aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
Diffstat (limited to 'net')
-rw-r--r--net/bluetooth/af_bluetooth.c12
-rw-r--r--net/bluetooth/hci_conn.c4
-rw-r--r--net/bluetooth/hci_core.c3
-rw-r--r--net/bluetooth/l2cap_core.c24
-rw-r--r--net/bluetooth/l2cap_sock.c4
-rw-r--r--net/bluetooth/rfcomm/core.c18
-rw-r--r--net/bluetooth/rfcomm/sock.c2
-rw-r--r--net/mac80211/Makefile4
-rw-r--r--net/mac80211/cfg.c6
-rw-r--r--net/mac80211/debugfs.c2
-rw-r--r--net/mac80211/debugfs_sta.c4
-rw-r--r--net/mac80211/driver-ops.h33
-rw-r--r--net/mac80211/driver-trace.h32
-rw-r--r--net/mac80211/ibss.c6
-rw-r--r--net/mac80211/ieee80211_i.h79
-rw-r--r--net/mac80211/iface.c7
-rw-r--r--net/mac80211/key.c38
-rw-r--r--net/mac80211/main.c16
-rw-r--r--net/mac80211/mesh_pathtbl.c6
-rw-r--r--net/mac80211/mlme.c1390
-rw-r--r--net/mac80211/pm.c11
-rw-r--r--net/mac80211/rate.c4
-rw-r--r--net/mac80211/rate.h3
-rw-r--r--net/mac80211/rx.c22
-rw-r--r--net/mac80211/sta_info.c252
-rw-r--r--net/mac80211/sta_info.h40
-rw-r--r--net/mac80211/util.c11
-rw-r--r--net/mac80211/work.c815
-rw-r--r--net/wireless/core.h14
-rw-r--r--net/wireless/mlme.c322
-rw-r--r--net/wireless/nl80211.c40
-rw-r--r--net/wireless/scan.c12
-rw-r--r--net/wireless/sme.c41
33 files changed, 1437 insertions, 1840 deletions
diff --git a/net/bluetooth/af_bluetooth.c b/net/bluetooth/af_bluetooth.c
index ef92864..72eb187 100644
--- a/net/bluetooth/af_bluetooth.c
+++ b/net/bluetooth/af_bluetooth.c
@@ -71,19 +71,16 @@ static const char *const bt_slock_key_strings[BT_MAX_PROTO] = {
"slock-AF_BLUETOOTH-BTPROTO_AVDTP",
};
-static inline void bt_sock_reclassify_lock(struct socket *sock, int proto)
+void bt_sock_reclassify_lock(struct sock *sk, int proto)
{
- struct sock *sk = sock->sk;
-
- if (!sk)
- return;
-
+ BUG_ON(!sk);
BUG_ON(sock_owned_by_user(sk));
sock_lock_init_class_and_name(sk,
bt_slock_key_strings[proto], &bt_slock_key[proto],
bt_key_strings[proto], &bt_lock_key[proto]);
}
+EXPORT_SYMBOL(bt_sock_reclassify_lock);
int bt_sock_register(int proto, const struct net_proto_family *ops)
{
@@ -145,7 +142,8 @@ static int bt_sock_create(struct net *net, struct socket *sock, int proto,
if (bt_proto[proto] && try_module_get(bt_proto[proto]->owner)) {
err = bt_proto[proto]->create(net, sock, proto, kern);
- bt_sock_reclassify_lock(sock, proto);
+ if (!err)
+ bt_sock_reclassify_lock(sock->sk, proto);
module_put(bt_proto[proto]->owner);
}
diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c
index 3db4324..07bc69e 100644
--- a/net/bluetooth/hci_conn.c
+++ b/net/bluetooth/hci_conn.c
@@ -635,6 +635,10 @@ static int hci_conn_auth(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
struct hci_cp_auth_requested cp;
+
+ /* encrypt must be pending if auth is also pending */
+ set_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
+
cp.handle = cpu_to_le16(conn->handle);
hci_send_cmd(conn->hdev, HCI_OP_AUTH_REQUESTED,
sizeof(cp), &cp);
diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c
index 9de9371..5aeb624 100644
--- a/net/bluetooth/hci_core.c
+++ b/net/bluetooth/hci_core.c
@@ -640,7 +640,8 @@ static int hci_dev_do_close(struct hci_dev *hdev)
/* Reset device */
skb_queue_purge(&hdev->cmd_q);
atomic_set(&hdev->cmd_cnt, 1);
- if (!test_bit(HCI_RAW, &hdev->flags)) {
+ if (!test_bit(HCI_RAW, &hdev->flags) &&
+ test_bit(HCI_QUIRK_NO_RESET, &hdev->quirks)) {
set_bit(HCI_INIT, &hdev->flags);
__hci_request(hdev, hci_reset_req, 0,
msecs_to_jiffies(250));
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c
index faf0b11..32d338c 100644
--- a/net/bluetooth/l2cap_core.c
+++ b/net/bluetooth/l2cap_core.c
@@ -1018,10 +1018,10 @@ static void l2cap_conn_del(struct hci_conn *hcon, int err)
hci_chan_del(conn->hchan);
if (conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT)
- __cancel_delayed_work(&conn->info_timer);
+ cancel_delayed_work_sync(&conn->info_timer);
if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->pend)) {
- __cancel_delayed_work(&conn->security_timer);
+ cancel_delayed_work_sync(&conn->security_timer);
smp_chan_destroy(conn);
}
@@ -1120,7 +1120,7 @@ static struct l2cap_chan *l2cap_global_chan_by_psm(int state, __le16 psm, bdaddr
return c1;
}
-inline int l2cap_chan_connect(struct l2cap_chan *chan, __le16 psm, u16 cid, bdaddr_t *dst)
+int l2cap_chan_connect(struct l2cap_chan *chan, __le16 psm, u16 cid, bdaddr_t *dst)
{
struct sock *sk = chan->sk;
bdaddr_t *src = &bt_sk(sk)->src;
@@ -2574,7 +2574,7 @@ static inline int l2cap_command_rej(struct l2cap_conn *conn, struct l2cap_cmd_hd
if ((conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_SENT) &&
cmd->ident == conn->info_ident) {
- __cancel_delayed_work(&conn->info_timer);
+ cancel_delayed_work(&conn->info_timer);
conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE;
conn->info_ident = 0;
@@ -2970,7 +2970,8 @@ static inline int l2cap_config_rsp(struct l2cap_conn *conn, struct l2cap_cmd_hdr
default:
sk->sk_err = ECONNRESET;
- __set_chan_timer(chan, L2CAP_DISC_REJ_TIMEOUT);
+ __set_chan_timer(chan,
+ msecs_to_jiffies(L2CAP_DISC_REJ_TIMEOUT));
l2cap_send_disconn_req(conn, chan, ECONNRESET);
goto done;
}
@@ -3120,7 +3121,7 @@ static inline int l2cap_information_rsp(struct l2cap_conn *conn, struct l2cap_cm
conn->info_state & L2CAP_INFO_FEAT_MASK_REQ_DONE)
return 0;
- __cancel_delayed_work(&conn->info_timer);
+ cancel_delayed_work(&conn->info_timer);
if (result != L2CAP_IR_SUCCESS) {
conn->info_state |= L2CAP_INFO_FEAT_MASK_REQ_DONE;
@@ -4478,7 +4479,8 @@ static inline void l2cap_check_encryption(struct l2cap_chan *chan, u8 encrypt)
if (encrypt == 0x00) {
if (chan->sec_level == BT_SECURITY_MEDIUM) {
__clear_chan_timer(chan);
- __set_chan_timer(chan, L2CAP_ENC_TIMEOUT);
+ __set_chan_timer(chan,
+ msecs_to_jiffies(L2CAP_ENC_TIMEOUT));
} else if (chan->sec_level == BT_SECURITY_HIGH)
l2cap_chan_close(chan, ECONNREFUSED);
} else {
@@ -4499,7 +4501,7 @@ int l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt)
