ibss.c revision 71965c1d04b2b48ab7c56395bd1f996a56aaa592
1/* 2 * IBSS mode implementation 3 * Copyright 2003-2008, Jouni Malinen <j@w1.fi> 4 * Copyright 2004, Instant802 Networks, Inc. 5 * Copyright 2005, Devicescape Software, Inc. 6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 7 * Copyright 2007, Michael Wu <flamingice@sourmilk.net> 8 * Copyright 2009, Johannes Berg <johannes@sipsolutions.net> 9 * 10 * This program is free software; you can redistribute it and/or modify 11 * it under the terms of the GNU General Public License version 2 as 12 * published by the Free Software Foundation. 13 */ 14 15#include <linux/delay.h> 16#include <linux/slab.h> 17#include <linux/if_ether.h> 18#include <linux/skbuff.h> 19#include <linux/if_arp.h> 20#include <linux/etherdevice.h> 21#include <linux/rtnetlink.h> 22#include <net/mac80211.h> 23 24#include "ieee80211_i.h" 25#include "driver-ops.h" 26#include "rate.h" 27 28#define IEEE80211_SCAN_INTERVAL (2 * HZ) 29#define IEEE80211_IBSS_JOIN_TIMEOUT (7 * HZ) 30 31#define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ) 32#define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ) 33#define IEEE80211_IBSS_RSN_INACTIVITY_LIMIT (10 * HZ) 34 35#define IEEE80211_IBSS_MAX_STA_ENTRIES 128 36 37static struct beacon_data * 38ieee80211_ibss_build_presp(struct ieee80211_sub_if_data *sdata, 39 const int beacon_int, const u32 basic_rates, 40 const u16 capability, u64 tsf, 41 struct cfg80211_chan_def *chandef, 42 bool *have_higher_than_11mbit, 43 struct cfg80211_csa_settings *csa_settings) 44{ 45 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 46 struct ieee80211_local *local = sdata->local; 47 int rates_n = 0, i, ri; 48 struct ieee80211_mgmt *mgmt; 49 u8 *pos; 50 struct ieee80211_supported_band *sband; 51 u32 rate_flags, rates = 0, rates_added = 0; 52 struct beacon_data *presp; 53 int frame_len; 54 int shift; 55 56 /* Build IBSS probe response */ 57 frame_len = sizeof(struct ieee80211_hdr_3addr) + 58 12 /* struct ieee80211_mgmt.u.beacon */ + 59 2 + IEEE80211_MAX_SSID_LEN /* max SSID */ + 60 2 + 8 /* max Supported Rates */ + 61 3 /* max DS params */ + 62 4 /* IBSS params */ + 63 5 /* Channel Switch Announcement */ + 64 2 + (IEEE80211_MAX_SUPP_RATES - 8) + 65 2 + sizeof(struct ieee80211_ht_cap) + 66 2 + sizeof(struct ieee80211_ht_operation) + 67 ifibss->ie_len; 68 presp = kzalloc(sizeof(*presp) + frame_len, GFP_KERNEL); 69 if (!presp) 70 return NULL; 71 72 presp->head = (void *)(presp + 1); 73 74 mgmt = (void *) presp->head; 75 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 76 IEEE80211_STYPE_PROBE_RESP); 77 eth_broadcast_addr(mgmt->da); 78 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN); 79 memcpy(mgmt->bssid, ifibss->bssid, ETH_ALEN); 80 mgmt->u.beacon.beacon_int = cpu_to_le16(beacon_int); 81 mgmt->u.beacon.timestamp = cpu_to_le64(tsf); 82 mgmt->u.beacon.capab_info = cpu_to_le16(capability); 83 84 pos = (u8 *)mgmt + offsetof(struct ieee80211_mgmt, u.beacon.variable); 85 86 *pos++ = WLAN_EID_SSID; 87 *pos++ = ifibss->ssid_len; 88 memcpy(pos, ifibss->ssid, ifibss->ssid_len); 89 pos += ifibss->ssid_len; 90 91 sband = local->hw.wiphy->bands[chandef->chan->band]; 92 rate_flags = ieee80211_chandef_rate_flags(chandef); 93 shift = ieee80211_chandef_get_shift(chandef); 94 rates_n = 0; 95 if (have_higher_than_11mbit) 96 *have_higher_than_11mbit = false; 97 98 for (i = 0; i < sband->n_bitrates; i++) { 99 if ((rate_flags & sband->bitrates[i].flags) != rate_flags) 100 continue; 101 if (sband->bitrates[i].bitrate > 110 && 102 have_higher_than_11mbit) 103 *have_higher_than_11mbit = true; 104 105 rates |= BIT(i); 106 rates_n++; 107 } 108 109 *pos++ = WLAN_EID_SUPP_RATES; 110 *pos++ = min_t(int, 8, rates_n); 111 for (ri = 0; ri < sband->n_bitrates; ri++) { 112 int rate = DIV_ROUND_UP(sband->bitrates[ri].bitrate, 113 5 * (1 << shift)); 114 u8 basic = 0; 115 if (!(rates & BIT(ri))) 116 continue; 117 118 if (basic_rates & BIT(ri)) 119 basic = 0x80; 120 *pos++ = basic | (u8) rate; 121 if (++rates_added == 8) { 122 ri++; /* continue at next rate for EXT_SUPP_RATES */ 123 break; 124 } 125 } 126 127 if (sband->band == IEEE80211_BAND_2GHZ) { 128 *pos++ = WLAN_EID_DS_PARAMS; 129 *pos++ = 1; 130 *pos++ = ieee80211_frequency_to_channel( 131 chandef->chan->center_freq); 132 } 133 134 *pos++ = WLAN_EID_IBSS_PARAMS; 135 *pos++ = 2; 136 /* FIX: set ATIM window based on scan results */ 137 *pos++ = 0; 138 *pos++ = 0; 139 140 if (csa_settings) { 141 *pos++ = WLAN_EID_CHANNEL_SWITCH; 142 *pos++ = 3; 143 *pos++ = csa_settings->block_tx ? 1 : 0; 144 *pos++ = ieee80211_frequency_to_channel( 145 csa_settings->chandef.chan->center_freq); 146 sdata->csa_counter_offset_beacon = (pos - presp->head); 147 *pos++ = csa_settings->count; 148 } 149 150 /* put the remaining rates in WLAN_EID_EXT_SUPP_RATES */ 151 if (rates_n > 8) { 152 *pos++ = WLAN_EID_EXT_SUPP_RATES; 153 *pos++ = rates_n - 8; 154 for (; ri < sband->n_bitrates; ri++) { 155 int rate = DIV_ROUND_UP(sband->bitrates[ri].bitrate, 156 5 * (1 << shift)); 157 u8 basic = 0; 158 if (!(rates & BIT(ri))) 159 continue; 160 161 if (basic_rates & BIT(ri)) 162 basic = 0x80; 163 *pos++ = basic | (u8) rate; 164 } 165 } 166 167 if (ifibss->ie_len) { 168 memcpy(pos, ifibss->ie, ifibss->ie_len); 169 pos += ifibss->ie_len; 170 } 171 172 /* add HT capability and information IEs */ 173 if (chandef->width != NL80211_CHAN_WIDTH_20_NOHT && 174 chandef->width != NL80211_CHAN_WIDTH_5 && 175 chandef->width != NL80211_CHAN_WIDTH_10 && 176 sband->ht_cap.ht_supported) { 177 struct ieee80211_sta_ht_cap ht_cap; 178 179 memcpy(&ht_cap, &sband->ht_cap, sizeof(ht_cap)); 180 ieee80211_apply_htcap_overrides(sdata, &ht_cap); 181 182 pos = ieee80211_ie_build_ht_cap(pos, &ht_cap, ht_cap.cap); 183 /* 184 * Note: According to 802.11n-2009 9.13.3.1, HT Protection 185 * field and RIFS Mode are reserved in IBSS mode, therefore 186 * keep them at 0 187 */ 188 pos = ieee80211_ie_build_ht_oper(pos, &sband->ht_cap, 189 chandef, 0); 190 } 191 192 if (local->hw.queues >= IEEE80211_NUM_ACS) { 193 *pos++ = WLAN_EID_VENDOR_SPECIFIC; 194 *pos++ = 7; /* len */ 195 *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */ 196 *pos++ = 0x50; 197 *pos++ = 0xf2; 198 *pos++ = 2; /* WME */ 199 *pos++ = 0; /* WME info */ 200 *pos++ = 1; /* WME ver */ 201 *pos++ = 0; /* U-APSD no in use */ 202 } 203 204 presp->head_len = pos - presp->head; 205 if (WARN_ON(presp->head_len > frame_len)) 206 goto error; 207 208 return presp; 209error: 210 kfree(presp); 211 return NULL; 212} 213 214static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata, 215 const u8 *bssid, const int beacon_int, 