid;
3183 if (ssid_len == ifsta->ssid_len &&
3184 !memcmp(ifsta->ssid, ssid, ssid_len))
3187 if (ifsta->flags & IEEE80211_STA_AUTO_BSSID_SEL)
3193 if (ssid[tmp] != '\0') {
3199 if (hidden_ssid && ifsta->ssid_len == ssid_len)
3202 if (ssid_len == 1 && ssid[0] == ' ')
3208 static int ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata,
3209 struct ieee80211_if_sta *ifsta)
3211 struct ieee80211_local *local = sdata->local;
3212 struct ieee80211_sta_bss *bss;
3213 struct ieee80211_supported_band *sband;
3214 u8 bssid[ETH_ALEN], *pos;
3217 DECLARE_MAC_BUF(mac);
3220 /* Easier testing, use fixed BSSID. */
3221 memset(bssid, 0xfe, ETH_ALEN);
3223 /* Generate random, not broadcast, locally administered BSSID. Mix in
3224 * own MAC address to make sure that devices that do not have proper
3225 * random number generator get different BSSID. */
3226 get_random_bytes(bssid, ETH_ALEN);
3227 for (i = 0; i < ETH_ALEN; i++)
3228 bssid[i] ^= sdata->dev->dev_addr[i];
3233 printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID %s\n",
3234 sdata->dev->name, print_mac(mac, bssid));
3236 bss = ieee80211_rx_bss_add(sdata, bssid,
3237 local->hw.conf.channel->center_freq,
3238 sdata->u.sta.ssid, sdata->u.sta.ssid_len);
3242 bss->band = local->hw.conf.channel->band;
3243 sband = local->hw.wiphy->bands[bss->band];
3245 if (local->hw.conf.beacon_int == 0)
3246 local->hw.conf.beacon_int = 100;
3247 bss->beacon_int = local->hw.conf.beacon_int;
3248 bss->last_update = jiffies;
3249 bss->capability = WLAN_CAPABILITY_IBSS;
3251 if (sdata->default_key)
3252 bss->capability |= WLAN_CAPABILITY_PRIVACY;
3254 sdata->drop_unencrypted = 0;
3256 bss->supp_rates_len = sband->n_bitrates;
3257 pos = bss->supp_rates;
3258 for (i = 0; i < sband->n_bitrates; i++) {
3259 int rate = sband->bitrates[i].bitrate;
3260 *pos++ = (u8) (rate / 5);
3263 ret = ieee80211_sta_join_ibss(sdata, ifsta, bss);
3264 ieee80211_rx_bss_put(local, bss);
3269 static int ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata,
3270 struct ieee80211_if_sta *ifsta)
3272 struct ieee80211_local *local = sdata->local;
3273 struct ieee80211_sta_bss *bss;
3277 DECLARE_MAC_BUF(mac);
3278 DECLARE_MAC_BUF(mac2);
3280 if (ifsta->ssid_len == 0)
3283 active_ibss = ieee80211_sta_active_ibss(sdata);
3284 #ifdef CONFIG_MAC80211_IBSS_DEBUG
3285 printk(KERN_DEBUG "%s: sta_find_ibss (active_ibss=%d)\n",
3286 sdata->dev->name, active_ibss);
3287 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
3288 spin_lock_bh(&local->sta_bss_lock);
3289 list_for_each_entry(bss, &local->sta_bss_list, list) {
3290 if (ifsta->ssid_len != bss->ssid_len ||
3291 memcmp(ifsta->ssid, bss->ssid, bss->ssid_len) != 0
3292 || !(bss->capability & WLAN_CAPABILITY_IBSS))
3294 #ifdef CONFIG_MAC80211_IBSS_DEBUG
3295 printk(KERN_DEBUG " bssid=%s found\n",
3296 print_mac(mac, bss->bssid));
3297 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
3298 memcpy(bssid, bss->bssid, ETH_ALEN);
3300 if (active_ibss || memcmp(bssid, ifsta->bssid, ETH_ALEN) != 0)
3303 spin_unlock_bh(&local->sta_bss_lock);
3305 #ifdef CONFIG_MAC80211_IBSS_DEBUG
3307 printk(KERN_DEBUG " sta_find_ibss: selected %s current "
3308 "%s\n", print_mac(mac, bssid),
3309 print_mac(mac2, ifsta->bssid));
3310 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
3312 if (found && memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0) {
3316 if (ifsta->flags & IEEE80211_STA_AUTO_CHANNEL_SEL)
3317 search_freq = bss->freq;
