mesh_plink.c revision bae35d92b6a1b6fd8c699415ab90aeeea2a56bc3
1/* 2 * Copyright (c) 2008, 2009 open80211s Ltd. 3 * Author: Luis Carlos Cobo <luisca@cozybit.com> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License version 2 as 7 * published by the Free Software Foundation. 8 */ 9#include <linux/gfp.h> 10#include <linux/kernel.h> 11#include <linux/random.h> 12#include "ieee80211_i.h" 13#include "rate.h" 14#include "mesh.h" 15 16#define PLINK_GET_LLID(p) (p + 2) 17#define PLINK_GET_PLID(p) (p + 4) 18 19#define mod_plink_timer(s, t) (mod_timer(&s->plink_timer, \ 20 jiffies + HZ * t / 1000)) 21 22#define dot11MeshMaxRetries(s) (s->u.mesh.mshcfg.dot11MeshMaxRetries) 23#define dot11MeshRetryTimeout(s) (s->u.mesh.mshcfg.dot11MeshRetryTimeout) 24#define dot11MeshConfirmTimeout(s) (s->u.mesh.mshcfg.dot11MeshConfirmTimeout) 25#define dot11MeshHoldingTimeout(s) (s->u.mesh.mshcfg.dot11MeshHoldingTimeout) 26#define dot11MeshMaxPeerLinks(s) (s->u.mesh.mshcfg.dot11MeshMaxPeerLinks) 27 28/* We only need a valid sta if user configured a minimum rssi_threshold. */ 29#define rssi_threshold_check(sta, sdata) \ 30 (sdata->u.mesh.mshcfg.rssi_threshold == 0 ||\ 31 (sta && (s8) -ewma_read(&sta->avg_signal) > \ 32 sdata->u.mesh.mshcfg.rssi_threshold)) 33 34enum plink_event { 35 PLINK_UNDEFINED, 36 OPN_ACPT, 37 OPN_RJCT, 38 OPN_IGNR, 39 CNF_ACPT, 40 CNF_RJCT, 41 CNF_IGNR, 42 CLS_ACPT, 43 CLS_IGNR 44}; 45 46static int mesh_plink_frame_tx(struct ieee80211_sub_if_data *sdata, 47 enum ieee80211_self_protected_actioncode action, 48 u8 *da, __le16 llid, __le16 plid, __le16 reason); 49 50static inline 51void mesh_plink_inc_estab_count(struct ieee80211_sub_if_data *sdata) 52{ 53 atomic_inc(&sdata->u.mesh.mshstats.estab_plinks); 54 mesh_accept_plinks_update(sdata); 55} 56 57static inline 58void mesh_plink_dec_estab_count(struct ieee80211_sub_if_data *sdata) 59{ 60 atomic_dec(&sdata->u.mesh.mshstats.estab_plinks); 61 mesh_accept_plinks_update(sdata); 62} 63 64/** 65 * mesh_plink_fsm_restart - restart a mesh peer link finite state machine 66 * 67 * @sta: mesh peer link to restart 68 * 69 * Locking: this function must be called holding sta->lock 70 */ 71static inline void mesh_plink_fsm_restart(struct sta_info *sta) 72{ 73 sta->plink_state = NL80211_PLINK_LISTEN; 74 sta->llid = sta->plid = sta->reason = 0; 75 sta->plink_retries = 0; 76} 77 78/* 79 * Allocate mesh sta entry and insert into station table 80 */ 81static struct sta_info *mesh_plink_alloc(struct ieee80211_sub_if_data *sdata, 82 u8 *hw_addr) 83{ 84 struct sta_info *sta; 85 86 if (sdata->local->num_sta >= MESH_MAX_PLINKS) 87 return NULL; 88 89 sta = sta_info_alloc(sdata, hw_addr, GFP_KERNEL); 90 if (!sta) 91 return NULL; 92 93 sta_info_pre_move_state(sta, IEEE80211_STA_AUTH); 94 sta_info_pre_move_state(sta, IEEE80211_STA_ASSOC); 95 sta_info_pre_move_state(sta, IEEE80211_STA_AUTHORIZED); 96 97 set_sta_flag(sta, WLAN_STA_WME); 98 99 return sta; 100} 101 102/** 103 * mesh_set_ht_prot_mode - set correct HT protection mode 104 * 105 * Section 9.23.3.5 of IEEE 80211-2012 describes the protection rules for HT 106 * mesh STA in a MBSS. Three HT protection modes are supported for now, non-HT 107 * mixed mode, 20MHz-protection and no-protection mode. non-HT mixed mode is 108 * selected if any non-HT peers are present in our MBSS. 20MHz-protection mode 109 * is selected if all peers in our 20/40MHz MBSS support HT and atleast one 110 * HT20 peer is present. Otherwise no-protection mode is selected. 