216 struct cfg80211_chan_def *req_chandef, 217 const u32 basic_rates, 218 const u16 capability, u64 tsf, 219 bool creator) 220{ 221 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 222 struct ieee80211_local *local = sdata->local; 223 struct ieee80211_mgmt *mgmt; 224 struct cfg80211_bss *bss; 225 u32 bss_change; 226 struct cfg80211_chan_def chandef; 227 struct ieee80211_channel *chan; 228 struct beacon_data *presp; 229 enum nl80211_bss_scan_width scan_width; 230 bool have_higher_than_11mbit; 231 bool radar_required; 232 int err; 233 234 sdata_assert_lock(sdata); 235 236 /* Reset own TSF to allow time synchronization work. */ 237 drv_reset_tsf(local, sdata); 238 239 if (!ether_addr_equal(ifibss->bssid, bssid)) 240 sta_info_flush(sdata); 241 242 /* if merging, indicate to driver that we leave the old IBSS */ 243 if (sdata->vif.bss_conf.ibss_joined) { 244 sdata->vif.bss_conf.ibss_joined = false; 245 sdata->vif.bss_conf.ibss_creator = false; 246 sdata->vif.bss_conf.enable_beacon = false; 247 netif_carrier_off(sdata->dev); 248 ieee80211_bss_info_change_notify(sdata, 249 BSS_CHANGED_IBSS | 250 BSS_CHANGED_BEACON_ENABLED); 251 drv_leave_ibss(local, sdata); 252 } 253 254 presp = rcu_dereference_protected(ifibss->presp, 255 lockdep_is_held(&sdata->wdev.mtx)); 256 RCU_INIT_POINTER(ifibss->presp, NULL); 257 if (presp) 258 kfree_rcu(presp, rcu_head); 259 260 sdata->drop_unencrypted = capability & WLAN_CAPABILITY_PRIVACY ? 1 : 0; 261 262 /* make a copy of the chandef, it could be modified below. */ 263 chandef = *req_chandef; 264 chan = chandef.chan; 265 if (!cfg80211_reg_can_beacon(local->hw.wiphy, &chandef, 266 NL80211_IFTYPE_ADHOC)) { 267 if (chandef.width == NL80211_CHAN_WIDTH_5 || 268 chandef.width == NL80211_CHAN_WIDTH_10 || 269 chandef.width == NL80211_CHAN_WIDTH_20_NOHT || 270 chandef.width == NL80211_CHAN_WIDTH_20) { 271 sdata_info(sdata, 272 "Failed to join IBSS, beacons forbidden\n"); 273 return; 274 } 275 chandef.width = NL80211_CHAN_WIDTH_20; 276 chandef.center_freq1 = chan->center_freq; 277 /* check again for downgraded chandef */ 278 if (!cfg80211_reg_can_beacon(local->hw.wiphy, &chandef, 279 NL80211_IFTYPE_ADHOC)) { 280 sdata_info(sdata, 281 "Failed to join IBSS, beacons forbidden\n"); 282 return; 283 } 284 } 285 286 err = cfg80211_chandef_dfs_required(sdata->local->hw.wiphy, 287 &chandef, NL80211_IFTYPE_ADHOC); 288 if (err < 0) { 289 sdata_info(sdata, 290 "Failed to join IBSS, invalid chandef\n"); 291 return; 292 } 293 if (err > 0 && !ifibss->userspace_handles_dfs) { 294 sdata_info(sdata, 295 "Failed to join IBSS, DFS channel without control program\n"); 296 return; 297 } 298 299 radar_required = err; 300 301 mutex_lock(&local->mtx); 302 if (ieee80211_vif_use_channel(sdata, &chandef, 303 ifibss->fixed_channel ? 304 IEEE80211_CHANCTX_SHARED : 305 IEEE80211_CHANCTX_EXCLUSIVE)) { 306 sdata_info(sdata, "Failed to join IBSS, no channel context\n"); 307 mutex_unlock(&local->mtx); 308 return; 309 } 310 sdata->radar_required = radar_required; 311 mutex_unlock(&local->mtx); 312 313 memcpy(ifibss->bssid, bssid, ETH_ALEN); 314 315 presp = ieee80211_ibss_build_presp(sdata, beacon_int, basic_rates, 316 capability, tsf, &chandef, 317 &have_higher_than_11mbit, NULL); 318 if (!presp) 319 return; 320 321 rcu_assign_pointer(ifibss->presp, presp); 322 mgmt = (void *)presp->head; 323 324 sdata->vif.bss_conf.enable_beacon = true; 325 sdata->vif.bss_conf.beacon_int = beacon_int; 326 sdata->vif.bss_conf.basic_rates = basic_rates; 327 sdata->vif.bss_conf.ssid_len = ifibss->ssid_len; 328 memcpy(sdata->vif.bss_conf.ssid, ifibss->ssid, ifibss->ssid_len); 329 bss_change = BSS_CHANGED_BEACON_INT; 330 bss_change |= ieee80211_reset_erp_info(sdata); 331 bss_change |= BSS_CHANGED_BSSID; 332 bss_change |= BSS_CHANGED_BEACON; 333 bss_change |= BSS_CHANGED_BEACON_ENABLED; 334 bss_change |= BSS_CHANGED_BASIC_RATES; 335 bss_change |= BSS_CHANGED_HT; 336 bss_change |= BSS_CHANGED_IBSS; 337 bss_change |= BSS_CHANGED_SSID; 338 339 /* 340 * In 5 GHz/802.11a, we can always use short slot time. 341 * (IEEE 802.11-2012 18.3.8.7) 342 * 343 * In 2.4GHz, we must always use long slots in IBSS for compatibility 344 * reasons. 345 * (IEEE 802.11-2012 19.4.5) 346 * 347 * HT follows these specifications (IEEE 802.11-2012 20.3.18) 348 */ 349 sdata->vif.bss_conf.use_short_slot = chan->band == IEEE80211_BAND_5GHZ; 350 bss_change |= BSS_CHANGED_ERP_SLOT; 351 352 /* cf. IEEE 802.11 9.2.12 */ 353 if (chan->band == IEEE80211_BAND_2GHZ && have_higher_than_11mbit) 354 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE; 355 else 356 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE; 357 358 ieee80211_set_wmm_default(sdata, true); 359 360 sdata->vif.bss_conf.ibss_joined = true; 361 sdata->vif.bss_conf.ibss_creator = creator; 362 363 err = drv_join_ibss(local, sdata); 364 if (err) { 365 sdata->vif.bss_conf.ibss_joined = false; 366 sdata->vif.bss_conf.ibss_creator = false; 367 sdata->vif.bss_conf.enable_beacon = false; 368 sdata->vif.bss_conf.ssid_len = 0; 369 RCU_INIT_POINTER(ifibss->presp, NULL); 370 kfree_rcu(presp, rcu_head); 371 mutex_lock(&local->mtx); 372 ieee80211_vif_release_channel(sdata); 373 mutex_unlock(&local->mtx); 374 sdata_info(sdata, "Failed to join IBSS, driver failure: %d\n", 375 err); 376 return; 377 } 378 379 ieee80211_bss_info_change_notify(sdata, bss_change); 380 381 ifibss->state = IEEE80211_IBSS_MLME_JOINED; 382 mod_timer(&ifibss->timer, 383 round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL)); 384 385 scan_width = cfg80211_chandef_to_scan_width(&chandef); 386 bss = cfg80211_inform_bss_width_frame(local->hw.wiphy, chan, 387 scan_width, mgmt, 388 presp->head_len, 0, GFP_KERNEL); 389 cfg80211_put_bss(local->hw.wiphy, bss); 390 netif_carrier_on(sdata->dev); 391 cfg80211_ibss_joined(sdata->dev, ifibss->bssid, chan, GFP_KERNEL); 392} 393 394static void ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata, 395 struct ieee80211_bss *bss) 396{ 397 struct cfg80211_bss *cbss = 398 container_of((void *)bss, struct cfg80211_bss, priv); 399 struct ieee80211_supported_band *sband; 400 struct cfg80211_chan_def chandef; 401 u32 basic_rates; 402 int i, j; 403 u16 beacon_int = cbss->beacon_interval; 404 const struct cfg80211_bss_ies *ies; 405 enum nl80211_channel_type chan_type; 406 u64 tsf; 407 u32 rate_flags; 408 int shift; 409 410 sdata_assert_lock(sdata); 411 412 if (beacon_int < 10) 413 beacon_int = 10; 414 415 switch (sdata->u.ibss.chandef.width) { 416 case NL80211_CHAN_WIDTH_20_NOHT: 417 case NL80211_CHAN_WIDTH_20: 418 case NL80211_CHAN_WIDTH_40: 419 chan_type = cfg80211_get_chandef_type(&sdata->u.ibss.chandef); 420 cfg80211_chandef_create(&chandef, cbss->channel, chan_type); 421 break; 422 case NL80211_CHAN_WIDTH_5: 423 case NL80211_CHAN_WIDTH_10: 424 cfg80211_chandef_create(&chandef, cbss->channel, 425 NL80211_CHAN_WIDTH_20_NOHT); 426 chandef.width = sdata->u.ibss.chandef.width; 427 break; 428 default: 429 /* fall back to 20 MHz for unsupported modes */ 430 cfg80211_chandef_create(&chandef, cbss->channel, 431 NL80211_CHAN_WIDTH_20_NOHT); 432 break; 433 } 434 435 sband = sdata->local->hw.wiphy->bands[cbss->channel->band]; 436 rate_flags = ieee80211_chandef_rate_flags(&sdata->u.ibss.chandef); 437 shift = ieee80211_vif_get_shift(&sdata->vif); 438 439 basic_rates = 0; 440 441 for (i = 0; i < bss->supp_rates_len; i++) { 442 int rate = bss->supp_rates[i] & 0x7f; 443 bool is_basic = !!