3319 search_freq = local->hw.conf.channel->center_freq;
3321 bss = ieee80211_rx_bss_get(local, bssid, search_freq,
3322 ifsta->ssid, ifsta->ssid_len);
3326 printk(KERN_DEBUG "%s: Selected IBSS BSSID %s"
3327 " based on configured SSID\n",
3328 sdata->dev->name, print_mac(mac, bssid));
3329 ret = ieee80211_sta_join_ibss(sdata, ifsta, bss);
3330 ieee80211_rx_bss_put(local, bss);
3335 #ifdef CONFIG_MAC80211_IBSS_DEBUG
3336 printk(KERN_DEBUG " did not try to join ibss\n");
3337 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
3339 /* Selected IBSS not found in current scan results - try to scan */
3340 if (ifsta->state == IEEE80211_STA_MLME_IBSS_JOINED &&
3341 !ieee80211_sta_active_ibss(sdata)) {
3342 mod_timer(&ifsta->timer, jiffies +
3343 IEEE80211_IBSS_MERGE_INTERVAL);
3344 } else if (time_after(jiffies, local->last_scan_completed +
3345 IEEE80211_SCAN_INTERVAL)) {
3346 printk(KERN_DEBUG "%s: Trigger new scan to find an IBSS to "
3347 "join\n", sdata->dev->name);
3348 return ieee80211_sta_req_scan(sdata, ifsta->ssid,
3350 } else if (ifsta->state != IEEE80211_STA_MLME_IBSS_JOINED) {
3351 int interval = IEEE80211_SCAN_INTERVAL;
3353 if (time_after(jiffies, ifsta->ibss_join_req +
3354 IEEE80211_IBSS_JOIN_TIMEOUT)) {
3355 if ((ifsta->flags & IEEE80211_STA_CREATE_IBSS) &&
3356 (!(local->oper_channel->flags &
3357 IEEE80211_CHAN_NO_IBSS)))
3358 return ieee80211_sta_create_ibss(sdata, ifsta);
3359 if (ifsta->flags & IEEE80211_STA_CREATE_IBSS) {
3360 printk(KERN_DEBUG "%s: IBSS not allowed on"
3361 " %d MHz\n", sdata->dev->name,
3362 local->hw.conf.channel->center_freq);
3365 /* No IBSS found - decrease scan interval and continue
3367 interval = IEEE80211_SCAN_INTERVAL_SLOW;
3370 ifsta->state = IEEE80211_STA_MLME_IBSS_SEARCH;
3371 mod_timer(&ifsta->timer, jiffies + interval);
3379 int ieee80211_sta_set_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t len)
3381 struct ieee80211_if_sta *ifsta;
3384 if (len > IEEE80211_MAX_SSID_LEN)
3387 ifsta = &sdata->u.sta;
3389 if (ifsta->ssid_len != len || memcmp(ifsta->ssid, ssid, len) != 0) {
3390 memset(ifsta->ssid, 0, sizeof(ifsta->ssid));
3391 memcpy(ifsta->ssid, ssid, len);
3392 ifsta->ssid_len = len;
3393 ifsta->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
3397 * Hack! MLME code needs to be cleaned up to have different
3398 * entry points for configuration and internal selection change
3400 if (netif_running(sdata->dev))
3401 res = ieee80211_if_config(sdata, IEEE80211_IFCC_SSID);
3403 printk(KERN_DEBUG "%s: Failed to config new SSID to "
3404 "the low-level driver\n", sdata->dev->name);
3410 ifsta->flags |= IEEE80211_STA_SSID_SET;
3412 ifsta->flags &= ~IEEE80211_STA_SSID_SET;
3414 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS &&
3415 !(ifsta->flags & IEEE80211_STA_BSSID_SET)) {
3416 ifsta->ibss_join_req = jiffies;
3417 ifsta->state = IEEE80211_STA_MLME_IBSS_SEARCH;
3418 return ieee80211_sta_find_ibss(sdata, ifsta);
3425 int ieee80211_sta_get_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t *len)
3427 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3428 memcpy(ssid, ifsta->ssid, ifsta->ssid_len);
3429 *len = ifsta->ssid_len;
3434 int ieee80211_sta_set_bssid(struct ieee80211_sub_if_data *sdata, u8 *bssid)
3436 struct ieee80211_if_sta *ifsta;
3439 ifsta = &sdata->u.sta;
3441 if (memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0) {
3442 memcpy(ifsta->bssid, bssid, ETH_ALEN);
3445 * Hack! See also ieee80211_sta_set_ssid.