111 */ 112static u32 mesh_set_ht_prot_mode(struct ieee80211_sub_if_data *sdata) 113{ 114 struct ieee80211_local *local = sdata->local; 115 struct sta_info *sta; 116 u32 changed = 0; 117 u16 ht_opmode; 118 bool non_ht_sta = false, ht20_sta = false; 119 120 if (local->_oper_channel_type == NL80211_CHAN_NO_HT) 121 return 0; 122 123 rcu_read_lock(); 124 list_for_each_entry_rcu(sta, &local->sta_list, list) { 125 if (sdata != sta->sdata || 126 sta->plink_state != NL80211_PLINK_ESTAB) 127 continue; 128 129 switch (sta->ch_type) { 130 case NL80211_CHAN_NO_HT: 131 mpl_dbg(sdata, 132 "mesh_plink %pM: nonHT sta (%pM) is present\n", 133 sdata->vif.addr, sta->sta.addr); 134 non_ht_sta = true; 135 goto out; 136 case NL80211_CHAN_HT20: 137 mpl_dbg(sdata, 138 "mesh_plink %pM: HT20 sta (%pM) is present\n", 139 sdata->vif.addr, sta->sta.addr); 140 ht20_sta = true; 141 default: 142 break; 143 } 144 } 145out: 146 rcu_read_unlock(); 147 148 if (non_ht_sta) 149 ht_opmode = IEEE80211_HT_OP_MODE_PROTECTION_NONHT_MIXED; 150 else if (ht20_sta && local->_oper_channel_type > NL80211_CHAN_HT20) 151 ht_opmode = IEEE80211_HT_OP_MODE_PROTECTION_20MHZ; 152 else 153 ht_opmode = IEEE80211_HT_OP_MODE_PROTECTION_NONE; 154 155 if (sdata->vif.bss_conf.ht_operation_mode != ht_opmode) { 156 sdata->vif.bss_conf.ht_operation_mode = ht_opmode; 157 sdata->u.mesh.mshcfg.ht_opmode = ht_opmode; 158 changed = BSS_CHANGED_HT; 159 mpl_dbg(sdata, 160 "mesh_plink %pM: protection mode changed to %d\n", 161 sdata->vif.addr, ht_opmode); 162 } 163 164 return changed; 165} 166 167/** 168 * __mesh_plink_deactivate - deactivate mesh peer link 169 * 170 * @sta: mesh peer link to deactivate 171 * 172 * All mesh paths with this peer as next hop will be flushed 173 * 174 * Locking: the caller must hold sta->lock 175 */ 176static bool __mesh_plink_deactivate(struct sta_info *sta) 177{ 178 struct ieee80211_sub_if_data *sdata = sta->sdata; 179 bool deactivated = false; 180 181 if (sta->plink_state == NL80211_PLINK_ESTAB) { 182 mesh_plink_dec_estab_count(sdata); 183 deactivated = true; 184 } 185 sta->plink_state = NL80211_PLINK_BLOCKED; 186 mesh_path_flush_by_nexthop(sta); 187 188 return deactivated; 189} 190 191/** 192 * mesh_plink_deactivate - deactivate mesh peer link 193 * 194 * @sta: mesh peer link to deactivate 195 * 196 * All mesh paths with this peer as next hop will be flushed 197 */ 198void mesh_plink_deactivate(struct sta_info *sta) 199{ 200 struct ieee80211_sub_if_data *sdata = sta->sdata; 201 bool deactivated; 202 203 spin_lock_bh(&sta->lock); 204 deactivated = __mesh_plink_deactivate(sta); 205 sta->reason = cpu_to_le16(WLAN_REASON_MESH_PEER_CANCELED); 206 mesh_plink_frame_tx(sdata, WLAN_SP_MESH_PEERING_CLOSE, 207 sta->sta.addr, sta->llid, sta->plid, 208 sta->reason); 209 spin_unlock_bh(&sta->lock); 210 211 if (deactivated) 212 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON); 213} 214 215static int mesh_plink_frame_tx(struct ieee80211_sub_if_data *sdata, 216 enum ieee80211_self_protected_actioncode action, 217 u8 *da, __le16 llid, __le16 plid, __le16 reason) { 218 struct ieee80211_local *local = sdata->local; 219 struct sk_buff *skb; 220 struct ieee80211_mgmt *mgmt; 221 bool include_plid = false; 222 u16 peering_proto = 0; 223 u8 *pos, ie_len = 4; 224 int hdr_len = offsetof(struct ieee80211_mgmt, u.action.u.self_prot) + 225 sizeof(mgmt->u.action.u.self_prot); 226 227 skb = dev_alloc_skb(local->tx_headroom + 