(bss->supp_rates[i] & 0x80); 444 445 for (j = 0; j < sband->n_bitrates; j++) { 446 int brate; 447 if ((rate_flags & sband->bitrates[j].flags) 448 != rate_flags) 449 continue; 450 451 brate = DIV_ROUND_UP(sband->bitrates[j].bitrate, 452 5 * (1 << shift)); 453 if (brate == rate) { 454 if (is_basic) 455 basic_rates |= BIT(j); 456 break; 457 } 458 } 459 } 460 461 rcu_read_lock(); 462 ies = rcu_dereference(cbss->ies); 463 tsf = ies->tsf; 464 rcu_read_unlock(); 465 466 __ieee80211_sta_join_ibss(sdata, cbss->bssid, 467 beacon_int, 468 &chandef, 469 basic_rates, 470 cbss->capability, 471 tsf, false); 472} 473 474int ieee80211_ibss_csa_beacon(struct ieee80211_sub_if_data *sdata, 475 struct cfg80211_csa_settings *csa_settings) 476{ 477 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 478 struct beacon_data *presp, *old_presp; 479 struct cfg80211_bss *cbss; 480 const struct cfg80211_bss_ies *ies; 481 u16 capability; 482 u64 tsf; 483 int ret = 0; 484 485 sdata_assert_lock(sdata); 486 487 capability = WLAN_CAPABILITY_IBSS; 488 489 if (ifibss->privacy) 490 capability |= WLAN_CAPABILITY_PRIVACY; 491 492 cbss = cfg80211_get_bss(sdata->local->hw.wiphy, ifibss->chandef.chan, 493 ifibss->bssid, ifibss->ssid, 494 ifibss->ssid_len, WLAN_CAPABILITY_IBSS | 495 WLAN_CAPABILITY_PRIVACY, 496 capability); 497 498 if (WARN_ON(!cbss)) { 499 ret = -EINVAL; 500 goto out; 501 } 502 503 rcu_read_lock(); 504 ies = rcu_dereference(cbss->ies); 505 tsf = ies->tsf; 506 rcu_read_unlock(); 507 cfg80211_put_bss(sdata->local->hw.wiphy, cbss); 508 509 old_presp = rcu_dereference_protected(ifibss->presp, 510 lockdep_is_held(&sdata->wdev.mtx)); 511 512 presp = ieee80211_ibss_build_presp(sdata, 513 sdata->vif.bss_conf.beacon_int, 514 sdata->vif.bss_conf.basic_rates, 515 capability, tsf, &ifibss->chandef, 516 NULL, csa_settings); 517 if (!presp) { 518 ret = -ENOMEM; 519 goto out; 520 } 521 522 rcu_assign_pointer(ifibss->presp, presp); 523 if (old_presp) 524 kfree_rcu(old_presp, rcu_head); 525 526 return BSS_CHANGED_BEACON; 527 out: 528 return ret; 529} 530 531int ieee80211_ibss_finish_csa(struct ieee80211_sub_if_data *sdata) 532{ 533 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 534 struct cfg80211_bss *cbss; 535 int err, changed = 0; 536 u16 capability; 537 538 sdata_assert_lock(sdata); 539 540 /* update cfg80211 bss information with the new channel */ 541 if (!is_zero_ether_addr(ifibss->bssid)) { 542 capability = WLAN_CAPABILITY_IBSS; 543 544 if (ifibss->privacy) 545 capability |= WLAN_CAPABILITY_PRIVACY; 546 547 cbss = cfg80211_get_bss(sdata->local->hw.wiphy, 548 ifibss->chandef.chan, 549 ifibss->bssid, ifibss->ssid, 550 ifibss->ssid_len, WLAN_CAPABILITY_IBSS | 551 WLAN_CAPABILITY_PRIVACY, 552 capability); 553 /* XXX: should not really modify cfg80211 data */ 554 if (cbss) { 555 cbss->channel = sdata->csa_chandef.chan; 556 cfg80211_put_bss(sdata->local->hw.wiphy, cbss); 557 } 558 } 559 560 ifibss->chandef = sdata->csa_chandef; 561 562 /* generate the beacon */ 563 err = ieee80211_ibss_csa_beacon(sdata, NULL); 564 if (err < 0) 565 return err; 566 567 changed |= err; 568 569 return changed; 570} 571 572void ieee80211_ibss_stop(struct ieee80211_sub_if_data *sdata) 573{ 574 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 575 576 cancel_work_sync(&ifibss->csa_connection_drop_work); 577} 578 579static struct sta_info *ieee80211_ibss_finish_sta(struct sta_info *sta) 580 __acquires(RCU) 581{ 582 struct ieee80211_sub_if_data *sdata = sta->sdata; 583 u8 addr[ETH_ALEN]; 584 585 memcpy(addr, sta->sta.addr, ETH_ALEN); 586 587 ibss_dbg(sdata, "Adding new IBSS station %pM\n", addr); 588 589 sta_info_pre_move_state(sta, IEEE80211_STA_AUTH); 590 sta_info_pre_move_state(sta, IEEE80211_STA_ASSOC); 591 /* authorize the station only if the network is not RSN protected. If 592 * not wait for the userspace to authorize it */ 593 if (!sta->sdata->u.ibss.control_port) 594 sta_info_pre_move_state(sta, IEEE80211_STA_AUTHORIZED); 595 596 rate_control_rate_init(sta); 597 598 /* If it fails, maybe we raced another insertion? */ 599 if (sta_info_insert_rcu(sta)) 600 return sta_info_get(sdata, addr); 601 return sta; 602} 603 604static struct sta_info * 605ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata, const u8 *bssid, 606 const u8 *addr, u32 supp_rates) 607 __acquires(RCU) 608{ 609 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 610 struct ieee80211_local *local = sdata->local; 611 struct sta_info *sta; 612 struct ieee80211_chanctx_conf *chanctx_conf; 613 struct ieee80211_supported_band *sband; 614 enum nl80211_bss_scan_width scan_width; 615 int band; 616 617 /* 618 * XXX: Consider removing the least recently used entry and 619 * allow new one to be added. 620 */ 621 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) { 622 net_info_ratelimited("%s: No room for a new IBSS STA entry %pM\n", 623 sdata->name, addr); 624 rcu_read_lock(); 625 return NULL; 626 } 627 628 if (ifibss->state == IEEE80211_IBSS_MLME_SEARCH) { 629 rcu_read_lock(); 630 return NULL; 631 } 632 633 if (!ether_addr_equal(bssid, sdata->u.ibss.bssid)) { 634 rcu_read_lock(); 635 return NULL; 636 } 637 638 rcu_read_lock(); 639 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf); 640 if (WARN_ON_ONCE(!chanctx_conf)) 641 return NULL; 642 band = chanctx_conf->def.chan->band; 643 scan_width = cfg80211_chandef_to_scan_width(&chanctx_conf->def); 644 rcu_read_unlock(); 645 646 sta = sta_info_alloc(sdata, addr, GFP_KERNEL); 647 if (!sta) { 648 rcu_read_lock(); 649 return NULL; 650 } 651 652 sta->last_rx = jiffies; 653 654 /* make sure mandatory rates are always added */ 655 sband = local->hw.wiphy->bands[band]; 656 sta->sta.supp_rates[band] = supp_rates | 657 ieee80211_mandatory_rates(sband, scan_width); 658 659 return ieee80211_ibss_finish_sta(sta); 660} 661 662static int ieee80211_sta_active_ibss(struct