if (hcon->type == LE_LINK) {
smp_distribute_keys(conn, 0);
- __cancel_delayed_work(&conn->security_timer);
+ cancel_delayed_work(&conn->security_timer);
}
rcu_read_lock();
@@ -4546,7 +4548,8 @@ int l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt)
L2CAP_CONN_REQ, sizeof(req), &req);
} else {
__clear_chan_timer(chan);
- __set_chan_timer(chan, L2CAP_DISC_TIMEOUT);
+ __set_chan_timer(chan,
+ msecs_to_jiffies(L2CAP_DISC_TIMEOUT));
}
} else if (chan->state == BT_CONNECT2) {
struct l2cap_conn_rsp rsp;
@@ -4566,7 +4569,8 @@ int l2cap_security_cfm(struct hci_conn *hcon, u8 status, u8 encrypt)
}
} else {
l2cap_state_change(chan, BT_DISCONN);
- __set_chan_timer(chan, L2CAP_DISC_TIMEOUT);
+ __set_chan_timer(chan,
+ msecs_to_jiffies(L2CAP_DISC_TIMEOUT));
res = L2CAP_CR_SEC_BLOCK;
stat = L2CAP_CS_NO_INFO;
}
diff --git a/net/bluetooth/l2cap_sock.c b/net/bluetooth/l2cap_sock.c
index c61d967..401d942 100644
--- a/net/bluetooth/l2cap_sock.c
+++ b/net/bluetooth/l2cap_sock.c
@@ -849,6 +849,8 @@ static struct l2cap_chan *l2cap_sock_new_connection_cb(void *data)
if (!sk)
return NULL;
+ bt_sock_reclassify_lock(sk, BTPROTO_L2CAP);
+
l2cap_sock_init(sk, parent);
return l2cap_pi(sk)->chan;
@@ -1002,7 +1004,7 @@ static struct sock *l2cap_sock_alloc(struct net *net, struct socket *sock, int p
INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
sk->sk_destruct = l2cap_sock_destruct;
- sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT;
+ sk->sk_sndtimeo = msecs_to_jiffies(L2CAP_CONN_TIMEOUT);
sock_reset_flag(sk, SOCK_ZAPPED);
diff --git a/net/bluetooth/rfcomm/core.c b/net/bluetooth/rfcomm/core.c
index 501649b..8a60238 100644
--- a/net/bluetooth/rfcomm/core.c
+++ b/net/bluetooth/rfcomm/core.c
@@ -1164,12 +1164,18 @@ static int rfcomm_recv_ua(struct rfcomm_session *s, u8 dlci)
break;
case BT_DISCONN:
- /* When socket is closed and we are not RFCOMM
- * initiator rfcomm_process_rx already calls
- * rfcomm_session_put() */
- if (s->sock->sk->sk_state != BT_CLOSED)
- if (list_empty(&s->dlcs))
- rfcomm_session_put(s);
+ /* rfcomm_session_put is called later so don't do
+ * anything here otherwise we will mess up the session
+ * reference counter:
+ *
+ * (a) when we are the initiator dlc_unlink will drive
+ * the reference counter to 0 (there is no initial put
+ * after session_add)
+ *
+ * (b) when we are not the initiator rfcomm_rx_process
+ * will explicitly call put to balance the initial hold
+ * done after session add.
+ */
break;
}
}
diff --git a/net/bluetooth/rfcomm/sock.c b/net/bluetooth/rfcomm/sock.c
index f066678..22169c3 100644
--- a/net/bluetooth/rfcomm/sock.c
+++ b/net/bluetooth/rfcomm/sock.c
@@ -956,6 +956,8 @@ int rfcomm_connect_ind(struct rfcomm_session *s, u8 channel, struct rfcomm_dlc *
if (!sk)
goto done;
+ bt_sock_reclassify_lock(sk, BTPROTO_RFCOMM);
+
rfcomm_sock_init(sk, parent);
bacpy(&bt_sk(sk)->src, &src);
bacpy(&bt_sk(sk)->dst, &dst);
diff --git a/net/mac80211/Makefile b/net/mac80211/Makefile
index d540c3b..1be7a45 100644
--- a/net/mac80211/Makefile
+++ b/net/mac80211/Makefile
@@ -9,7 +9,7 @@ mac80211-y := \
scan.o offchannel.o \
ht.o agg-tx.o agg-rx.o \
ibss.o \
- mlme.o work.o \
+ work.o \
iface.o \
rate.o \
michael.o \
@@ -25,7 +25,7 @@ mac80211-y := \
wme.o \
event.o \
chan.o \
- driver-trace.o
+ driver-trace.o mlme.o
mac80211-$(CONFIG_MAC80211_LEDS) += led.o
mac80211-$(CONFIG_MAC80211_DEBUGFS) += \
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index d15ba0d..c3de921 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -2028,7 +2028,7 @@ ieee80211_offchan_tx_done(struct ieee80211_work *wk, struct sk_buff *skb)
if (wk->offchan_tx.wait && !wk->offchan_tx.status)
cfg80211_mgmt_tx_status(wk->sdata->dev,
(unsigned long) wk->offchan_tx.frame,
- wk->ie, wk->ie_len, false, GFP_KERNEL);
+ wk->data, wk->data_len, false, GFP_KERNEL);
return WORK_DONE_DESTROY;
}
@@ -2179,8 +2179,8 @@ static int ieee80211_mgmt_tx(struct wiphy *wiphy, struct net_device *dev,
wk->done = ieee80211_offchan_tx_done;
wk->offchan_tx.frame = skb;
wk->offchan_tx.wait = wait;
- wk->ie_len = len;
- memcpy(wk->ie, buf, len);
+ wk->data_len = len;
+ memcpy(wk->data, buf, len);
ieee80211_add_work(wk);
return 0;
diff --git a/net/mac80211/debugfs.c b/net/mac80211/debugfs.c
index affe64b..483e96e 100644
--- a/net/mac80211/debugfs.c
+++ b/net/mac80211/debugfs.c
@@ -263,6 +263,8 @@ static ssize_t hwflags_read(struct file *file, char __user *user_buf,
sf += snprintf(buf + sf, mxln - sf, "AP_LINK_PS\n");
if (local->hw.flags & IEEE80211_HW_TX_AMPDU_SETUP_IN_HW)
sf += snprintf(buf + sf, mxln - sf, "TX_AMPDU_SETUP_IN_HW\n");
+ if (local->hw.flags & IEEE80211_HW_SCAN_WHILE_IDLE)
+ sf += snprintf(buf + sf, mxln - sf, "SCAN_WHILE_IDLE\n");
rv = simple_read_from_buffer(user_buf, count, ppos, buf, strlen(buf));
kfree(buf);
diff --git a/net/mac80211/debugfs_sta.c b/net/mac80211/debugfs_sta.c
index c838371..6d45804 100644
--- a/net/mac80211/debugfs_sta.c
+++ b/net/mac80211/debugfs_sta.c
@@ -63,7 +63,7 @@ static ssize_t sta_flags_read(struct file *file, char __user *userbuf,
test_sta_flag(sta, WLAN_STA_##flg) ? #flg "\n" : ""
int res = scnprintf(buf, sizeof(buf),
- "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s",
+ "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s",
TEST(AUTH), TEST(ASSOC), TEST(PS_STA),
TEST(PS_DRIVER), TEST(AUTHORIZED),
TEST(SHORT_PREAMBLE),
@@ -71,7 +71,7 @@ static ssize_t sta_flags_read(struct file *file, char __user *userbuf,
TEST(MFP), TEST(BLOCK_BA), TEST(PSPOLL),
TEST(UAPSD), TEST(SP), TEST(TDLS_PEER),
TEST(TDLS_PEER_AUTH), TEST(4ADDR_EVENT),
- TEST(INSERTED));
+ TEST(INSERTED), TEST(RATE_CONTROL));
#undef TEST
return simple_read_from_buffer(userbuf, count, ppos, buf, res);
}
diff --git a/net/mac80211/driver-ops.h b/net/mac80211/driver-ops.h
index e8960ae..70dfb64 100644
--- a/net/mac80211/driver-ops.h
+++ b/net/mac80211/driver-ops.h
@@ -253,6 +253,7 @@ static inline int drv_set_key(struct ieee80211_local *local,