228 hdr_len + 229 2 + /* capability info */ 230 2 + /* AID */ 231 2 + 8 + /* supported rates */ 232 2 + (IEEE80211_MAX_SUPP_RATES - 8) + 233 2 + sdata->u.mesh.mesh_id_len + 234 2 + sizeof(struct ieee80211_meshconf_ie) + 235 2 + sizeof(struct ieee80211_ht_cap) + 236 2 + sizeof(struct ieee80211_ht_operation) + 237 2 + 8 + /* peering IE */ 238 sdata->u.mesh.ie_len); 239 if (!skb) 240 return -1; 241 skb_reserve(skb, local->tx_headroom); 242 mgmt = (struct ieee80211_mgmt *) skb_put(skb, hdr_len); 243 memset(mgmt, 0, hdr_len); 244 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 245 IEEE80211_STYPE_ACTION); 246 memcpy(mgmt->da, da, ETH_ALEN); 247 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN); 248 memcpy(mgmt->bssid, sdata->vif.addr, ETH_ALEN); 249 mgmt->u.action.category = WLAN_CATEGORY_SELF_PROTECTED; 250 mgmt->u.action.u.self_prot.action_code = action; 251 252 if (action != WLAN_SP_MESH_PEERING_CLOSE) { 253 /* capability info */ 254 pos = skb_put(skb, 2); 255 memset(pos, 0, 2); 256 if (action == WLAN_SP_MESH_PEERING_CONFIRM) { 257 /* AID */ 258 pos = skb_put(skb, 2); 259 memcpy(pos + 2, &plid, 2); 260 } 261 if (ieee80211_add_srates_ie(sdata, skb, true) || 262 ieee80211_add_ext_srates_ie(sdata, skb, true) || 263 mesh_add_rsn_ie(skb, sdata) || 264 mesh_add_meshid_ie(skb, sdata) || 265 mesh_add_meshconf_ie(skb, sdata)) 266 return -1; 267 } else { /* WLAN_SP_MESH_PEERING_CLOSE */ 268 if (mesh_add_meshid_ie(skb, sdata)) 269 return -1; 270 } 271 272 /* Add Mesh Peering Management element */ 273 switch (action) { 274 case WLAN_SP_MESH_PEERING_OPEN: 275 break; 276 case WLAN_SP_MESH_PEERING_CONFIRM: 277 ie_len += 2; 278 include_plid = true; 279 break; 280 case WLAN_SP_MESH_PEERING_CLOSE: 281 if (plid) { 282 ie_len += 2; 283 include_plid = true; 284 } 285 ie_len += 2; /* reason code */ 286 break; 287 default: 288 return -EINVAL; 289 } 290 291 if (WARN_ON(skb_tailroom(skb) < 2 + ie_len)) 292 return -ENOMEM; 293 294 pos = skb_put(skb, 2 + ie_len); 295 *pos++ = WLAN_EID_PEER_MGMT; 296 *pos++ = ie_len; 297 memcpy(pos, &peering_proto, 2); 298 pos += 2; 299 memcpy(pos, &llid, 2); 300 pos += 2; 301 if (include_plid) { 302 memcpy(pos, &plid, 2); 303 pos += 2; 304 } 305 if (action == WLAN_SP_MESH_PEERING_CLOSE) { 306 memcpy(pos, &reason, 2); 307 pos += 2; 308 } 309 310 if (action != WLAN_SP_MESH_PEERING_CLOSE) { 311 if (mesh_add_ht_cap_ie(skb, sdata) || 312 mesh_add_ht_oper_ie(skb, sdata)) 313 return -1; 314 } 315 316 if (mesh_add_vendor_ies(skb, sdata)) 317 return -1; 318 319 ieee80211_tx_skb(sdata, skb); 320 return 0; 321} 322 323/** 324 * mesh_peer_init - initialize new mesh peer and return resulting sta_info 325 * 326 * @sdata: local meshif 327 * @addr: peer's address 328 * @elems: IEs from beacon or mesh peering frame 329 * 330 * call under RCU 331 */ 332static struct sta_info *mesh_peer_init(struct ieee80211_sub_if_data *sdata, 333 u8 *addr, 334 struct ieee802_11_elems *elems) 335{ 336 struct ieee80211_local *local = sdata->local; 337 enum ieee80211_band band = local->oper_channel->band; 338 struct ieee80211_supported_band *sband; 339 u32 rates, basic_rates = 0; 340 struct sta_info *sta; 341 bool insert = false; 342 343 sband = local->hw.wiphy->bands[band]; 344 rates = ieee80211_sta_get_rates(local, elems, band, &basic_rates); 345 346 sta = sta_info_get(sdata, addr); 347 if (!sta) { 348 /* Userspace handles peer allocation when security is enabled */ 349 if (sdata->u.mesh.security & IEEE80211_MESH_SEC_AUTHED) { 350 cfg80211_notify_new_peer_candidate(sdata->dev, addr, 351 elems->ie_start, 352 elems->total_len, 353 GFP_ATOMIC); 354 return NULL; 355 } 356 357 sta = mesh_plink_alloc(sdata, addr); 358 if (!sta) 359 return NULL; 360 insert = true; 361 } 362 363 spin_lock_bh(&sta->lock); 364 sta->last_rx = jiffies; 365 if (sta->plink_state == NL80211_PLINK_ESTAB) { 366 spin_unlock_bh(&sta->lock); 367 return sta; 368 } 369 370 sta->sta.supp_rates[band] = rates; 371 if (elems->ht_cap_elem && 372 sdata->local->_oper_channel_type != NL80211_CHAN_NO_HT) 373 ieee80211_ht_cap_ie_to_sta_ht_cap(sdata, sband, 374 elems->ht_cap_elem, 375 &sta->sta.ht_cap); 376 else 377 memset(&sta->sta.ht_cap, 0, sizeof(sta->sta.ht_cap)); 378 379 if (elems->ht_operation) { 380 if (!(elems->ht_operation->ht_param & 381 IEEE80211_HT_PARAM_CHAN_WIDTH_ANY)) 382 sta->sta.ht_cap.cap &= 383 ~IEEE80211_HT_CAP_SUP_WIDTH_20_40; 384 sta->ch_type = 385 ieee80211_ht_oper_to_channel_type(elems->ht_operation); 386 } 387 388 rate_control_rate_init(sta); 389 spin_unlock_bh(&sta->lock); 390 391 if (insert && sta_info_insert(sta)) 392 return NULL; 393 394 return sta; 395} 396 397void mesh_neighbour_update(struct ieee80211_sub_if_data *sdata, 398 u8 *hw_addr, 399 struct ieee802_11_elems *elems) 400{ 401 struct sta_info *sta; 402 403 rcu_read_lock(); 404 sta = mesh_peer_init(sdata, hw_addr, elems); 405 if (!sta) 406 goto out; 407 408 if (mesh_peer_accepts_plinks(elems) && 409 sta->plink_state == NL80211_PLINK_LISTEN && 410 sdata->u.mesh.accepting_plinks && 411 sdata->u.mesh.mshcfg.auto_open_plinks && 412 rssi_threshold_check(sta, sdata)) 413 mesh_plink_open(sta); 414 415out: 416 rcu_read_unlock(); 417} 418 419static void mesh_plink_timer(unsigned long data) 420{ 421 struct sta_info *sta; 422 __le16 llid, plid, reason; 423 struct ieee80211_sub_if_data *sdata; 424 425 /* 426 * This STA is valid because sta_info_destroy() will 427 * del_timer_sync() this timer after having made sure 428 * it cannot be readded (by deleting the plink.) 429 */ 430 sta = (struct sta_info *) data; 431 432 if (sta->sdata->local->quiescing) { 433 sta->plink_timer_was_running = true; 434 return; 435 } 436 437 spin_lock_bh(&sta->lock); 438 if (sta->ignore_plink_timer) { 439 sta->ignore_plink_timer = false; 440 spin_unlock_bh(&sta->lock); 441 return; 442 } 443 mpl_dbg(sta->sdata, 444 "Mesh plink timer for %pM fired on state %d\n", 445 sta->sta.addr, sta->plink_state); 446 reason = 0; 447 llid = sta->llid; 448 plid = sta->plid; 449 sdata = sta->sdata; 450 451 switch (sta->plink_state) { 452 case NL80211_PLINK_OPN_RCVD: 453 case NL80211_PLINK_OPN_SNT: 454 /* retry timer */ 455 if (sta->plink_retries < dot11MeshMaxRetries(sdata)) { 456 u32 rand; 457 mpl_dbg(sta->sdata, 458 "Mesh plink for %pM (retry, timeout): %d %d\n", 459 sta->sta.addr, sta->plink_retries, 460 sta->plink_timeout); 461 get_random_bytes(&rand, sizeof(u32)); 462 sta->plink_timeout = sta->plink_timeout + 463 rand % sta->plink_timeout; 464 ++sta->plink_retries; 465 mod_plink_timer(sta, sta->plink_timeout); 466 spin_unlock_bh(&sta->lock); 467 mesh_plink_frame_tx(sdata, WLAN_SP_MESH_PEERING_OPEN, 468 sta->sta.addr, llid, 0, 0); 469 break; 470 } 471 reason = cpu_to_le16(WLAN_REASON_MESH_MAX_RETRIES); 472 /* fall through on else */ 473 case NL80211_PLINK_CNF_RCVD: 474 /* confirm timer */ 475 if (!reason) 476 reason = cpu_to_le16(WLAN_REASON_MESH_CONFIRM_TIMEOUT); 477 sta->plink_state = NL80211_PLINK_HOLDING; 