ieee80211_sub_if_data *sdata) 663{ 664 struct ieee80211_local *local = sdata->local; 665 int active = 0; 666 struct sta_info *sta; 667 668 sdata_assert_lock(sdata); 669 670 rcu_read_lock(); 671 672 list_for_each_entry_rcu(sta, &local->sta_list, list) { 673 if (sta->sdata == sdata && 674 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL, 675 jiffies)) { 676 active++; 677 break; 678 } 679 } 680 681 rcu_read_unlock(); 682 683 return active; 684} 685 686static void ieee80211_ibss_disconnect(struct ieee80211_sub_if_data *sdata) 687{ 688 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 689 struct ieee80211_local *local = sdata->local; 690 struct cfg80211_bss *cbss; 691 struct beacon_data *presp; 692 struct sta_info *sta; 693 u16 capability; 694 695 if (!is_zero_ether_addr(ifibss->bssid)) { 696 capability = WLAN_CAPABILITY_IBSS; 697 698 if (ifibss->privacy) 699 capability |= WLAN_CAPABILITY_PRIVACY; 700 701 cbss = cfg80211_get_bss(local->hw.wiphy, ifibss->chandef.chan, 702 ifibss->bssid, ifibss->ssid, 703 ifibss->ssid_len, WLAN_CAPABILITY_IBSS | 704 WLAN_CAPABILITY_PRIVACY, 705 capability); 706 707 if (cbss) { 708 cfg80211_unlink_bss(local->hw.wiphy, cbss); 709 cfg80211_put_bss(sdata->local->hw.wiphy, cbss); 710 } 711 } 712 713 ifibss->state = IEEE80211_IBSS_MLME_SEARCH; 714 715 sta_info_flush(sdata); 716 717 spin_lock_bh(&ifibss->incomplete_lock); 718 while (!list_empty(&ifibss->incomplete_stations)) { 719 sta = list_first_entry(&ifibss->incomplete_stations, 720 struct sta_info, list); 721 list_del(&sta->list); 722 spin_unlock_bh(&ifibss->incomplete_lock); 723 724 sta_info_free(local, sta); 725 spin_lock_bh(&ifibss->incomplete_lock); 726 } 727 spin_unlock_bh(&ifibss->incomplete_lock); 728 729 netif_carrier_off(sdata->dev); 730 731 sdata->vif.bss_conf.ibss_joined = false; 732 sdata->vif.bss_conf.ibss_creator = false; 733 sdata->vif.bss_conf.enable_beacon = false; 734 sdata->vif.bss_conf.ssid_len = 0; 735 736 /* remove beacon */ 737 presp = rcu_dereference_protected(ifibss->presp, 738 lockdep_is_held(&sdata->wdev.mtx)); 739 RCU_INIT_POINTER(sdata->u.ibss.presp, NULL); 740 if (presp) 741 kfree_rcu(presp, rcu_head); 742 743 clear_bit(SDATA_STATE_OFFCHANNEL_BEACON_STOPPED, &sdata->state); 744 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED | 745 BSS_CHANGED_IBSS); 746 drv_leave_ibss(local, sdata); 747 mutex_lock(&local->mtx); 748 ieee80211_vif_release_channel(sdata); 749 mutex_unlock(&local->mtx); 750} 751 752static void ieee80211_csa_connection_drop_work(struct work_struct *work) 753{ 754 struct ieee80211_sub_if_data *sdata = 755 container_of(work, struct ieee80211_sub_if_data, 756 u.ibss.csa_connection_drop_work); 757 758 sdata_lock(sdata); 759 760 ieee80211_ibss_disconnect(sdata); 761 synchronize_rcu(); 762 skb_queue_purge(&sdata->skb_queue); 763 764 /* trigger a scan to find another IBSS network to join */ 765 ieee80211_queue_work(&sdata->local->hw, &sdata->work); 766 767 sdata_unlock(sdata); 768} 769 770static void ieee80211_ibss_csa_mark_radar(struct ieee80211_sub_if_data *sdata) 771{ 772 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 773 int err; 774 775 /* if the current channel is a DFS channel, mark the channel as 776 * unavailable. 777 */ 778 err = cfg80211_chandef_dfs_required(sdata->local->hw.wiphy, 779 &ifibss->chandef, 780 NL80211_IFTYPE_ADHOC); 781 if (err > 0) 782 cfg80211_radar_event(sdata->local->hw.wiphy, &ifibss->chandef, 783 GFP_ATOMIC); 784} 785 786static bool 787ieee80211_ibss_process_chanswitch(struct ieee80211_sub_if_data *sdata, 788 struct ieee802_11_elems *elems, 789 bool beacon) 790{ 791 struct cfg80211_csa_settings params; 792 struct ieee80211_csa_ie csa_ie; 793 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 794 enum nl80211_channel_type ch_type; 795 int err; 796 u32 sta_flags; 797 798 sdata_assert_lock(sdata); 799 800 sta_flags = IEEE80211_STA_DISABLE_VHT; 801 switch (ifibss->chandef.width) { 802 case NL80211_CHAN_WIDTH_5: 803 case NL80211_CHAN_WIDTH_10: 804 case NL80211_CHAN_WIDTH_20_NOHT: 805 sta_flags |= IEEE80211_STA_DISABLE_HT; 806 /* fall through */ 807 case NL80211_CHAN_WIDTH_20: 808 sta_flags |= IEEE80211_STA_DISABLE_40MHZ; 809 break; 810 default: 811 break; 812 } 813 814 memset(¶ms, 0, sizeof(params)); 815 memset(&csa_ie, 0, sizeof(csa_ie)); 816 err = ieee80211_parse_ch_switch_ie(sdata, elems, beacon, 817 ifibss->chandef.chan->band, 818 sta_flags, ifibss->bssid, &csa_ie); 819 /* can't switch to destination channel, fail */ 820 if (err < 0) 821 goto disconnect; 822 823 /* did not contain a CSA */ 824 if (err) 825 return false; 826 827 /* channel switch is not supported, disconnect */ 828 if (!(sdata->local->hw.wiphy->flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH)) 829 goto disconnect; 830 831 params.count = csa_ie.count; 832 params.chandef = csa_ie.chandef; 833 834 switch (ifibss->chandef.width) { 835 case NL80211_CHAN_WIDTH_20_NOHT: 836 case NL80211_CHAN_WIDTH_20: 837 case NL80211_CHAN_WIDTH_40: 838 /* keep our current HT mode (HT20/HT40+/HT40-), even if 839 * another mode has been announced. The mode is not adopted 840 * within the beacon while doing CSA and we should therefore 841 * keep the mode which we announce. 842 */ 843 ch_type = cfg80211_get_chandef_type(&ifibss->chandef); 844 cfg80211_chandef_create(¶ms.chandef, params.chandef.chan, 845 ch_type); 846 break; 847 case NL80211_CHAN_WIDTH_5: 848 case NL80211_CHAN_WIDTH_10: 849 if (params.chandef.width != ifibss->chandef.width) { 850 sdata_info(sdata, 851 "IBSS %pM received channel switch from incompatible channel width (%d MHz, width:%d, CF1/2: %d/%d MHz), disconnecting\n", 852 ifibss->bssid, 853 params.chandef.chan->center_freq, 854 params.chandef.width, 855 params.chandef.center_freq1, 856 params.chandef.center_freq2); 857 goto disconnect; 858 } 859 break; 860 default: 861 /* should not happen, sta_flags should prevent VHT modes. */ 862 WARN_ON(1); 863 goto disconnect; 864 } 865 866 if (!cfg80211_reg_can_beacon(sdata->local->hw.wiphy, ¶ms.chandef, 867 NL80211_IFTYPE_ADHOC)) { 868 sdata_info(sdata, 869 "IBSS %pM switches to unsupported channel (%d MHz, width:%d, CF1/2: %d/%d MHz), disconnecting\n", 870 ifibss->bssid, 871 params.chandef.chan->center_freq, 872 params.chandef.width, 873 params.chandef.center_freq1, 874 params.chandef.center_freq2); 875 goto disconnect; 876 } 877 878 err = cfg80211_chandef_dfs_required(sdata->local->hw.wiphy, 879 ¶ms.chandef, 880 NL80211_IFTYPE_ADHOC); 881 if (err < 0) 882 goto disconnect; 883 if (err > 0 && !ifibss->userspace_handles_dfs) { 884 /* IBSS-DFS only allowed with a control program */ 885 goto disconnect; 