might_sleep();
+ sdata = get_bss_sdata(sdata);
check_sdata_in_driver(sdata);
trace_drv_set_key(local, cmd, sdata, sta, key);
@@ -272,6 +273,7 @@ static inline void drv_update_tkip_key(struct ieee80211_local *local,
if (sta)
ista = &sta->sta;
+ sdata = get_bss_sdata(sdata);
check_sdata_in_driver(sdata);
trace_drv_update_tkip_key(local, sdata, conf, ista, iv32);
@@ -476,6 +478,37 @@ static inline void drv_sta_remove(struct ieee80211_local *local,
trace_drv_return_void(local);
}
+static inline __must_check
+int drv_sta_state(struct ieee80211_local *local,
+ struct ieee80211_sub_if_data *sdata,
+ struct sta_info *sta,
+ enum ieee80211_sta_state old_state,
+ enum ieee80211_sta_state new_state)
+{
+ int ret = 0;
+
+ might_sleep();
+
+ sdata = get_bss_sdata(sdata);
+ check_sdata_in_driver(sdata);
+
+ trace_drv_sta_state(local, sdata, &sta->sta, old_state, new_state);
+ if (local->ops->sta_state) {
+ ret = local->ops->sta_state(&local->hw, &sdata->vif, &sta->sta,
+ old_state, new_state);
+ } else if (old_state == IEEE80211_STA_AUTH &&
+ new_state == IEEE80211_STA_ASSOC) {
+ ret = drv_sta_add(local, sdata, &sta->sta);
+ if (ret == 0)
+ sta->uploaded = true;
+ } else if (old_state == IEEE80211_STA_ASSOC &&
+ new_state == IEEE80211_STA_AUTH) {
+ drv_sta_remove(local, sdata, &sta->sta);
+ }
+ trace_drv_return_int(local, ret);
+ return ret;
+}
+
static inline int drv_conf_tx(struct ieee80211_local *local,
struct ieee80211_sub_if_data *sdata, u16 queue,
const struct ieee80211_tx_queue_params *params)
diff --git a/net/mac80211/driver-trace.h b/net/mac80211/driver-trace.h
index 6e9df8f..384e2f0 100644
--- a/net/mac80211/driver-trace.h
+++ b/net/mac80211/driver-trace.h
@@ -635,6 +635,38 @@ TRACE_EVENT(drv_sta_notify,
)
);
+TRACE_EVENT(drv_sta_state,
+ TP_PROTO(struct ieee80211_local *local,
+ struct ieee80211_sub_if_data *sdata,
+ struct ieee80211_sta *sta,
+ enum ieee80211_sta_state old_state,
+ enum ieee80211_sta_state new_state),
+
+ TP_ARGS(local, sdata, sta, old_state, new_state),
+
+ TP_STRUCT__entry(
+ LOCAL_ENTRY
+ VIF_ENTRY
+ STA_ENTRY
+ __field(u32, old_state)
+ __field(u32, new_state)
+ ),
+
+ TP_fast_assign(
+ LOCAL_ASSIGN;
+ VIF_ASSIGN;
+ STA_ASSIGN;
+ __entry->old_state = old_state;
+ __entry->new_state = new_state;
+ ),
+
+ TP_printk(
+ LOCAL_PR_FMT VIF_PR_FMT STA_PR_FMT " state: %d->%d",
+ LOCAL_PR_ARG, VIF_PR_ARG, STA_PR_ARG,
+ __entry->old_state, __entry->new_state
+ )
+);
+
TRACE_EVENT(drv_sta_add,
TP_PROTO(struct ieee80211_local *local,
struct ieee80211_sub_if_data *sdata,
diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c
index 7b3a0b0..8361da4 100644
--- a/net/mac80211/ibss.c
+++ b/net/mac80211/ibss.c
@@ -268,7 +268,10 @@ static struct sta_info *ieee80211_ibss_finish_sta(struct sta_info *sta,
sta_info_pre_move_state(sta, IEEE80211_STA_AUTH);
sta_info_pre_move_state(sta, IEEE80211_STA_ASSOC);
- sta_info_pre_move_state(sta, IEEE80211_STA_AUTHORIZED);
+ /* authorize the station only if the network is not RSN protected. If
+ * not wait for the userspace to authorize it */
+ if (!sta->sdata->u.ibss.control_port)
+ sta_info_pre_move_state(sta, IEEE80211_STA_AUTHORIZED);
rate_control_rate_init(sta);
@@ -1075,6 +1078,7 @@ int ieee80211_ibss_join(struct ieee80211_sub_if_data *sdata,
sdata->u.ibss.fixed_bssid = false;
sdata->u.ibss.privacy = params->privacy;
+ sdata->u.ibss.control_port = params->control_port;
sdata->u.ibss.basic_rates = params->basic_rates;
memcpy(sdata->vif.bss_conf.mcast_rate, params->mcast_rate,
sizeof(params->mcast_rate));
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index d47e8c1..74594f0 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -280,10 +280,6 @@ struct mesh_preq_queue {
enum ieee80211_work_type {
IEEE80211_WORK_ABORT,
- IEEE80211_WORK_DIRECT_PROBE,
- IEEE80211_WORK_AUTH,
- IEEE80211_WORK_ASSOC_BEACON_WAIT,
- IEEE80211_WORK_ASSOC,
IEEE80211_WORK_REMAIN_ON_CHANNEL,
IEEE80211_WORK_OFFCHANNEL_TX,
};
@@ -316,36 +312,10 @@ struct ieee80211_work {
unsigned long timeout;
enum ieee80211_work_type type;
- u8 filter_ta[ETH_ALEN];
-
bool started;
union {
struct {
- int tries;
- u16 algorithm, transaction;
- u8 ssid[IEEE80211_MAX_SSID_LEN];
- u8 ssid_len;
- u8 key[WLAN_KEY_LEN_WEP104];
- u8 key_len, key_idx;
- bool privacy;
- bool synced;
- } probe_auth;
- struct {
- struct cfg80211_bss *bss;
- const u8 *supp_rates;
- const u8 *ht_information_ie;
- enum ieee80211_smps_mode smps;
- int tries;
- u16 capability;
- u8 prev_bssid[ETH_ALEN];
- u8 ssid[IEEE80211_MAX_SSID_LEN];
- u8 ssid_len;
- u8 supp_rates_len;
- bool wmm_used, use_11n, uapsd_used;
- bool synced;
- } assoc;
- struct {
u32 duration;
} remain;
struct {
@@ -355,9 +325,8 @@ struct ieee80211_work {
} offchan_tx;
};
- int ie_len;
- /* must be last */
- u8 ie[0];
+ size_t data_len;
+ u8 data[];
};
/* flags used in struct ieee80211_if_managed.flags */
@@ -373,6 +342,43 @@ enum ieee80211_sta_flags {
IEEE80211_STA_RESET_SIGNAL_AVE = BIT(9),
};
+struct ieee80211_mgd_auth_data {
+ struct cfg80211_bss *bss;
+ unsigned long timeout;
+ int tries;
+ u16 algorithm, expected_transaction;
+
+ u8 key[WLAN_KEY_LEN_WEP104];
+ u8 key_len, key_idx;
+ bool synced;
+ bool done;
+
+ size_t ie_len;
+ u8 ie[];
+};
+
+struct ieee80211_mgd_assoc_data {
+ struct cfg80211_bss *bss;
+ const u8 *supp_rates;
+ const u8 *ht_information_ie;
+
+ unsigned long timeout;
+ int tries;
+
+ u16 capability;
+ u8 prev_bssid[ETH_ALEN];
+ u8 ssid[IEEE80211_MAX_SSID_LEN];
+ u8 ssid_len;
+ u8 supp_rates_len;
+ bool wmm_used, uapsd_used;
+ bool have_beacon;
+ bool sent_assoc;
+ bool synced;
+
+ size_t ie_len;
+ u8 ie[];
+};
+
struct ieee80211_if_managed {
struct timer_list timer;
struct timer_list conn_mon_timer;
@@ -389,6 +395,8 @@ struct ieee80211_if_managed {
struct mutex mtx;
struct cfg80211_bss *associated;
+ struct ieee80211_mgd_auth_data *auth_data;
+ struct ieee80211_mgd_assoc_data *assoc_data;
u8 bssid[ETH_ALEN];