478 mod_plink_timer(sta, dot11MeshHoldingTimeout(sdata)); 479 spin_unlock_bh(&sta->lock); 480 mesh_plink_frame_tx(sdata, WLAN_SP_MESH_PEERING_CLOSE, 481 sta->sta.addr, llid, plid, reason); 482 break; 483 case NL80211_PLINK_HOLDING: 484 /* holding timer */ 485 del_timer(&sta->plink_timer); 486 mesh_plink_fsm_restart(sta); 487 spin_unlock_bh(&sta->lock); 488 break; 489 default: 490 spin_unlock_bh(&sta->lock); 491 break; 492 } 493} 494 495#ifdef CONFIG_PM 496void mesh_plink_quiesce(struct sta_info *sta) 497{ 498 if (del_timer_sync(&sta->plink_timer)) 499 sta->plink_timer_was_running = true; 500} 501 502void mesh_plink_restart(struct sta_info *sta) 503{ 504 if (sta->plink_timer_was_running) { 505 add_timer(&sta->plink_timer); 506 sta->plink_timer_was_running = false; 507 } 508} 509#endif 510 511static inline void mesh_plink_timer_set(struct sta_info *sta, int timeout) 512{ 513 sta->plink_timer.expires = jiffies + (HZ * timeout / 1000); 514 sta->plink_timer.data = (unsigned long) sta; 515 sta->plink_timer.function = mesh_plink_timer; 516 sta->plink_timeout = timeout; 517 add_timer(&sta->plink_timer); 518} 519 520int mesh_plink_open(struct sta_info *sta) 521{ 522 __le16 llid; 523 struct ieee80211_sub_if_data *sdata = sta->sdata; 524 525 if (!test_sta_flag(sta, WLAN_STA_AUTH)) 526 return -EPERM; 527 528 spin_lock_bh(&sta->lock); 529 get_random_bytes(&llid, 2); 530 sta->llid = llid; 531 if (sta->plink_state != NL80211_PLINK_LISTEN) { 532 spin_unlock_bh(&sta->lock); 533 return -EBUSY; 534 } 535 sta->plink_state = NL80211_PLINK_OPN_SNT; 536 mesh_plink_timer_set(sta, dot11MeshRetryTimeout(sdata)); 537 spin_unlock_bh(&sta->lock); 538 mpl_dbg(sdata, 539 "Mesh plink: starting establishment with %pM\n", 540 sta->sta.addr); 541 542 return mesh_plink_frame_tx(sdata, WLAN_SP_MESH_PEERING_OPEN, 543 sta->sta.addr, llid, 0, 0); 544} 545 546void mesh_plink_block(struct sta_info *sta) 547{ 548 struct ieee80211_sub_if_data *sdata = sta->sdata; 549 bool deactivated; 550 551 spin_lock_bh(&sta->lock); 552 deactivated = __mesh_plink_deactivate(sta); 553 sta->plink_state = NL80211_PLINK_BLOCKED; 554 spin_unlock_bh(&sta->lock); 555 556 if (deactivated) 557 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON); 558} 559 560 561void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_mgmt *mgmt, 562 size_t len, struct ieee80211_rx_status *rx_status) 563{ 564 struct ieee802_11_elems elems; 565 struct sta_info *sta; 566 enum plink_event event; 567 enum ieee80211_self_protected_actioncode ftype; 568 size_t baselen; 569 bool matches_local = true; 570 u8 ie_len; 571 u8 *baseaddr; 572 u32 changed = 0; 573 __le16 plid, llid, reason; 574 static const char *mplstates[] = { 575 [NL80211_PLINK_LISTEN] = "LISTEN", 576 [NL80211_PLINK_OPN_SNT] = "OPN-SNT", 577 [NL80211_PLINK_OPN_RCVD] = "OPN-RCVD", 578 [NL80211_PLINK_CNF_RCVD] = "CNF_RCVD", 579 [NL80211_PLINK_ESTAB] = "ESTAB", 580 [NL80211_PLINK_HOLDING] = "HOLDING", 581 [NL80211_PLINK_BLOCKED] = "BLOCKED" 582 }; 583 584 /* need action_code, aux */ 585 if (len < IEEE80211_MIN_ACTION_SIZE + 3) 586 return; 587 588 if (is_multicast_ether_addr(mgmt->da)) { 589 mpl_dbg(sdata, 590 "Mesh plink: ignore frame from multicast address\n"); 591 return; 592 } 593 594 baseaddr = mgmt->u.action.u.self_prot.variable; 595 baselen = (u8 *) mgmt->u.action.u.self_prot.variable - (u8 *) mgmt; 596 if (mgmt->u.action.u.self_prot.action_code == 597 WLAN_SP_MESH_PEERING_CONFIRM) { 598 baseaddr += 4; 599 