886 } 887 888 params.radar_required = err; 889 890 if (cfg80211_chandef_identical(¶ms.chandef, 891 &sdata->vif.bss_conf.chandef)) { 892 ibss_dbg(sdata, 893 "received csa with an identical chandef, ignoring\n"); 894 return true; 895 } 896 897 /* all checks done, now perform the channel switch. */ 898 ibss_dbg(sdata, 899 "received channel switch announcement to go to channel %d MHz\n", 900 params.chandef.chan->center_freq); 901 902 params.block_tx = !!csa_ie.mode; 903 904 if (ieee80211_channel_switch(sdata->local->hw.wiphy, sdata->dev, 905 ¶ms)) 906 goto disconnect; 907 908 ieee80211_ibss_csa_mark_radar(sdata); 909 910 return true; 911disconnect: 912 ibss_dbg(sdata, "Can't handle channel switch, disconnect\n"); 913 ieee80211_queue_work(&sdata->local->hw, 914 &ifibss->csa_connection_drop_work); 915 916 ieee80211_ibss_csa_mark_radar(sdata); 917 918 return true; 919} 920 921static void 922ieee80211_rx_mgmt_spectrum_mgmt(struct ieee80211_sub_if_data *sdata, 923 struct ieee80211_mgmt *mgmt, size_t len, 924 struct ieee80211_rx_status *rx_status, 925 struct ieee802_11_elems *elems) 926{ 927 int required_len; 928 929 if (len < IEEE80211_MIN_ACTION_SIZE + 1) 930 return; 931 932 /* CSA is the only action we handle for now */ 933 if (mgmt->u.action.u.measurement.action_code != 934 WLAN_ACTION_SPCT_CHL_SWITCH) 935 return; 936 937 required_len = IEEE80211_MIN_ACTION_SIZE + 938 sizeof(mgmt->u.action.u.chan_switch); 939 if (len < required_len) 940 return; 941 942 if (!sdata->vif.csa_active) 943 ieee80211_ibss_process_chanswitch(sdata, elems, false); 944} 945 946static void ieee80211_rx_mgmt_deauth_ibss(struct ieee80211_sub_if_data *sdata, 947 struct ieee80211_mgmt *mgmt, 948 size_t len) 949{ 950 u16 reason = le16_to_cpu(mgmt->u.deauth.reason_code); 951 952 if (len < IEEE80211_DEAUTH_FRAME_LEN) 953 return; 954 955 ibss_dbg(sdata, "RX DeAuth SA=%pM DA=%pM BSSID=%pM (reason: %d)\n", 956 mgmt->sa, mgmt->da, mgmt->bssid, reason); 957 sta_info_destroy_addr(sdata, mgmt->sa); 958} 959 960static void ieee80211_rx_mgmt_auth_ibss(struct ieee80211_sub_if_data *sdata, 961 struct ieee80211_mgmt *mgmt, 962 size_t len) 963{ 964 u16 auth_alg, auth_transaction; 965 966 sdata_assert_lock(sdata); 967 968 if (len < 24 + 6) 969 return; 970 971 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg); 972 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction); 973 974 ibss_dbg(sdata, 975 "RX Auth SA=%pM DA=%pM BSSID=%pM (auth_transaction=%d)\n", 976 mgmt->sa, mgmt->da, mgmt->bssid, auth_transaction); 977 978 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1) 979 return; 980 981 /* 982 * IEEE 802.11 standard does not require authentication in IBSS 983 * networks and most implementations do not seem to use it. 984 * However, try to reply to authentication attempts if someone 985 * has actually implemented this. 986 */ 987 ieee80211_send_auth(sdata, 2, WLAN_AUTH_OPEN, 0, NULL, 0, 988 mgmt->sa, sdata->u.ibss.bssid, NULL, 0, 0, 0); 989} 990 991static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata, 992 struct ieee80211_mgmt *mgmt, size_t len, 993 struct ieee80211_rx_status *rx_status, 994 struct ieee802_11_elems *elems) 995{ 996 struct ieee80211_local *local = sdata->local; 997 struct cfg80211_bss *cbss; 998 struct ieee80211_bss *bss; 999 struct sta_info *sta; 1000 struct ieee80211_channel *channel; 1001 u64 beacon_timestamp, rx_timestamp; 1002 u32 supp_rates = 0; 1003 enum ieee80211_band band = rx_status->band; 1004 enum nl80211_bss_scan_width scan_width; 1005 struct ieee80211_supported_band *sband = local->hw.wiphy->bands[band]; 1006 bool rates_updated = false; 1007 1008 channel = ieee80211_get_channel(local->hw.wiphy, rx_status->freq); 1009 if (!channel) 1010 return; 1011 1012 if (sdata->vif.type == NL80211_IFTYPE_ADHOC && 1013 ether_addr_equal(mgmt->bssid, sdata->u.ibss.bssid)) { 1014 1015 rcu_read_lock(); 1016 sta = sta_info_get(sdata, mgmt->sa); 1017 1018 if (elems->supp_rates) { 1019 supp_rates = ieee80211_sta_get_rates(sdata, elems, 1020 band, NULL); 1021 if (sta) { 1022 u32 prev_rates; 1023 1024 prev_rates = sta->sta.supp_rates[band]; 1025 /* make sure mandatory rates are always added */ 1026 scan_width = NL80211_BSS_CHAN_WIDTH_20; 1027 if (rx_status->flag & RX_FLAG_5MHZ) 1028 scan_width = NL80211_BSS_CHAN_WIDTH_5; 1029 if (rx_status->flag & RX_FLAG_10MHZ) 1030 scan_width = NL80211_BSS_CHAN_WIDTH_10; 1031 1032 sta->sta.supp_rates[band] = supp_rates | 1033 ieee80211_mandatory_rates(sband, 1034 scan_width); 1035 if (sta->sta.supp_rates[band] != prev_rates) { 1036 ibss_dbg(sdata, 1037 "updated supp_rates set for %pM based on beacon/probe_resp (0x%x -> 0x%x)\n", 1038 sta->sta.addr, prev_rates, 1039 sta->sta.supp_rates[band]); 1040 rates_updated = true; 1041 } 1042 } else { 1043 rcu_read_unlock(); 1044 sta = ieee80211_ibss_add_sta(sdata, mgmt->bssid, 1045 mgmt->sa, supp_rates); 1046 } 1047 } 1048 1049 if (sta && elems->wmm_info) 1050 set_sta_flag(sta, WLAN_STA_WME); 1051 1052 if (sta && elems->ht_operation && elems->ht_cap_elem && 1053 sdata->u.ibss.chandef.width != NL80211_CHAN_WIDTH_20_NOHT && 1054 sdata->u.ibss.chandef.width != NL80211_CHAN_WIDTH_5 && 1055 sdata->u.ibss.chandef.width != NL80211_CHAN_WIDTH_10) { 1056 /* we both use HT */ 1057 struct ieee80211_ht_cap htcap_ie; 1058 struct cfg80211_chan_def chandef; 1059 1060 ieee80211_ht_oper_to_chandef(channel, 1061 elems->ht_operation, 1062 &chandef); 1063 1064 memcpy(&htcap_ie, elems->ht_cap_elem, sizeof(htcap_ie)); 1065 1066 /* 1067 * fall back to HT20 if we don't use or use 1068 * the other extension channel 1069 */ 1070 if (chandef.center_freq1 != 1071 sdata->u.ibss.chandef.center_freq1) 1072 htcap_ie.cap_info &= 1073 cpu_to_le16(~IEEE80211_HT_CAP_SUP_WIDTH_20_40); 1074 1075 rates_updated |= ieee80211_ht_cap_ie_to_sta_ht_cap( 1076 sdata, sband, &htcap_ie, sta); 1077 } 1078 1079 if (sta && rates_updated) { 1080 drv_sta_rc_update(local, sdata, &sta->sta, 1081 IEEE80211_RC_SUPP_RATES_CHANGED); 1082 rate_control_rate_init(sta); 1083 } 1084 1085 rcu_read_unlock(); 1086 } 1087 1088 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems, 1089 channel); 1090 if (!bss) 1091 return; 1092 1093 cbss = container_of((void *)bss, struct cfg80211_bss, priv); 1094 1095 /* same for beacon and probe response */ 1096 beacon_timestamp = le64_to_cpu(mgmt->u.beacon.timestamp); 1097 1098 /* check if we need to merge IBSS */ 1099 1100 /* not an IBSS */ 1101 if (!