@@ -470,6 +478,8 @@ struct ieee80211_if_ibss {
bool fixed_channel;
bool privacy;
+ bool control_port;
+
u8 bssid[ETH_ALEN];
u8 ssid[IEEE80211_MAX_SSID_LEN];
u8 ssid_len, ie_len;
@@ -770,7 +780,6 @@ struct ieee80211_local {
struct list_head work_list;
struct timer_list work_timer;
struct work_struct work_work;
- struct sk_buff_head work_skb_queue;
/*
* private workqueue to mac80211. mac80211 makes this accessible
@@ -1437,8 +1446,6 @@ void ieee80211_work_init(struct ieee80211_local *local);
void ieee80211_add_work(struct ieee80211_work *wk);
void free_work(struct ieee80211_work *wk);
void ieee80211_work_purge(struct ieee80211_sub_if_data *sdata);
-ieee80211_rx_result ieee80211_work_rx_mgmt(struct ieee80211_sub_if_data *sdata,
- struct sk_buff *skb);
int ieee80211_wk_remain_on_channel(struct ieee80211_sub_if_data *sdata,
struct ieee80211_channel *chan,
enum nl80211_channel_type channel_type,
diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c
index 2efd595..6b3cd65 100644
--- a/net/mac80211/iface.c
+++ b/net/mac80211/iface.c
@@ -1310,7 +1310,9 @@ u32 __ieee80211_recalc_idle(struct ieee80211_local *local)
/* do not count disabled managed interfaces */
if (sdata->vif.type == NL80211_IFTYPE_STATION &&
- !sdata->u.mgd.associated) {
+ !sdata->u.mgd.associated &&
+ !sdata->u.mgd.auth_data &&
+ !sdata->u.mgd.assoc_data) {
sdata->vif.bss_conf.idle = true;
continue;
}
@@ -1330,7 +1332,8 @@ u32 __ieee80211_recalc_idle(struct ieee80211_local *local)
wk->sdata->vif.bss_conf.idle = false;
}
- if (local->scan_sdata) {
+ if (local->scan_sdata &&
+ !(local->hw.flags & IEEE80211_HW_SCAN_WHILE_IDLE)) {
scanning = true;
local->scan_sdata->vif.bss_conf.idle = false;
}
diff --git a/net/mac80211/key.c b/net/mac80211/key.c
index 87a8974..e8616b3 100644
--- a/net/mac80211/key.c
+++ b/net/mac80211/key.c
@@ -54,14 +54,6 @@ static void assert_key_lock(struct ieee80211_local *local)
lockdep_assert_held(&local->key_mtx);
}
-static struct ieee80211_sta *get_sta_for_key(struct ieee80211_key *key)
-{
- if (key->sta)
- return &key->sta->sta;
-
- return NULL;
-}
-
static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata)
{
/*
@@ -95,7 +87,7 @@ static void increment_tailroom_need_count(struct ieee80211_sub_if_data *sdata)
static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
{
struct ieee80211_sub_if_data *sdata;
- struct ieee80211_sta *sta;
+ struct sta_info *sta;
int ret;
might_sleep();
@@ -105,7 +97,7 @@ static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
assert_key_lock(key->local);
- sta = get_sta_for_key(key);
+ sta = key->sta;
/*
* If this is a per-STA GTK, check if it
@@ -115,6 +107,9 @@ static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
!(key->local->hw.flags & IEEE80211_HW_SUPPORTS_PER_STA_GTK))
goto out_unsupported;
+ if (sta && !sta->uploaded)
+ goto out_unsupported;
+
sdata = key->sdata;
if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
/*
@@ -123,12 +118,10 @@ static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
*/
if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE))
goto out_unsupported;
- sdata = container_of(sdata->bss,
- struct ieee80211_sub_if_data,
- u.ap);
}
- ret = drv_set_key(key->local, SET_KEY, sdata, sta, &key->conf);
+ ret = drv_set_key(key->local, SET_KEY, sdata,
+ sta ? &sta->sta : NULL, &key->conf);
if (!ret) {
key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE;
@@ -147,7 +140,8 @@ static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
if (ret != -ENOSPC && ret != -EOPNOTSUPP)
wiphy_err(key->local->hw.wiphy,
"failed to set key (%d, %pM) to hardware (%d)\n",
- key->conf.keyidx, sta ? sta->addr : bcast_addr, ret);
+ key->conf.keyidx,
+ sta ? sta->sta.addr : bcast_addr, ret);
out_unsupported:
switch (key->conf.cipher) {
@@ -166,7 +160,7 @@ static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
{
struct ieee80211_sub_if_data *sdata;
- struct ieee80211_sta *sta;
+ struct sta_info *sta;
int ret;
might_sleep();
@@ -179,7 +173,7 @@ static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
return;
- sta = get_sta_for_key(key);
+ sta = key->sta;
sdata = key->sdata;
if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
@@ -187,18 +181,14 @@ static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key)
(key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE)))
increment_tailroom_need_count(sdata);
- if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
- sdata = container_of(sdata->bss,
- struct ieee80211_sub_if_data,
- u.ap);
-
ret = drv_set_key(key->local, DISABLE_KEY, sdata,
- sta, &key->conf);
+ sta ? &sta->sta : NULL, &key->conf);
if (ret)
wiphy_err(key->local->hw.wiphy,
"failed to remove key (%d, %pM) from hardware (%d)\n",
- key->conf.keyidx, sta ? sta->addr : bcast_addr, ret);
+ key->conf.keyidx,
+ sta ? sta->sta.addr : bcast_addr, ret);
key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
}
diff --git a/net/mac80211/main.c b/net/mac80211/main.c
index 0ec1861..2306d75 100644
--- a/net/mac80211/main.c
+++ b/net/mac80211/main.c
@@ -199,15 +199,7 @@ void ieee80211_bss_info_change_notify(struct ieee80211_sub_if_data *sdata,
return;
if (sdata->vif.type == NL80211_IFTYPE_STATION) {
- /*
- * While not associated, claim a BSSID of all-zeroes
- * so that drivers don't do any weird things with the
- * BSSID at that time.
- */
- if (sdata->vif.bss_conf.assoc)
- sdata->vif.bss_conf.bssid = sdata->u.mgd.bssid;
- else
- sdata->vif.bss_conf.bssid = zero;
+ sdata->vif.bss_conf.bssid = sdata->u.mgd.bssid;
} else if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
sdata->vif.bss_conf.bssid = sdata->u.ibss.bssid;
else if (sdata->vif.type == NL80211_IFTYPE_AP)
@@ -535,6 +527,9 @@ struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
int priv_size, i;
struct wiphy *wiphy;
+ if (WARN_ON(ops->sta_state && (ops->sta_add || ops->sta_remove)))
+ return NULL;
+
/* Ensure 32-byte alignment of our private data and hw private data.