baselen += 4; 600 } 601 ieee802_11_parse_elems(baseaddr, len - baselen, &elems); 602 if (!elems.peering) { 603 mpl_dbg(sdata, 604 "Mesh plink: missing necessary peer link ie\n"); 605 return; 606 } 607 if (elems.rsn_len && 608 sdata->u.mesh.security == IEEE80211_MESH_SEC_NONE) { 609 mpl_dbg(sdata, 610 "Mesh plink: can't establish link with secure peer\n"); 611 return; 612 } 613 614 ftype = mgmt->u.action.u.self_prot.action_code; 615 ie_len = elems.peering_len; 616 if ((ftype == WLAN_SP_MESH_PEERING_OPEN && ie_len != 4) || 617 (ftype == WLAN_SP_MESH_PEERING_CONFIRM && ie_len != 6) || 618 (ftype == WLAN_SP_MESH_PEERING_CLOSE && ie_len != 6 619 && ie_len != 8)) { 620 mpl_dbg(sdata, 621 "Mesh plink: incorrect plink ie length %d %d\n", 622 ftype, ie_len); 623 return; 624 } 625 626 if (ftype != WLAN_SP_MESH_PEERING_CLOSE && 627 (!elems.mesh_id || !elems.mesh_config)) { 628 mpl_dbg(sdata, "Mesh plink: missing necessary ie\n"); 629 return; 630 } 631 /* Note the lines below are correct, the llid in the frame is the plid 632 * from the point of view of this host. 633 */ 634 memcpy(&plid, PLINK_GET_LLID(elems.peering), 2); 635 if (ftype == WLAN_SP_MESH_PEERING_CONFIRM || 636 (ftype == WLAN_SP_MESH_PEERING_CLOSE && ie_len == 8)) 637 memcpy(&llid, PLINK_GET_PLID(elems.peering), 2); 638 639 rcu_read_lock(); 640 641 sta = sta_info_get(sdata, mgmt->sa); 642 if (!sta && ftype != WLAN_SP_MESH_PEERING_OPEN) { 643 mpl_dbg(sdata, "Mesh plink: cls or cnf from unknown peer\n"); 644 rcu_read_unlock(); 645 return; 646 } 647 648 if (ftype == WLAN_SP_MESH_PEERING_OPEN && 649 !rssi_threshold_check(sta, sdata)) { 650 mpl_dbg(sdata, "Mesh plink: %pM does not meet rssi threshold\n", 651 mgmt->sa); 652 rcu_read_unlock(); 653 return; 654 } 655 656 if (sta && !test_sta_flag(sta, WLAN_STA_AUTH)) { 657 mpl_dbg(sdata, "Mesh plink: Action frame from non-authed peer\n"); 658 rcu_read_unlock(); 659 return; 660 } 661 662 if (sta && sta->plink_state == NL80211_PLINK_BLOCKED) { 663 rcu_read_unlock(); 664 return; 665 } 666 667 /* Now we will figure out the appropriate event... */ 668 event = PLINK_UNDEFINED; 669 if (ftype != WLAN_SP_MESH_PEERING_CLOSE && 670 !mesh_matches_local(sdata, &elems)) { 671 matches_local = false; 672 switch (ftype) { 673 case WLAN_SP_MESH_PEERING_OPEN: 674 event = OPN_RJCT; 675 break; 676 case WLAN_SP_MESH_PEERING_CONFIRM: 677 event = CNF_RJCT; 678 break; 679 default: 680 break; 681 } 682 } 683 684 if (!sta && !matches_local) { 685 rcu_read_unlock(); 686 reason = cpu_to_le16(WLAN_REASON_MESH_CONFIG); 687 llid = 0; 688 mesh_plink_frame_tx(sdata, WLAN_SP_MESH_PEERING_CLOSE, 689 mgmt->sa, llid, plid, reason); 690 return; 691 } else if (!sta) { 692 /* ftype == WLAN_SP_MESH_PEERING_OPEN */ 693 if (!mesh_plink_free_count(sdata)) { 694 mpl_dbg(sdata, "Mesh plink error: no more free plinks\n"); 695 rcu_read_unlock(); 696 return; 697 } 698 event = OPN_ACPT; 699 } else if (matches_local) { 700 switch (ftype) { 701 case WLAN_SP_MESH_PEERING_OPEN: 702 if (!mesh_plink_free_count(sdata) || 703 (sta->plid && sta->plid != plid)) 704 event = OPN_IGNR; 705 else 706 event = OPN_ACPT; 707 break; 708 case WLAN_SP_MESH_PEERING_CONFIRM: 709 if (!mesh_plink_free_count(sdata) || 710 (sta->llid != llid || sta->plid != plid)) 711 event = CNF_IGNR; 712 else 713 event = CNF_ACPT; 714 break; 715 case WLAN_SP_MESH_PEERING_CLOSE: 716 if (sta->plink_state == NL80211_PLINK_ESTAB) 717 /* Do not check for llid or plid. This does not 718 * follow the standard but since multiple plinks 719 * per sta are not supported, it is necessary in 720 * order to avoid a livelock when MP A sees an 721 * establish peer link to MP B but MP B does not 722 * see it. This can be caused by a timeout in 723 * B's peer link establishment or B beign 724 * restarted. 