(cbss->capability & WLAN_CAPABILITY_IBSS)) 1102 goto put_bss; 1103 1104 /* different channel */ 1105 if (sdata->u.ibss.fixed_channel && 1106 sdata->u.ibss.chandef.chan != cbss->channel) 1107 goto put_bss; 1108 1109 /* different SSID */ 1110 if (elems->ssid_len != sdata->u.ibss.ssid_len || 1111 memcmp(elems->ssid, sdata->u.ibss.ssid, 1112 sdata->u.ibss.ssid_len)) 1113 goto put_bss; 1114 1115 /* process channel switch */ 1116 if (sdata->vif.csa_active || 1117 ieee80211_ibss_process_chanswitch(sdata, elems, true)) 1118 goto put_bss; 1119 1120 /* same BSSID */ 1121 if (ether_addr_equal(cbss->bssid, sdata->u.ibss.bssid)) 1122 goto put_bss; 1123 1124 /* we use a fixed BSSID */ 1125 if (sdata->u.ibss.fixed_bssid) 1126 goto put_bss; 1127 1128 if (ieee80211_have_rx_timestamp(rx_status)) { 1129 /* time when timestamp field was received */ 1130 rx_timestamp = 1131 ieee80211_calculate_rx_timestamp(local, rx_status, 1132 len + FCS_LEN, 24); 1133 } else { 1134 /* 1135 * second best option: get current TSF 1136 * (will return -1 if not supported) 1137 */ 1138 rx_timestamp = drv_get_tsf(local, sdata); 1139 } 1140 1141 ibss_dbg(sdata, 1142 "RX beacon SA=%pM BSSID=%pM TSF=0x%llx BCN=0x%llx diff=%lld @%lu\n", 1143 mgmt->sa, mgmt->bssid, 1144 (unsigned long long)rx_timestamp, 1145 (unsigned long long)beacon_timestamp, 1146 (unsigned long long)(rx_timestamp - beacon_timestamp), 1147 jiffies); 1148 1149 if (beacon_timestamp > rx_timestamp) { 1150 ibss_dbg(sdata, 1151 "beacon TSF higher than local TSF - IBSS merge with BSSID %pM\n", 1152 mgmt->bssid); 1153 ieee80211_sta_join_ibss(sdata, bss); 1154 supp_rates = ieee80211_sta_get_rates(sdata, elems, band, NULL); 1155 ieee80211_ibss_add_sta(sdata, mgmt->bssid, mgmt->sa, 1156 supp_rates); 1157 rcu_read_unlock(); 1158 } 1159 1160 put_bss: 1161 ieee80211_rx_bss_put(local, bss); 1162} 1163 1164void ieee80211_ibss_rx_no_sta(struct ieee80211_sub_if_data *sdata, 1165 const u8 *bssid, const u8 *addr, 1166 u32 supp_rates) 1167{ 1168 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 1169 struct ieee80211_local *local = sdata->local; 1170 struct sta_info *sta; 1171 struct ieee80211_chanctx_conf *chanctx_conf; 1172 struct ieee80211_supported_band *sband; 1173 enum nl80211_bss_scan_width scan_width; 1174 int band; 1175 1176 /* 1177 * XXX: Consider removing the least recently used entry and 1178 * allow new one to be added. 1179 */ 1180 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) { 1181 net_info_ratelimited("%s: No room for a new IBSS STA entry %pM\n", 1182 sdata->name, addr); 1183 return; 1184 } 1185 1186 if (ifibss->state == IEEE80211_IBSS_MLME_SEARCH) 1187 return; 1188 1189 if (!ether_addr_equal(bssid, sdata->u.ibss.bssid)) 1190 return; 1191 1192 rcu_read_lock(); 1193 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf); 1194 if (WARN_ON_ONCE(!chanctx_conf)) { 1195 rcu_read_unlock(); 1196 return; 1197 } 1198 band = chanctx_conf->def.chan->band; 1199 scan_width = cfg80211_chandef_to_scan_width(&chanctx_conf->def); 1200 rcu_read_unlock(); 1201 1202 sta = sta_info_alloc(sdata, addr, GFP_ATOMIC); 1203 if (!sta) 1204 return; 1205 1206 sta->last_rx = jiffies; 1207 1208 /* make sure mandatory rates are always added */ 1209 sband = local->hw.wiphy->bands[band]; 1210 sta->sta.supp_rates[band] = supp_rates | 1211 ieee80211_mandatory_rates(sband, scan_width); 1212 1213 spin_lock(&ifibss->incomplete_lock); 1214 list_add(&sta->list, &ifibss->incomplete_stations); 1215 spin_unlock(&ifibss->incomplete_lock); 1216 ieee80211_queue_work(&local->hw, &sdata->work); 1217} 1218 1219static void ieee80211_ibss_sta_expire(struct ieee80211_sub_if_data *sdata) 1220{ 1221 struct ieee80211_local *local = sdata->local; 1222 struct sta_info *sta, *tmp; 1223 unsigned long exp_time = IEEE80211_IBSS_INACTIVITY_LIMIT; 1224 unsigned long exp_rsn_time = IEEE80211_IBSS_RSN_INACTIVITY_LIMIT; 1225 1226 mutex_lock(&local->sta_mtx); 1227 1228 list_for_each_entry_safe(sta, tmp, &local->sta_list, list) { 1229 if (sdata != sta->sdata) 1230 continue; 1231 1232 if (time_after(jiffies, sta->last_rx + exp_time) || 1233 (time_after(jiffies, sta->last_rx + exp_rsn_time) && 1234 sta->sta_state != IEEE80211_STA_AUTHORIZED)) { 1235 sta_dbg(sta->sdata, "expiring inactive %sSTA %pM\n", 1236 sta->sta_state != IEEE80211_STA_AUTHORIZED ? 1237 "not authorized " : "", sta->sta.addr); 1238 1239 WARN_ON(__sta_info_destroy(sta)); 1240 } 1241 } 1242 1243 mutex_unlock(&local->sta_mtx); 1244} 1245 1246/* 1247 * This function is called with state == IEEE80211_IBSS_MLME_JOINED 1248 */ 1249 1250static void ieee80211_sta_merge_ibss(struct ieee80211_sub_if_data *sdata) 1251{ 1252 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 1253 enum nl80211_bss_scan_width scan_width; 1254 1255 sdata_assert_lock(sdata); 1256 1257 mod_timer(&ifibss->timer, 1258 round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL)); 1259 1260 ieee80211_ibss_sta_expire(sdata); 1261 1262 if (time_before(jiffies, ifibss->last_scan_completed + 1263 IEEE80211_IBSS_MERGE_INTERVAL)) 1264 return; 1265 1266 if (ieee80211_sta_active_ibss(sdata)) 1267 return; 1268 1269 if (ifibss->fixed_channel) 1270 return; 1271 1272 sdata_info(sdata, 1273 "No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)\n"); 1274 1275 scan_width = cfg80211_chandef_to_scan_width(&ifibss->chandef); 1276 ieee80211_request_ibss_scan(sdata, ifibss->ssid, ifibss->ssid_len, 1277 NULL, scan_width); 1278} 1279 1280static void ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata) 1281{ 1282 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 1283 u8 bssid[ETH_ALEN]; 1284 u16 capability; 1285 int i; 1286 1287 sdata_assert_lock(sdata); 1288 1289 if (ifibss->fixed_bssid) { 1290 memcpy(bssid, ifibss->bssid, ETH_ALEN); 1291 } else { 1292 /* Generate random, not broadcast, locally administered BSSID. Mix in 1293 * own MAC address to make sure that devices that do not have proper 1294 * random number generator get different BSSID. */ 1295 get_random_bytes(bssid, ETH_ALEN); 1296 for (i = 0; i < ETH_ALEN; i++) 1297 bssid[i] ^= sdata->vif.addr[i]; 1298 bssid[0] &= ~0x01; 1299 bssid[0] |= 0x02; 1300 } 1301 1302 sdata_info(sdata, "Creating new IBSS network, BSSID %pM\n", bssid); 1303 1304 capability = WLAN_CAPABILITY_IBSS; 1305 1306 if (ifibss->privacy) 1307 capability |= WLAN_CAPABILITY_PRIVACY; 1308 else 1309 sdata->drop_unencrypted = 0; 1310 1311 __ieee80211_sta_join_ibss(sdata, bssid, sdata->vif.bss_conf.beacon_int, 1312 &ifibss->chandef, ifibss->basic_rates, 1313 capability, 0, true); 1314} 1315 1316/* 1317 * This function is called with state == IEEE80211_IBSS_MLME_SEARCH 1318 */ 1319 1320static void ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata) 1321{ 1322 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 1323 struct ieee80211_local *local = sdata->local; 1324 struct cfg80211_bss *cbss; 