* We use the wiphy priv data for both our ieee80211_local and for
* the driver's private data
@@ -702,6 +697,9 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
)
return -EINVAL;
+ if ((hw->flags & IEEE80211_HW_SCAN_WHILE_IDLE) && !local->ops->hw_scan)
+ return -EINVAL;
+
if (hw->max_report_rates == 0)
hw->max_report_rates = hw->max_rates;
diff --git a/net/mac80211/mesh_pathtbl.c b/net/mac80211/mesh_pathtbl.c
index edf167e..dc51669 100644
--- a/net/mac80211/mesh_pathtbl.c
+++ b/net/mac80211/mesh_pathtbl.c
@@ -336,7 +336,7 @@ static void mesh_path_move_to_queue(struct mesh_path *gate_mpath,
}
-static struct mesh_path *path_lookup(struct mesh_table *tbl, u8 *dst,
+static struct mesh_path *mpath_lookup(struct mesh_table *tbl, u8 *dst,
struct ieee80211_sub_if_data *sdata)
{
struct mesh_path *mpath;
@@ -371,12 +371,12 @@ static struct mesh_path *path_lookup(struct mesh_table *tbl, u8 *dst,
*/
struct mesh_path *mesh_path_lookup(u8 *dst, struct ieee80211_sub_if_data *sdata)
{
- return path_lookup(rcu_dereference(mesh_paths), dst, sdata);
+ return mpath_lookup(rcu_dereference(mesh_paths), dst, sdata);
}
struct mesh_path *mpp_path_lookup(u8 *dst, struct ieee80211_sub_if_data *sdata)
{
- return path_lookup(rcu_dereference(mpp_paths), dst, sdata);
+ return mpath_lookup(rcu_dereference(mpp_paths), dst, sdata);
}
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index 49fd1ac..52133da 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -30,6 +30,12 @@
#include "rate.h"
#include "led.h"
+#define IEEE80211_AUTH_TIMEOUT (HZ / 5)
+#define IEEE80211_AUTH_MAX_TRIES 3
+#define IEEE80211_AUTH_WAIT_ASSOC (HZ * 5)
+#define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
+#define IEEE80211_ASSOC_MAX_TRIES 3
+
static int max_nullfunc_tries = 2;
module_param(max_nullfunc_tries, int, 0644);
MODULE_PARM_DESC(max_nullfunc_tries,
@@ -97,6 +103,15 @@ enum rx_mgmt_action {
/* caller must call cfg80211_send_disassoc() */
RX_MGMT_CFG80211_DISASSOC,
+
+ /* caller must call cfg80211_send_rx_auth() */
+ RX_MGMT_CFG80211_RX_AUTH,
+
+ /* caller must call cfg80211_send_rx_assoc() */
+ RX_MGMT_CFG80211_RX_ASSOC,
+
+ /* caller must call cfg80211_send_assoc_timeout() */
+ RX_MGMT_CFG80211_ASSOC_TIMEOUT,
};
/* utils */
@@ -115,8 +130,7 @@ static inline void ASSERT_MGD_MTX(struct ieee80211_if_managed *ifmgd)
* has happened -- the work that runs from this timer will
* do that.
*/
-static void run_again(struct ieee80211_if_managed *ifmgd,
- unsigned long timeout)
+static void run_again(struct ieee80211_if_managed *ifmgd, unsigned long timeout)
{
ASSERT_MGD_MTX(ifmgd);
@@ -284,6 +298,319 @@ static u32 ieee80211_enable_ht(struct ieee80211_sub_if_data *sdata,
/* frame sending functions */
+static int ieee80211_compatible_rates(const u8 *supp_rates, int supp_rates_len,
+ struct ieee80211_supported_band *sband,
+ u32 *rates)
+{
+ int i, j, count;
+ *rates = 0;
+ count = 0;
+ for (i = 0; i < supp_rates_len; i++) {
+ int rate = (supp_rates[i] & 0x7F) * 5;
+
+ for (j = 0; j < sband->n_bitrates; j++)
+ if (sband->bitrates[j].bitrate == rate) {
+ *rates |= BIT(j);
+ count++;
+ break;
+ }
+ }
+
+ return count;
+}
+
+static void ieee80211_add_ht_ie(struct ieee80211_sub_if_data *sdata,
+ struct sk_buff *skb, const u8 *ht_info_ie,
+ struct ieee80211_supported_band *sband,
+ struct ieee80211_channel *channel,
+ enum ieee80211_smps_mode smps)
+{
+ struct ieee80211_ht_info *ht_info;
+ u8 *pos;
+ u32 flags = channel->flags;
+ u16 cap;
+ struct ieee80211_sta_ht_cap ht_cap;
+
+ BUILD_BUG_ON(sizeof(ht_cap) != sizeof(sband->ht_cap));
+
+ if (!sband->ht_cap.ht_supported)
+ return;
+
+ if (!ht_info_ie)
+ return;
+
+ if (ht_info_ie[1] < sizeof(struct ieee80211_ht_info))
+ return;
+
+ memcpy(&ht_cap, &sband->ht_cap, sizeof(ht_cap));
+ ieee80211_apply_htcap_overrides(sdata, &ht_cap);
+
+ ht_info = (struct ieee80211_ht_info *)(ht_info_ie + 2);
+
+ /* determine capability flags */
+ cap = ht_cap.cap;
+
+ switch (ht_info->ht_param & IEEE80211_HT_PARAM_CHA_SEC_OFFSET) {
+ case IEEE80211_HT_PARAM_CHA_SEC_ABOVE:
+ if (flags & IEEE80211_CHAN_NO_HT40PLUS) {
+ cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
+ cap &= ~IEEE80211_HT_CAP_SGI_40;
+ }
+ break;
+ case IEEE80211_HT_PARAM_CHA_SEC_BELOW:
+ if (flags & IEEE80211_CHAN_NO_HT40MINUS) {
+ cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
+ cap &= ~IEEE80211_HT_CAP_SGI_40;
+ }
+ break;
+ }
+
+ /* set SM PS mode properly */
+ cap &= ~IEEE80211_HT_CAP_SM_PS;
+ switch (smps) {
+ case IEEE80211_SMPS_AUTOMATIC:
+ case IEEE80211_SMPS_NUM_MODES:
+ WARN_ON(1);
+ case IEEE80211_SMPS_OFF:
+ cap |= WLAN_HT_CAP_SM_PS_DISABLED <<
+ IEEE80211_HT_CAP_SM_PS_SHIFT;
+ break;
+ case IEEE80211_SMPS_STATIC:
+ cap |= WLAN_HT_CAP_SM_PS_STATIC <<
+ IEEE80211_HT_CAP_SM_PS_SHIFT;
+ break;
+ case IEEE80211_SMPS_DYNAMIC:
+ cap |= WLAN_HT_CAP_SM_PS_DYNAMIC <<
+ IEEE80211_HT_CAP_SM_PS_SHIFT;
+ break;
+ }
+
+ /* reserve and fill IE */
+ pos = skb_put(skb, sizeof(struct ieee80211_ht_cap) + 2);
+ ieee80211_ie_build_ht_cap(pos, &ht_cap, cap);
+}
+
+static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata)
+{
+ struct ieee80211_local *local = sdata->local;
+ struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
+ struct ieee80211_mgd_assoc_data *assoc_data = ifmgd->assoc_data;
+ struct sk_buff *skb;
+ struct ieee80211_mgmt *mgmt;
+ u8 *pos, qos_info;
+ size_t offset = 0, noffset;
+ int i, count, rates_len, supp_rates_len;
+ u16 capab;
+ struct ieee80211_supported_band *sband;
+ u32 rates = 0;
+ struct ieee80211_bss *bss = (void *)assoc_data->bss->priv;
+
+ lockdep_assert_held(&ifmgd->mtx);
+
+ sband = local->hw.wiphy->bands[local->oper_channel->band];
+
+ if (assoc_data->supp_rates_len) {
+ /*
+ * Get all rates supported by the device and the AP as
+ * some APs don't like getting a superset of their rates
+ * in the association request (e.g. D-Link DAP 1353 in
+ * b-only mode)...