725 */ 726 event = CLS_ACPT; 727 else if (sta->plid != plid) 728 event = CLS_IGNR; 729 else if (ie_len == 7 && sta->llid != llid) 730 event = CLS_IGNR; 731 else 732 event = CLS_ACPT; 733 break; 734 default: 735 mpl_dbg(sdata, "Mesh plink: unknown frame subtype\n"); 736 rcu_read_unlock(); 737 return; 738 } 739 } 740 741 if (event == OPN_ACPT) { 742 /* allocate sta entry if necessary and update info */ 743 sta = mesh_peer_init(sdata, mgmt->sa, &elems); 744 if (!sta) { 745 mpl_dbg(sdata, "Mesh plink: failed to init peer!\n"); 746 rcu_read_unlock(); 747 return; 748 } 749 } 750 751 mpl_dbg(sdata, 752 "Mesh plink (peer, state, llid, plid, event): %pM %s %d %d %d\n", 753 mgmt->sa, mplstates[sta->plink_state], 754 le16_to_cpu(sta->llid), le16_to_cpu(sta->plid), 755 event); 756 reason = 0; 757 spin_lock_bh(&sta->lock); 758 switch (sta->plink_state) { 759 /* spin_unlock as soon as state is updated at each case */ 760 case NL80211_PLINK_LISTEN: 761 switch (event) { 762 case CLS_ACPT: 763 mesh_plink_fsm_restart(sta); 764 spin_unlock_bh(&sta->lock); 765 break; 766 case OPN_ACPT: 767 sta->plink_state = NL80211_PLINK_OPN_RCVD; 768 sta->plid = plid; 769 get_random_bytes(&llid, 2); 770 sta->llid = llid; 771 mesh_plink_timer_set(sta, dot11MeshRetryTimeout(sdata)); 772 spin_unlock_bh(&sta->lock); 773 mesh_plink_frame_tx(sdata, 774 WLAN_SP_MESH_PEERING_OPEN, 775 sta->sta.addr, llid, 0, 0); 776 mesh_plink_frame_tx(sdata, 777 WLAN_SP_MESH_PEERING_CONFIRM, 778 sta->sta.addr, llid, plid, 0); 779 break; 780 default: 781 spin_unlock_bh(&sta->lock); 782 break; 783 } 784 break; 785 786 case NL80211_PLINK_OPN_SNT: 787 switch (event) { 788 case OPN_RJCT: 789 case CNF_RJCT: 790 reason = cpu_to_le16(WLAN_REASON_MESH_CONFIG); 791 case CLS_ACPT: 792 if (!reason) 793 reason = cpu_to_le16(WLAN_REASON_MESH_CLOSE); 794 sta->reason = reason; 795 sta->plink_state = NL80211_PLINK_HOLDING; 796 if (!mod_plink_timer(sta, 797 dot11MeshHoldingTimeout(sdata))) 798 sta->ignore_plink_timer = true; 799 800 llid = sta->llid; 801 spin_unlock_bh(&sta->lock); 802 mesh_plink_frame_tx(sdata, 803 WLAN_SP_MESH_PEERING_CLOSE, 804 sta->sta.addr, llid, plid, reason); 805 break; 806 case OPN_ACPT: 807 /* retry timer is left untouched */ 808 sta->plink_state = NL80211_PLINK_OPN_RCVD; 809 sta->plid = plid; 810 llid = sta->llid; 811 spin_unlock_bh(&sta->lock); 812 mesh_plink_frame_tx(sdata, 813 WLAN_SP_MESH_PEERING_CONFIRM, 814 sta->sta.addr, llid, plid, 0); 815 break; 816 case CNF_ACPT: 817 sta->plink_state = NL80211_PLINK_CNF_RCVD; 818 if (!mod_plink_timer(sta, 819 dot11MeshConfirmTimeout(sdata))) 820 sta->ignore_plink_timer = true; 821 822 spin_unlock_bh(&sta->lock); 823 break; 824 default: 825 spin_unlock_bh(&sta->lock); 826 break; 827 } 828 break; 829 830 case NL80211_PLINK_OPN_RCVD: 831 switch (event) { 832 case OPN_RJCT: 833 case CNF_RJCT: 834 reason = cpu_to_le16(WLAN_REASON_MESH_CONFIG); 835 case CLS_ACPT: 836 if (!reason) 837 reason = cpu_to_le16(WLAN_REASON_MESH_CLOSE); 838 sta->reason = reason; 839 sta->plink_state = NL80211_PLINK_HOLDING; 840 if (!mod_plink_timer(sta, 841 dot11MeshHoldingTimeout(sdata))) 842 sta->ignore_plink_timer = true; 843 