1325 struct ieee80211_channel *chan = NULL; 1326 const u8 *bssid = NULL; 1327 enum nl80211_bss_scan_width scan_width; 1328 int active_ibss; 1329 u16 capability; 1330 1331 sdata_assert_lock(sdata); 1332 1333 active_ibss = ieee80211_sta_active_ibss(sdata); 1334 ibss_dbg(sdata, "sta_find_ibss (active_ibss=%d)\n", active_ibss); 1335 1336 if (active_ibss) 1337 return; 1338 1339 capability = WLAN_CAPABILITY_IBSS; 1340 if (ifibss->privacy) 1341 capability |= WLAN_CAPABILITY_PRIVACY; 1342 if (ifibss->fixed_bssid) 1343 bssid = ifibss->bssid; 1344 if (ifibss->fixed_channel) 1345 chan = ifibss->chandef.chan; 1346 if (!is_zero_ether_addr(ifibss->bssid)) 1347 bssid = ifibss->bssid; 1348 cbss = cfg80211_get_bss(local->hw.wiphy, chan, bssid, 1349 ifibss->ssid, ifibss->ssid_len, 1350 WLAN_CAPABILITY_IBSS | WLAN_CAPABILITY_PRIVACY, 1351 capability); 1352 1353 if (cbss) { 1354 struct ieee80211_bss *bss; 1355 1356 bss = (void *)cbss->priv; 1357 ibss_dbg(sdata, 1358 "sta_find_ibss: selected %pM current %pM\n", 1359 cbss->bssid, ifibss->bssid); 1360 sdata_info(sdata, 1361 "Selected IBSS BSSID %pM based on configured SSID\n", 1362 cbss->bssid); 1363 1364 ieee80211_sta_join_ibss(sdata, bss); 1365 ieee80211_rx_bss_put(local, bss); 1366 return; 1367 } 1368 1369 /* if a fixed bssid and a fixed freq have been provided create the IBSS 1370 * directly and do not waste time scanning 1371 */ 1372 if (ifibss->fixed_bssid && ifibss->fixed_channel) { 1373 sdata_info(sdata, "Created IBSS using preconfigured BSSID %pM\n", 1374 bssid); 1375 ieee80211_sta_create_ibss(sdata); 1376 return; 1377 } 1378 1379 1380 ibss_dbg(sdata, "sta_find_ibss: did not try to join ibss\n"); 1381 1382 /* Selected IBSS not found in current scan results - try to scan */ 1383 if (time_after(jiffies, ifibss->last_scan_completed + 1384 IEEE80211_SCAN_INTERVAL)) { 1385 sdata_info(sdata, "Trigger new scan to find an IBSS to join\n"); 1386 1387 scan_width = cfg80211_chandef_to_scan_width(&ifibss->chandef); 1388 ieee80211_request_ibss_scan(sdata, ifibss->ssid, 1389 ifibss->ssid_len, chan, 1390 scan_width); 1391 } else { 1392 int interval = IEEE80211_SCAN_INTERVAL; 1393 1394 if (time_after(jiffies, ifibss->ibss_join_req + 1395 IEEE80211_IBSS_JOIN_TIMEOUT)) 1396 ieee80211_sta_create_ibss(sdata); 1397 1398 mod_timer(&ifibss->timer, 1399 round_jiffies(jiffies + interval)); 1400 } 1401} 1402 1403static void ieee80211_rx_mgmt_probe_req(struct ieee80211_sub_if_data *sdata, 1404 struct sk_buff *req) 1405{ 1406 struct ieee80211_mgmt *mgmt = (void *)req->data; 1407 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 1408 struct ieee80211_local *local = sdata->local; 1409 int tx_last_beacon, len = req->len; 1410 struct sk_buff *skb; 1411 struct beacon_data *presp; 1412 u8 *pos, *end; 1413 1414 sdata_assert_lock(sdata); 1415 1416 presp = rcu_dereference_protected(ifibss->presp, 1417 lockdep_is_held(&sdata->wdev.mtx)); 1418 1419 if (ifibss->state != IEEE80211_IBSS_MLME_JOINED || 1420 len < 24 + 2 || !presp) 1421 return; 1422 1423 tx_last_beacon = drv_tx_last_beacon(local); 1424 1425 ibss_dbg(sdata, 1426 "RX ProbeReq SA=%pM DA=%pM BSSID=%pM (tx_last_beacon=%d)\n", 1427 mgmt->sa, mgmt->da, mgmt->bssid, tx_last_beacon); 1428 1429 if (!tx_last_beacon && is_multicast_ether_addr(mgmt->da)) 1430 return; 1431 1432 if (!ether_addr_equal(mgmt->bssid, ifibss->bssid) && 1433 !is_broadcast_ether_addr(mgmt->bssid)) 1434 return; 1435 1436 end = ((u8 *) mgmt) + len; 1437 pos = mgmt->u.probe_req.variable; 1438 if (pos[0] != WLAN_EID_SSID || 1439 pos + 2 + pos[1] > end) { 1440 ibss_dbg(sdata, "Invalid SSID IE in ProbeReq from %pM\n", 1441 mgmt->sa); 1442 return; 1443 } 1444 if (pos[1] != 0 && 1445 (pos[1] != ifibss->ssid_len || 1446 memcmp(pos + 2, ifibss->ssid, ifibss->ssid_len))) { 1447 /* Ignore ProbeReq for foreign SSID */ 1448 return; 1449 } 1450 1451 /* Reply with ProbeResp */ 1452 skb = dev_alloc_skb(local->tx_headroom + presp->head_len); 1453 if (!skb) 1454 return; 1455 1456 skb_reserve(skb, local->tx_headroom); 1457 memcpy(skb_put(skb, presp->head_len), presp->head, presp->head_len); 1458 1459 memcpy(((struct ieee80211_mgmt *) skb->data)->da, mgmt->sa, ETH_ALEN); 1460 ibss_dbg(sdata, "Sending ProbeResp to %pM\n", mgmt->sa); 1461 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; 1462 1463 /* avoid excessive retries for probe request to wildcard SSIDs */ 1464 if (pos[1] == 0) 1465 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_CTL_NO_ACK; 1466 1467 ieee80211_tx_skb(sdata, skb); 1468} 1469 1470static 1471void ieee80211_rx_mgmt_probe_beacon(struct ieee80211_sub_if_data *sdata, 1472 struct ieee80211_mgmt *mgmt, size_t len, 1473 struct ieee80211_rx_status *rx_status) 1474{ 1475 size_t baselen; 1476 struct ieee802_11_elems elems; 1477 1478 BUILD_BUG_ON(offsetof(typeof(mgmt->u.probe_resp), variable) != 1479 offsetof(typeof(mgmt->u.beacon), variable)); 1480 1481 /* 1482 * either beacon or probe_resp but the variable field is at the 1483 * same offset 1484 */ 1485 baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt; 1486 if (baselen > len) 1487 return; 1488 1489 ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen, 1490 false, &elems); 1491 1492 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems); 1493} 1494 1495void ieee80211_ibss_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata, 1496 struct sk_buff *skb) 1497{ 1498 struct ieee80211_rx_status *rx_status; 1499 struct ieee80211_mgmt *mgmt; 1500 u16 fc; 1501 struct ieee802_11_elems elems; 1502 int ies_len; 1503 1504 rx_status = IEEE80211_SKB_RXCB(skb); 1505 mgmt = (struct ieee80211_mgmt *) skb->data; 1506 fc = le16_to_cpu(mgmt->frame_control); 1507 1508 sdata_lock(sdata); 1509 1510 if (!sdata->u.ibss.ssid_len) 1511 goto mgmt_out; /* not ready to merge yet */ 1512 1513 switch (fc & IEEE80211_FCTL_STYPE) { 1514 case IEEE80211_STYPE_PROBE_REQ: 1515 ieee80211_rx_mgmt_probe_req(sdata, skb); 1516 break; 1517 case IEEE80211_STYPE_PROBE_RESP: 1518 case IEEE80211_STYPE_BEACON: 1519 ieee80211_rx_mgmt_probe_beacon(sdata, mgmt, skb->len, 1520 rx_status); 1521 break; 1522 case IEEE80211_STYPE_AUTH: 1523 ieee80211_rx_mgmt_auth_ibss(sdata, mgmt, skb->len); 1524 break; 1525 case IEEE80211_STYPE_DEAUTH: 1526 ieee80211_rx_mgmt_deauth_ibss(sdata, mgmt, skb->len); 1527 break; 1528 case IEEE80211_STYPE_ACTION: 1529 switch (mgmt->u.action.category) { 1530 case WLAN_CATEGORY_SPECTRUM_MGMT: 1531 ies_len = skb->len - 1532 offsetof(struct ieee80211_mgmt, 1533 u.action.u.chan_switch.variable); 1534 1535 if (ies_len < 0) 1536 break; 1537 1538 ieee802_11_parse_elems( 1539 mgmt->u.action.u.chan_switch.variable, 1540 ies_len, true, &elems); 1541 1542 if (elems.parse_error) 1543 break; 1544 1545 ieee80211_rx_mgmt_spectrum_mgmt(sdata, mgmt, skb->len, 1546 rx_status, &elems); 1547 break; 1548 } 1549 } 1550 1551 mgmt_out: 1552 sdata_unlock(sdata); 1553} 1554 1555void ieee80211_ibss_work(struct ieee80211_sub_if_data *sdata) 1556{ 1557 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 1558 struct sta_info *sta; 1559 1560 sdata_lock(sdata); 1561 1562 /* 1563 * Work could be scheduled after scan or similar 1564 * when we aren't even joined (or trying) with a 1565 * network. 