+ */
+ rates_len = ieee80211_compatible_rates(assoc_data->supp_rates,
+ assoc_data->supp_rates_len,
+ sband, &rates);
+ } else {
+ /*
+ * In case AP not provide any supported rates information
+ * before association, we send information element(s) with
+ * all rates that we support.
+ */
+ rates = ~0;
+ rates_len = sband->n_bitrates;
+ }
+
+ skb = alloc_skb(local->hw.extra_tx_headroom +
+ sizeof(*mgmt) + /* bit too much but doesn't matter */
+ 2 + assoc_data->ssid_len + /* SSID */
+ 4 + rates_len + /* (extended) rates */
+ 4 + /* power capability */
+ 2 + 2 * sband->n_channels + /* supported channels */
+ 2 + sizeof(struct ieee80211_ht_cap) + /* HT */
+ assoc_data->ie_len + /* extra IEs */
+ 9, /* WMM */
+ GFP_KERNEL);
+ if (!skb)
+ return;
+
+ skb_reserve(skb, local->hw.extra_tx_headroom);
+
+ capab = WLAN_CAPABILITY_ESS;
+
+ if (sband->band == IEEE80211_BAND_2GHZ) {
+ if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
+ capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
+ if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE))
+ capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
+ }
+
+ if (assoc_data->capability & WLAN_CAPABILITY_PRIVACY)
+ capab |= WLAN_CAPABILITY_PRIVACY;
+
+ if ((assoc_data->capability & WLAN_CAPABILITY_SPECTRUM_MGMT) &&
+ (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT))
+ capab |= WLAN_CAPABILITY_SPECTRUM_MGMT;
+
+ mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
+ memset(mgmt, 0, 24);
+ memcpy(mgmt->da, assoc_data->bss->bssid, ETH_ALEN);
+ memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
+ memcpy(mgmt->bssid, assoc_data->bss->bssid, ETH_ALEN);
+
+ if (!is_zero_ether_addr(assoc_data->prev_bssid)) {
+ skb_put(skb, 10);
+ mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
+ IEEE80211_STYPE_REASSOC_REQ);
+ mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
+ mgmt->u.reassoc_req.listen_interval =
+ cpu_to_le16(local->hw.conf.listen_interval);
+ memcpy(mgmt->u.reassoc_req.current_ap, assoc_data->prev_bssid,
+ ETH_ALEN);
+ } else {
+ skb_put(skb, 4);
+ mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
+ IEEE80211_STYPE_ASSOC_REQ);
+ mgmt->u.assoc_req.capab_info = cpu_to_le16(capab);
+ mgmt->u.assoc_req.listen_interval =
+ cpu_to_le16(local->hw.conf.listen_interval);
+ }
+
+ /* SSID */
+ pos = skb_put(skb, 2 + assoc_data->ssid_len);
+ *pos++ = WLAN_EID_SSID;
+ *pos++ = assoc_data->ssid_len;
+ memcpy(pos, assoc_data->ssid, assoc_data->ssid_len);
+
+ /* add all rates which were marked to be used above */
+ supp_rates_len = rates_len;
+ if (supp_rates_len > 8)
+ supp_rates_len = 8;
+
+ pos = skb_put(skb, supp_rates_len + 2);
+ *pos++ = WLAN_EID_SUPP_RATES;
+ *pos++ = supp_rates_len;
+
+ count = 0;
+ for (i = 0; i < sband->n_bitrates; i++) {
+ if (BIT(i) & rates) {
+ int rate = sband->bitrates[i].bitrate;
+ *pos++ = (u8) (rate / 5);
+ if (++count == 8)
+ break;
+ }
+ }
+
+ if (rates_len > count) {
+ pos = skb_put(skb, rates_len - count + 2);
+ *pos++ = WLAN_EID_EXT_SUPP_RATES;
+ *pos++ = rates_len - count;
+
+ for (i++; i < sband->n_bitrates; i++) {
+ if (BIT(i) & rates) {
+ int rate = sband->bitrates[i].bitrate;
+ *pos++ = (u8) (rate / 5);
+ }
+ }
+ }
+
+ if (capab & WLAN_CAPABILITY_SPECTRUM_MGMT) {
+ /* 1. power capabilities */
+ pos = skb_put(skb, 4);
+ *pos++ = WLAN_EID_PWR_CAPABILITY;
+ *pos++ = 2;
+ *pos++ = 0; /* min tx power */
+ *pos++ = local->oper_channel->max_power; /* max tx power */
+
+ /* 2. supported channels */
+ /* TODO: get this in reg domain format */
+ pos = skb_put(skb, 2 * sband->n_channels + 2);
+ *pos++ = WLAN_EID_SUPPORTED_CHANNELS;
+ *pos++ = 2 * sband->n_channels;
+ for (i = 0; i < sband->n_channels; i++) {
+ *pos++ = ieee80211_frequency_to_channel(
+ sband->channels[i].center_freq);
+ *pos++ = 1; /* one channel in the subband*/
+ }
+ }
+
+ /* if present, add any custom IEs that go before HT */
+ if (assoc_data->ie_len && assoc_data->ie) {
+ static const u8 before_ht[] = {
+ WLAN_EID_SSID,
+ WLAN_EID_SUPP_RATES,
+ WLAN_EID_EXT_SUPP_RATES,
+ WLAN_EID_PWR_CAPABILITY,
+ WLAN_EID_SUPPORTED_CHANNELS,
+ WLAN_EID_RSN,
+ WLAN_EID_QOS_CAPA,
+ WLAN_EID_RRM_ENABLED_CAPABILITIES,
+ WLAN_EID_MOBILITY_DOMAIN,
+ WLAN_EID_SUPPORTED_REGULATORY_CLASSES,
+ };
+ noffset = ieee80211_ie_split(assoc_data->ie, assoc_data->ie_len,
+ before_ht, ARRAY_SIZE(before_ht),
+ offset);
+ pos = skb_put(skb, noffset - offset);
+ memcpy(pos, assoc_data->ie + offset, noffset - offset);
+ offset = noffset;
+ }
+
+ if (!(ifmgd->flags & IEEE80211_STA_DISABLE_11N) &&
+ bss->wmm_used && local->hw.queues >= 4)
+ ieee80211_add_ht_ie(sdata, skb, assoc_data->ht_information_ie,
+ sband, local->oper_channel, ifmgd->ap_smps);
+
+ /* if present, add any custom non-vendor IEs that go after HT */
+ if (assoc_data->ie_len && assoc_data->ie) {
+ noffset = ieee80211_ie_split_vendor(assoc_data->ie,
+ assoc_data->ie_len,
+ offset);
+ pos = skb_put(skb, noffset - offset);
+ memcpy(pos, assoc_data->ie + offset, noffset - offset);
+ offset = noffset;
+ }
+
+ if (assoc_data->wmm_used && local->hw.queues >= 4) {
+ if (assoc_data->uapsd_used) {
+ qos_info = local->uapsd_queues;
+ qos_info |= (local->uapsd_max_sp_len <<
+ IEEE80211_WMM_IE_STA_QOSINFO_SP_SHIFT);
+ } else {
+ qos_info = 0;
+ }
+
+ pos = skb_put(skb, 9);
+ *pos++ = WLAN_EID_VENDOR_SPECIFIC;
+ *pos++ = 7; /* len */
+ *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */
+ *pos++ = 0x50;
+ *pos++ = 0xf2;
+ *pos++ = 2; /* WME */
+ *pos++ = 0; /* WME info */
+ *pos++ = 1; /* WME ver */
+ *pos++ = qos_info;
+ }
+
+ /* add any remaining custom (i.e. vendor specific here) IEs */
+ if (assoc_data->ie_len && assoc_data->ie) {
+ noffset = assoc_data->ie_len;
+ pos = skb_put(skb, noffset - offset);
+ memcpy(pos, assoc_data->ie + offset, noffset - offset);
+ }
+
+ IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
+ ieee80211_tx_skb(sdata, skb);
+}
+
static void ieee80211_send_deauth_disassoc(struct ieee80211_sub_if_data *sdata,
const u8 *bssid, u16 stype, u16 reason,
void *cookie, bool send_frame)
@@ -1423,6 +1750,135 @@ void ieee80211_connection_loss(struct ieee80211_vif *vif)
EXPORT_SYMBOL(ieee80211_connection_loss);
+static void ieee80211_destroy_auth_data(struct ieee80211_sub_if_data *sdata,
+ bool assoc)
+{
+ struct ieee80211_mgd_auth_data *auth_data = sdata->u.mgd.auth_data;
+
+ lockdep_assert_held(&sdata->u.mgd.mtx);
+
+ if (auth_data->synced)
+ drv_finish_tx_sync(sdata->local, sdata,
+ auth_data->bss->bssid,
+ IEEE80211_TX_SYNC_AUTH);
+
+ if (!assoc) {
+ sta_info_destroy_addr(sdata, auth_data->bss->bssid);
+
+ memset(sdata->u.mgd.bssid, 0, ETH_ALEN);
+ ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID);
+ }
+
+ cfg80211_put_bss(auth_data->bss);
+ kfree(auth_data);
+ sdata->u.mgd.auth_data = NULL;
+}
+
+static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata,
+ struct ieee80211_mgmt *mgmt, size_t len)
+{
+ struct ieee80211_mgd_auth_data *auth_data = sdata->u.mgd.auth_data;
+ u8 *pos;
+ struct ieee802_11_elems elems;
+
+ pos = mgmt->u.auth.variable;
+ ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
+ if (!elems.challenge)
+ return;
+ auth_data->expected_transaction = 4;
+ ieee80211_send_auth(sdata, 3, auth_data->algorithm,
+ elems.challenge - 2, elems.challenge_len + 2,
+ auth_data->bss->bssid, auth_data->bss->bssid,
+ auth_data->key, auth_data->key_len,
+ auth_data->key_idx);
+}
+
+static enum rx_mgmt_action __must_check
+ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata,
+ struct ieee80211_mgmt *mgmt, size_t len)
+{
+ struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
+ u8 bssid[ETH_ALEN];
+ u16 auth_alg, auth_transaction, status_code;
+ struct sta_info *sta;
+
+ lockdep_assert_held(&ifmgd->mtx);
+
+ if (len < 24 + 6)
+ return RX_MGMT_NONE;
+
+ if (!ifmgd->auth_data || ifmgd->auth_data->done)
+ return RX_MGMT_NONE;
+
+ memcpy(bssid, ifmgd->auth_data->bss->bssid, ETH_ALEN);
+
+ if (memcmp(bssid, mgmt->bssid, ETH_ALEN))
+ return RX_MGMT_NONE;
+
+ auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
+ auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
+ status_code = le16_to_cpu(mgmt->u.auth.status_code);
+
+ if (auth_alg != ifmgd->auth_data->algorithm ||
+ auth_transaction != ifmgd->auth_data->expected_transaction)
+ return RX_MGMT_NONE;
+
+ if (status_code != WLAN_STATUS_SUCCESS) {
+ printk(KERN_DEBUG "%s: %pM denied authentication (status %d)\n",
+ sdata->name, mgmt->sa, status_code);
+ goto out;
+ }
+
+ switch (ifmgd->auth_data->algorithm) {
+ case WLAN_AUTH_OPEN:
+ case WLAN_AUTH_LEAP:
+ case WLAN_AUTH_FT:
+ break;
+ case WLAN_AUTH_SHARED_KEY:
+ if (ifmgd->auth_data->expected_transaction != 4) {
+ ieee80211_auth_challenge(sdata, mgmt, len);
+ /* need another frame */
+ return RX_MGMT_NONE;
+ }
+ break;
+ default:
+ WARN_ONCE(1, "invalid auth alg %d",
+ ifmgd->auth_data->algorithm);
+ return RX_MGMT_NONE;
+ }
+
+ printk(KERN_DEBUG "%s: authenticated\n", sdata->name);
+ out:
+ if (ifmgd->auth_data->synced)
+ drv_finish_tx_sync(sdata->local, sdata, bssid,
+ IEEE80211_TX_SYNC_AUTH);
+ ifmgd->auth_data->synced = false;
+ ifmgd->auth_data->done = true;
+ ifmgd->auth_data->timeout = jiffies + IEEE80211_AUTH_WAIT_ASSOC;
+ run_again(ifmgd, ifmgd->auth_data->timeout);
+
+ /* move station state to auth */
+ mutex_lock(&sdata->local->sta_mtx);
+ sta = sta_info_get(sdata, bssid);
+ if (!sta) {
+ WARN_ONCE(1, "%s: STA %pM not found", sdata->name, bssid);
+ goto out_err;
+ }
+ if (sta_info_move_state(sta, IEEE80211_STA_AUTH)) {
+ printk(KERN_DEBUG "%s: failed moving %pM to auth\n",
+ sdata->name, bssid);
+ goto out_err;
+ }
+ mutex_unlock(&sdata->local->sta_mtx);
+
+ return RX_MGMT_CFG80211_RX_AUTH;
+ out_err:
+ mutex_unlock(&sdata->local->sta_mtx);
+ /* ignore frame -- wait for timeout */
+ return RX_MGMT_NONE;
+}
+
+
static enum rx_mgmt_action __must_check
ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata,
struct ieee80211_mgmt *mgmt, size_t len)
@@ -1431,10 +1887,14 @@ ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata,
const u8 *bssid = NULL;
u16 reason_code;
+ lockdep_assert_held(&ifmgd->mtx);
+
if (len < 24 + 2)
return RX_MGMT_NONE;
- ASSERT_MGD_MTX(ifmgd);
+ if (!ifmgd->associated ||
+ memcmp(mgmt->bssid, ifmgd->associated->bssid, ETH_ALEN))
+ return RX_MGMT_NONE;
bssid = ifmgd->associated->bssid;
@@ -1459,15 +1919,13 @@ ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata,
struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
u16 reason_code;
- if (len < 24 + 2)
- return RX_MGMT_NONE;
-
- ASSERT_MGD_MTX(ifmgd);
+ lockdep_assert_held(&ifmgd->mtx);
- if (WARN_ON(!ifmgd->associated))
+ if (len < 24 + 2)
return RX_MGMT_NONE;
- if (WARN_ON(memcmp(ifmgd->associated->bssid, mgmt->sa, ETH_ALEN)))
+ if (!ifmgd->associated ||
+ memcmp(mgmt->bssid, ifmgd->associated->bssid, ETH_ALEN))
return RX_MGMT_NONE;
reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
@@ -1524,15 +1982,37 @@ static void ieee80211_get_rates(struct ieee80211_supported_band *sband,
}
}
-static bool ieee80211_assoc_success(struct ieee80211_work *wk,
+static void ieee80211_destroy_assoc_data(struct ieee80211_sub_if_data *sdata,
+ bool assoc)
+{
+ struct ieee80211_mgd_assoc_data *assoc_data = sdata->u.mgd.assoc_data;
+
+ lockdep_assert_held(&sdata->u.mgd.mtx);
+
+ if (assoc_data->synced)
+ drv_finish_tx_sync(sdata->local, sdata,
+ assoc_data->bss->bssid,
+ IEEE80211_TX_SYNC_ASSOC);
+
+ if (!assoc) {
+ sta_info_destroy_addr(sdata, assoc_data->bss->bssid);
+
+ memset(sdata->u.mgd.bssid, 0, ETH_ALEN);
+ ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID);
+ }
+
+ kfree(assoc_data);