3447 if (netif_running(sdata->dev))
3448 res = ieee80211_if_config(sdata, IEEE80211_IFCC_BSSID);
3450 printk(KERN_DEBUG "%s: Failed to config new BSSID to "
3451 "the low-level driver\n", sdata->dev->name);
3456 if (is_valid_ether_addr(bssid))
3457 ifsta->flags |= IEEE80211_STA_BSSID_SET;
3459 ifsta->flags &= ~IEEE80211_STA_BSSID_SET;
3465 int ieee80211_sta_set_extra_ie(struct ieee80211_sub_if_data *sdata, char *ie, size_t len)
3467 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3469 kfree(ifsta->extra_ie);
3471 ifsta->extra_ie = NULL;
3472 ifsta->extra_ie_len = 0;
3475 ifsta->extra_ie = kmalloc(len, GFP_KERNEL);
3476 if (!ifsta->extra_ie) {
3477 ifsta->extra_ie_len = 0;
3480 memcpy(ifsta->extra_ie, ie, len);
3481 ifsta->extra_ie_len = len;
3486 struct sta_info *ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata,
3487 struct sk_buff *skb, u8 *bssid,
3488 u8 *addr, u64 supp_rates)
3490 struct ieee80211_local *local = sdata->local;
3491 struct sta_info *sta;
3492 DECLARE_MAC_BUF(mac);
3493 int band = local->hw.conf.channel->band;
3495 /* TODO: Could consider removing the least recently used entry and
3496 * allow new one to be added. */
3497 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
3498 if (net_ratelimit()) {
3499 printk(KERN_DEBUG "%s: No room for a new IBSS STA "
3500 "entry %s\n", sdata->dev->name, print_mac(mac, addr));
3505 if (compare_ether_addr(bssid, sdata->u.sta.bssid))
3508 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
3509 printk(KERN_DEBUG "%s: Adding new IBSS station %s (dev=%s)\n",
3510 wiphy_name(local->hw.wiphy), print_mac(mac, addr), sdata->dev->name);
3513 sta = sta_info_alloc(sdata, addr, GFP_ATOMIC);
3517 set_sta_flags(sta, WLAN_STA_AUTHORIZED);
3519 /* make sure mandatory rates are always added */
3520 sta->supp_rates[band] = supp_rates |
3521 ieee80211_sta_get_mandatory_rates(local, band);
3523 rate_control_rate_init(sta, local);
3525 if (sta_info_insert(sta))
3532 static int ieee80211_sta_config_auth(struct ieee80211_sub_if_data *sdata,
3533 struct ieee80211_if_sta *ifsta)
3535 struct ieee80211_local *local = sdata->local;
3536 struct ieee80211_sta_bss *bss, *selected = NULL;
3537 int top_rssi = 0, freq;
3539 spin_lock_bh(&local->sta_bss_lock);
3540 freq = local->oper_channel->center_freq;
3541 list_for_each_entry(bss, &local->sta_bss_list, list) {
3542 if (!(bss->capability & WLAN_CAPABILITY_ESS))
3545 if ((ifsta->flags & (IEEE80211_STA_AUTO_SSID_SEL |
3546 IEEE80211_STA_AUTO_BSSID_SEL |
3547 IEEE80211_STA_AUTO_CHANNEL_SEL)) &&
3548 (!!(bss->capability & WLAN_CAPABILITY_PRIVACY) ^
3549 !!sdata->default_key))
3552 if (!(ifsta->flags & IEEE80211_STA_AUTO_CHANNEL_SEL) &&
3556 if (!(ifsta->flags & IEEE80211_STA_AUTO_BSSID_SEL) &&
3557 memcmp(bss->bssid, ifsta->bssid, ETH_ALEN))
3560 if (!(ifsta->flags & IEEE80211_STA_AUTO_SSID_SEL) &&