844 llid = sta->llid; 845 spin_unlock_bh(&sta->lock); 846 mesh_plink_frame_tx(sdata, WLAN_SP_MESH_PEERING_CLOSE, 847 sta->sta.addr, llid, plid, reason); 848 break; 849 case OPN_ACPT: 850 llid = sta->llid; 851 spin_unlock_bh(&sta->lock); 852 mesh_plink_frame_tx(sdata, 853 WLAN_SP_MESH_PEERING_CONFIRM, 854 sta->sta.addr, llid, plid, 0); 855 break; 856 case CNF_ACPT: 857 del_timer(&sta->plink_timer); 858 sta->plink_state = NL80211_PLINK_ESTAB; 859 spin_unlock_bh(&sta->lock); 860 mesh_plink_inc_estab_count(sdata); 861 changed |= mesh_set_ht_prot_mode(sdata); 862 changed |= BSS_CHANGED_BEACON; 863 mpl_dbg(sdata, "Mesh plink with %pM ESTABLISHED\n", 864 sta->sta.addr); 865 break; 866 default: 867 spin_unlock_bh(&sta->lock); 868 break; 869 } 870 break; 871 872 case NL80211_PLINK_CNF_RCVD: 873 switch (event) { 874 case OPN_RJCT: 875 case CNF_RJCT: 876 reason = cpu_to_le16(WLAN_REASON_MESH_CONFIG); 877 case CLS_ACPT: 878 if (!reason) 879 reason = cpu_to_le16(WLAN_REASON_MESH_CLOSE); 880 sta->reason = reason; 881 sta->plink_state = NL80211_PLINK_HOLDING; 882 if (!mod_plink_timer(sta, 883 dot11MeshHoldingTimeout(sdata))) 884 sta->ignore_plink_timer = true; 885 886 llid = sta->llid; 887 spin_unlock_bh(&sta->lock); 888 mesh_plink_frame_tx(sdata, 889 WLAN_SP_MESH_PEERING_CLOSE, 890 sta->sta.addr, llid, plid, reason); 891 break; 892 case OPN_ACPT: 893 del_timer(&sta->plink_timer); 894 sta->plink_state = NL80211_PLINK_ESTAB; 895 spin_unlock_bh(&sta->lock); 896 mesh_plink_inc_estab_count(sdata); 897 changed |= mesh_set_ht_prot_mode(sdata); 898 changed |= BSS_CHANGED_BEACON; 899 mpl_dbg(sdata, "Mesh plink with %pM ESTABLISHED\n", 900 sta->sta.addr); 901 mesh_plink_frame_tx(sdata, 902 WLAN_SP_MESH_PEERING_CONFIRM, 903 sta->sta.addr, llid, plid, 0); 904 break; 905 default: 906 spin_unlock_bh(&sta->lock); 907 break; 908 } 909 break; 910 911 case NL80211_PLINK_ESTAB: 912 switch (event) { 913 case CLS_ACPT: 914 reason = cpu_to_le16(WLAN_REASON_MESH_CLOSE); 915 sta->reason = reason; 916 __mesh_plink_deactivate(sta); 917 sta->plink_state = NL80211_PLINK_HOLDING; 918 llid = sta->llid; 919 mod_plink_timer(sta, dot11MeshHoldingTimeout(sdata)); 920 spin_unlock_bh(&sta->lock); 921 changed |= mesh_set_ht_prot_mode(sdata); 922 changed |= BSS_CHANGED_BEACON; 923 mesh_plink_frame_tx(sdata, WLAN_SP_MESH_PEERING_CLOSE, 924 sta->sta.addr, llid, plid, reason); 925 break; 926 case OPN_ACPT: 927 llid = sta->llid; 928 spin_unlock_bh(&sta->lock); 929 mesh_plink_frame_tx(sdata, 930 WLAN_SP_MESH_PEERING_CONFIRM, 931 sta->sta.addr, llid, plid, 0); 932 break; 933 default: 934 spin_unlock_bh(&sta->lock); 935 break; 936 } 937 break; 938 case NL80211_PLINK_HOLDING: 939 switch (event) { 940 case CLS_ACPT: 941 if (del_timer(&sta->plink_timer)) 942 sta->ignore_plink_timer = 1; 943 mesh_plink_fsm_restart(sta); 944 spin_unlock_bh(&sta->lock); 945 break; 946 case OPN_ACPT: 947 case CNF_ACPT: 948 case OPN_RJCT: 949 case CNF_RJCT: 950 llid = sta->llid; 951 reason = sta->reason; 952 spin_unlock_bh(&sta->lock); 953 mesh_plink_frame_tx(sdata, WLAN_SP_MESH_PEERING_CLOSE, 954 sta->sta.addr, llid, plid, reason); 955 break; 956 default: 957 spin_unlock_bh(&sta->lock); 958 } 959 break; 960 default: 961 /* should not get here, PLINK_BLOCKED is dealt with at the 962 * beginning of the function 963 */ 964 spin_unlock_bh(&sta->lock); 965 break; 966 } 967 968 rcu_read_unlock(); 969 970 if (changed) 971 ieee80211_bss_info_change_notify(sdata, changed); 972} 973