1566 */ 1567 if (!ifibss->ssid_len) 1568 goto out; 1569 1570 spin_lock_bh(&ifibss->incomplete_lock); 1571 while (!list_empty(&ifibss->incomplete_stations)) { 1572 sta = list_first_entry(&ifibss->incomplete_stations, 1573 struct sta_info, list); 1574 list_del(&sta->list); 1575 spin_unlock_bh(&ifibss->incomplete_lock); 1576 1577 ieee80211_ibss_finish_sta(sta); 1578 rcu_read_unlock(); 1579 spin_lock_bh(&ifibss->incomplete_lock); 1580 } 1581 spin_unlock_bh(&ifibss->incomplete_lock); 1582 1583 switch (ifibss->state) { 1584 case IEEE80211_IBSS_MLME_SEARCH: 1585 ieee80211_sta_find_ibss(sdata); 1586 break; 1587 case IEEE80211_IBSS_MLME_JOINED: 1588 ieee80211_sta_merge_ibss(sdata); 1589 break; 1590 default: 1591 WARN_ON(1); 1592 break; 1593 } 1594 1595 out: 1596 sdata_unlock(sdata); 1597} 1598 1599static void ieee80211_ibss_timer(unsigned long data) 1600{ 1601 struct ieee80211_sub_if_data *sdata = 1602 (struct ieee80211_sub_if_data *) data; 1603 1604 ieee80211_queue_work(&sdata->local->hw, &sdata->work); 1605} 1606 1607void ieee80211_ibss_setup_sdata(struct ieee80211_sub_if_data *sdata) 1608{ 1609 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 1610 1611 setup_timer(&ifibss->timer, ieee80211_ibss_timer, 1612 (unsigned long) sdata); 1613 INIT_LIST_HEAD(&ifibss->incomplete_stations); 1614 spin_lock_init(&ifibss->incomplete_lock); 1615 INIT_WORK(&ifibss->csa_connection_drop_work, 1616 ieee80211_csa_connection_drop_work); 1617} 1618 1619/* scan finished notification */ 1620void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local) 1621{ 1622 struct ieee80211_sub_if_data *sdata; 1623 1624 mutex_lock(&local->iflist_mtx); 1625 list_for_each_entry(sdata, &local->interfaces, list) { 1626 if (!ieee80211_sdata_running(sdata)) 1627 continue; 1628 if (sdata->vif.type != NL80211_IFTYPE_ADHOC) 1629 continue; 1630 sdata->u.ibss.last_scan_completed = jiffies; 1631 ieee80211_queue_work(&local->hw, &sdata->work); 1632 } 1633 mutex_unlock(&local->iflist_mtx); 1634} 1635 1636int ieee80211_ibss_join(struct ieee80211_sub_if_data *sdata, 1637 struct cfg80211_ibss_params *params) 1638{ 1639 u32 changed = 0; 1640 u32 rate_flags; 1641 struct ieee80211_supported_band *sband; 1642 enum ieee80211_chanctx_mode chanmode; 1643 struct ieee80211_local *local = sdata->local; 1644 int radar_detect_width = 0; 1645 int i; 1646 int ret; 1647 1648 ret = cfg80211_chandef_dfs_required(local->hw.wiphy, 1649 ¶ms->chandef, 1650 sdata->wdev.iftype); 1651 if (ret < 0) 1652 return ret; 1653 1654 if (ret > 0) { 1655 if (!params->userspace_handles_dfs) 1656 return -EINVAL; 1657 radar_detect_width = BIT(params->chandef.width); 1658 } 1659 1660 chanmode = (params->channel_fixed && !ret) ? 1661 IEEE80211_CHANCTX_SHARED : IEEE80211_CHANCTX_EXCLUSIVE; 1662 1663 mutex_lock(&local->chanctx_mtx); 1664 ret = ieee80211_check_combinations(sdata, ¶ms->chandef, chanmode, 1665 radar_detect_width); 1666 mutex_unlock(&local->chanctx_mtx); 1667 if (ret < 0) 1668 return ret; 1669 1670 if (params->bssid) { 1671 memcpy(sdata->u.ibss.bssid, params->bssid, ETH_ALEN); 1672 sdata->u.ibss.fixed_bssid = true; 1673 } else 1674 sdata->u.ibss.fixed_bssid = false; 1675 1676 sdata->u.ibss.privacy = params->privacy; 1677 sdata->u.ibss.control_port = params->control_port; 1678 sdata->u.ibss.userspace_handles_dfs = params->userspace_handles_dfs; 1679 sdata->u.ibss.basic_rates = params->basic_rates; 1680 1681 /* fix basic_rates if channel does not support these rates */ 1682 rate_flags = ieee80211_chandef_rate_flags(¶ms->chandef); 1683 sband = local->hw.wiphy->bands[params->chandef.chan->band]; 1684 for (i = 0; i < sband->n_bitrates; i++) { 1685 if ((rate_flags & sband->bitrates[i].flags) != rate_flags) 1686 sdata->u.ibss.basic_rates &= ~BIT(i); 1687 } 1688 memcpy(sdata->vif.bss_conf.mcast_rate, params->mcast_rate, 1689 sizeof(params->mcast_rate)); 1690 1691 sdata->vif.bss_conf.beacon_int = params->beacon_interval; 1692 1693 sdata->u.ibss.chandef = params->chandef; 1694 sdata->u.ibss.fixed_channel = params->channel_fixed; 1695 1696 if (params->ie) { 1697 sdata->u.ibss.ie = kmemdup(params->ie, params->ie_len, 1698 GFP_KERNEL); 1699 if (sdata->u.ibss.ie) 1700 sdata->u.ibss.ie_len = params->ie_len; 1701 } 1702 1703 sdata->u.ibss.state = IEEE80211_IBSS_MLME_SEARCH; 1704 sdata->u.ibss.ibss_join_req = jiffies; 1705 1706 memcpy(sdata->u.ibss.ssid, params->ssid, params->ssid_len); 1707 sdata->u.ibss.ssid_len = params->ssid_len; 1708 1709 memcpy(&sdata->u.ibss.ht_capa, ¶ms->ht_capa, 1710 sizeof(sdata->u.ibss.ht_capa)); 1711 memcpy(&sdata->u.ibss.ht_capa_mask, ¶ms->ht_capa_mask, 1712 sizeof(sdata->u.ibss.ht_capa_mask)); 1713 1714 /* 1715 * 802.11n-2009 9.13.3.1: In an IBSS, the HT Protection field is 1716 * reserved, but an HT STA shall protect HT transmissions as though 1717 * the HT Protection field were set to non-HT mixed mode. 1718 * 1719 * In an IBSS, the RIFS Mode field of the HT Operation element is 1720 * also reserved, but an HT STA shall operate as though this field 1721 * were set to 1. 1722 */ 1723 1724 sdata->vif.bss_conf.ht_operation_mode |= 1725 IEEE80211_HT_OP_MODE_PROTECTION_NONHT_MIXED 1726 | IEEE80211_HT_PARAM_RIFS_MODE; 1727 1728 changed |= BSS_CHANGED_HT; 1729 ieee80211_bss_info_change_notify(sdata, changed); 1730 1731 sdata->smps_mode = IEEE80211_SMPS_OFF; 1732 sdata->needed_rx_chains = local->rx_chains; 1733 1734 ieee80211_queue_work(&local->hw, &sdata->work); 1735 1736 return 0; 1737} 1738 1739int ieee80211_ibss_leave(struct ieee80211_sub_if_data *sdata) 1740{ 1741 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 1742 1743 ieee80211_ibss_disconnect(sdata); 1744 ifibss->ssid_len = 0; 1745 memset(ifibss->bssid, 0, ETH_ALEN); 1746 1747 /* remove beacon */ 1748 kfree(sdata->u.ibss.ie); 1749 1750 /* on the next join, re-program HT parameters */ 1751 memset(&ifibss->ht_capa, 0, sizeof(ifibss->ht_capa)); 1752 memset(&ifibss->ht_capa_mask, 0, sizeof(ifibss->ht_capa_mask)); 1753 1754 synchronize_rcu(); 1755 1756 skb_queue_purge(&sdata->skb_queue); 1757 1758 del_timer_sync(&sdata->u.ibss.timer); 1759 1760 return 0; 1761} 1762