3561 !ieee80211_sta_match_ssid(ifsta, bss->ssid, bss->ssid_len))
3564 if (!selected || top_rssi < bss->signal) {
3566 top_rssi = bss->signal;
3570 atomic_inc(&selected->users);
3571 spin_unlock_bh(&local->sta_bss_lock);
3574 ieee80211_set_freq(sdata, selected->freq);
3575 if (!(ifsta->flags & IEEE80211_STA_SSID_SET))
3576 ieee80211_sta_set_ssid(sdata, selected->ssid,
3577 selected->ssid_len);
3578 ieee80211_sta_set_bssid(sdata, selected->bssid);
3579 ieee80211_sta_def_wmm_params(sdata, selected, 0);
3581 /* Send out direct probe if no probe resp was received or
3582 * the one we have is outdated
3584 if (!selected->last_probe_resp ||
3585 time_after(jiffies, selected->last_probe_resp
3586 + IEEE80211_SCAN_RESULT_EXPIRE))
3587 ifsta->state = IEEE80211_STA_MLME_DIRECT_PROBE;
3589 ifsta->state = IEEE80211_STA_MLME_AUTHENTICATE;
3591 ieee80211_rx_bss_put(local, selected);
3592 ieee80211_sta_reset_auth(sdata, ifsta);
3595 if (ifsta->assoc_scan_tries < IEEE80211_ASSOC_SCANS_MAX_TRIES) {
3596 ifsta->assoc_scan_tries++;
3597 if (ifsta->flags & IEEE80211_STA_AUTO_SSID_SEL)
3598 ieee80211_sta_start_scan(sdata, NULL, 0);
3600 ieee80211_sta_start_scan(sdata, ifsta->ssid,
3602 ifsta->state = IEEE80211_STA_MLME_AUTHENTICATE;
3603 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request);
3605 ifsta->state = IEEE80211_STA_MLME_DISABLED;
3611 int ieee80211_sta_deauthenticate(struct ieee80211_sub_if_data *sdata, u16 reason)
3613 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3615 printk(KERN_DEBUG "%s: deauthenticating by local choice (reason=%d)\n",
3616 sdata->dev->name, reason);
3618 if (sdata->vif.type != IEEE80211_IF_TYPE_STA &&
3619 sdata->vif.type != IEEE80211_IF_TYPE_IBSS)
3622 ieee80211_set_disassoc(sdata, ifsta, true, true, reason);
3627 int ieee80211_sta_disassociate(struct ieee80211_sub_if_data *sdata, u16 reason)
3629 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3631 printk(KERN_DEBUG "%s: disassociating by local choice (reason=%d)\n",
3632 sdata->dev->name, reason);
3634 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
3637 if (!(ifsta->flags & IEEE80211_STA_ASSOCIATED))
3640 ieee80211_set_disassoc(sdata, ifsta, false, true, reason);
3644 void ieee80211_notify_mac(struct ieee80211_hw *hw,
3645 enum ieee80211_notification_types notif_type)
3647 struct ieee80211_local *local = hw_to_local(hw);
3648 struct ieee80211_sub_if_data *sdata;
3650 switch (notif_type) {
3651 case IEEE80211_NOTIFY_RE_ASSOC:
3653 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
3654 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
3657 ieee80211_sta_req_auth(sdata, &sdata->u.sta);
3663 EXPORT_SYMBOL(ieee80211_notify_mac);
3665 void ieee80211_sta_work(struct work_struct *work)
3667 struct ieee80211_sub_if_data *sdata =
3668 container_of(work, struct ieee80211_sub_if_data, u.sta.work);
3669 struct ieee80211_local *local = sdata->local;
3670 struct ieee80211_if_sta *ifsta;
3671 struct sk_buff *skb;
3673 if (!netif_running(sdata->dev))
3676 if (local->sta_sw_scanning || local->sta_hw_scanning)
3679 if (WARN_ON(sdata->vif.type != IEEE80211_IF_TYPE_STA &&
3680 sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
3681 sdata->vif.type != IEEE80211_IF_TYPE_MESH_POINT))
3683 ifsta = &sdata->u.sta;
3685 while ((skb = skb_dequeue(&ifsta->skb_queue)))
3686 ieee80211_sta_rx_queued_mgmt(sdata, skb);
3688 #ifdef CONFIG_MAC80211_MESH
3689 if (ifsta->preq_queue_len &&
3691 ifsta->last_preq + msecs_to_jiffies(ifsta->mshcfg.dot11MeshHWMPpreqMinInterval)))
3692 mesh_path_start_discovery(sdata);
3695 if (ifsta->state != IEEE80211_STA_MLME_DIRECT_PROBE &&
3696 ifsta->state != IEEE80211_STA_MLME_AUTHENTICATE &&
3697 ifsta->state != IEEE80211_STA_MLME_ASSOCIATE &&
3698 test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request)) {
3699 if (ifsta->scan_ssid_len)
3700 ieee80211_sta_start_scan(sdata, ifsta->scan_ssid, ifsta->scan_ssid_len);
3702 ieee80211_sta_start_scan(sdata, NULL, 0);
3706 if (test_and_clear_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request)) {
3707 if (ieee80211_sta_config_auth(sdata, ifsta))
3709 clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request);
3710 } else if (!test_and_clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request))
3713 switch (ifsta->state) {
3714 case IEEE80211_STA_MLME_DISABLED:
3716 case IEEE80211_STA_MLME_DIRECT_PROBE:
3717 ieee80211_direct_probe(sdata, ifsta);
3719 case IEEE80211_STA_MLME_AUTHENTICATE:
3720 ieee80211_authenticate(sdata, ifsta);
3722 case IEEE80211_STA_MLME_ASSOCIATE:
3723 ieee80211_associate(sdata, ifsta);
3725 case IEEE80211_STA_MLME_ASSOCIATED:
3726 ieee80211_associated(sdata, ifsta);
3728 case IEEE80211_STA_MLME_IBSS_SEARCH:
3729 ieee80211_sta_find_ibss(sdata, ifsta);
3731 case IEEE80211_STA_MLME_IBSS_JOINED:
3732 ieee80211_sta_merge_ibss(sdata, ifsta);
3734 #ifdef CONFIG_MAC80211_MESH
3735 case IEEE80211_STA_MLME_MESH_UP:
3736 ieee80211_mesh_housekeeping(sdata, ifsta);
3744 if (ieee80211_privacy_mismatch(sdata, ifsta)) {
3745 printk(KERN_DEBUG "%s: privacy configuration mismatch and "
3746 "mixed-cell disabled - disassociate\n", sdata->dev->name);
3748 ieee80211_set_disassoc(sdata, ifsta, false, true,
3749 WLAN_REASON_UNSPECIFIED);
3753 void ieee80211_mlme_notify_scan_completed(struct ieee80211_local *local)
3755 struct ieee80211_sub_if_data *sdata = local->scan_sdata;
3756 struct ieee80211_if_sta *ifsta;
3758 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS) {
3759 ifsta = &sdata->u.sta;
3760 if (!(ifsta->flags & IEEE80211_STA_BSSID_SET) ||
3761 (!(ifsta->state == IEEE80211_STA_MLME_IBSS_JOINED) &&
3762 !ieee80211_sta_active_ibss(sdata)))
3763 ieee80211_sta_find_ibss(sdata, ifsta);
projects / linux-2.6-omap-h63xx.git / blob