+ sdata->u.mgd.assoc_data = NULL;
+}
+
+static bool ieee80211_assoc_success(struct ieee80211_sub_if_data *sdata,
+ struct cfg80211_bss *cbss,
struct ieee80211_mgmt *mgmt, size_t len)
{
- struct ieee80211_sub_if_data *sdata = wk->sdata;
struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
struct ieee80211_local *local = sdata->local;
struct ieee80211_supported_band *sband;
struct sta_info *sta;
- struct cfg80211_bss *cbss = wk->assoc.bss;
u8 *pos;
u32 rates, basic_rates;
u16 capab_info, aid;
@@ -1581,29 +2061,15 @@ static bool ieee80211_assoc_success(struct ieee80211_work *wk,
* station info was already allocated and inserted before
* the association and should be available to us
*/
- sta = sta_info_get_rx(sdata, cbss->bssid);
+ sta = sta_info_get(sdata, cbss->bssid);
if (WARN_ON(!sta)) {
mutex_unlock(&sdata->local->sta_mtx);
return false;
}
- err = sta_info_move_state(sta, IEEE80211_STA_AUTH);
- if (!err)
- err = sta_info_move_state(sta, IEEE80211_STA_ASSOC);
- if (!err && !(ifmgd->flags & IEEE80211_STA_CONTROL_PORT))
- err = sta_info_move_state(sta, IEEE80211_STA_AUTHORIZED);
- if (err) {
- printk(KERN_DEBUG
- "%s: failed to move station %pM to desired state\n",
- sdata->name, sta->sta.addr);
- WARN_ON(__sta_info_destroy(sta));
- mutex_unlock(&sdata->local->sta_mtx);
- return false;
- }
-
rates = 0;
basic_rates = 0;
- sband = local->hw.wiphy->bands[wk->chan->band];
+ sband = local->hw.wiphy->bands[local->oper_channel->band];
ieee80211_get_rates(sband, elems.supp_rates, elems.supp_rates_len,
&rates, &basic_rates, &have_higher_than_11mbit,
@@ -1624,11 +2090,11 @@ static bool ieee80211_assoc_success(struct ieee80211_work *wk,
basic_rates = BIT(min_rate_index);
}
- sta->sta.supp_rates[wk->chan->band] = rates;
+ sta->sta.supp_rates[local->oper_channel->band] = rates;
sdata->vif.bss_conf.basic_rates = basic_rates;
/* cf. IEEE 802.11 9.2.12 */
- if (wk->chan->band == IEEE80211_BAND_2GHZ &&
+ if (local->oper_channel->band == IEEE80211_BAND_2GHZ &&
have_higher_than_11mbit)
sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
else
@@ -1648,15 +2114,22 @@ static bool ieee80211_assoc_success(struct ieee80211_work *wk,
if (elems.wmm_param)
set_sta_flag(sta, WLAN_STA_WME);
- /* sta_info_reinsert will also unlock the mutex lock */
- err = sta_info_reinsert(sta);
- sta = NULL;
+ err = sta_info_move_state(sta, IEEE80211_STA_AUTH);
+ if (!err)
+ err = sta_info_move_state(sta, IEEE80211_STA_ASSOC);
+ if (!err && !(ifmgd->flags & IEEE80211_STA_CONTROL_PORT))
+ err = sta_info_move_state(sta, IEEE80211_STA_AUTHORIZED);
if (err) {
- printk(KERN_DEBUG "%s: failed to insert STA entry for"
- " the AP (error %d)\n", sdata->name, err);
+ printk(KERN_DEBUG
+ "%s: failed to move station %pM to desired state\n",
+ sdata->name, sta->sta.addr);
+ WARN_ON(__sta_info_destroy(sta));
+ mutex_unlock(&sdata->local->sta_mtx);
return false;
}
+ mutex_unlock(&sdata->local->sta_mtx);
+
/*
* Always handle WMM once after association regardless
* of the first value the AP uses. Setting -1 here has
@@ -1671,8 +2144,6 @@ static bool ieee80211_assoc_success(struct ieee80211_work *wk,
else
ieee80211_set_wmm_default(sdata);
- local->oper_channel = wk->chan;
-
if (elems.ht_info_elem && elems.wmm_param &&
(sdata->local->hw.queues >= 4) &&
!(ifmgd->flags & IEEE80211_STA_DISABLE_11N))
@@ -1703,7 +2174,82 @@ static bool ieee80211_assoc_success(struct ieee80211_work *wk,
return true;
}
+static enum rx_mgmt_action __must_check
+ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
+ struct ieee80211_mgmt *mgmt, size_t len,
+ struct cfg80211_bss **bss)
+{
+ struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
+ struct ieee80211_mgd_assoc_data *assoc_data = ifmgd->assoc_data;
+ u16 capab_info, status_code, aid;
+ struct ieee802_11_elems elems;
+ u8 *pos;
+ bool reassoc;
+
+ lockdep_assert_held(&ifmgd->mtx);
+
+ if (!assoc_data)
+ return RX_MGMT_NONE;
+ if (memcmp(assoc_data->bss->bssid, mgmt->bssid, ETH_ALEN))
+ return RX_MGMT_NONE;
+ /*
+ * AssocResp and ReassocResp have identical structure, so process both
+ * of them in this function.
+ */
+
+ if (len < 24 + 6)
+ return RX_MGMT_NONE;
+
+ reassoc = ieee80211_is_reassoc_req(mgmt->frame_control);
+ capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
+ status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code);
+ aid = le16_to_cpu(mgmt->u.assoc_resp.aid);
+
+ printk(KERN_DEBUG "%s: RX %sssocResp from %pM (capab=0x%x "
+ "status=%d aid=%d)\n",
+ sdata->name, reassoc ? "Rea" : "A", mgmt->sa,
+ capab_info, status_code, (u16)(aid & ~(BIT(15) | BIT(14))));
+
+ pos = mgmt->u.assoc_resp.variable;
+ ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
+
+ if (status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY &&
+ elems.timeout_int && elems.timeout_int_len == 5 &&
+ elems.timeout_int[0] == WLAN_TIMEOUT_ASSOC_COMEBACK) {
+ u32 tu, ms;
+ tu = get_unaligned_le32(elems.timeout_int + 1);
+ ms = tu * 1024 / 1000;
+ printk(KERN_DEBUG "%s: %pM rejected association temporarily; "
+ "comeback duration %u TU (%u ms)\n",
+ sdata->name, mgmt->sa, tu, ms);
+ assoc_data->timeout = jiffies + msecs_to_jiffies(ms);
+ if (ms > IEEE80211_ASSOC_TIMEOUT)
+ run_again(ifmgd, assoc_data->timeout);
+ return RX_MGMT_NONE;
+ }
+
+ *bss = assoc_data->bss;
+
+ if (status_code != WLAN_STATUS_SUCCESS) {
+ printk(KERN_DEBUG "%s: %pM denied association (code=%d)\n",
+ sdata->name, mgmt->sa, status_code);
+ ieee80211_destroy_assoc_data(sdata, false);
+ } else {
+ printk(KERN_DEBUG "%s: associated\n", sdata->name);
+
+ ieee80211_destroy_assoc_data(sdata, true);
+
+ if (!ieee80211_assoc_success(sdata, *bss, mgmt, len)) {
+ /* oops -- internal error -- send timeout for now */
+ sta_info_destroy_addr(sdata, mgmt->bssid);
+ cfg80211_put_bss(*bss);
+ return RX_MGMT_CFG80211_ASSOC_TIMEOUT;
+ }
+ }
+
+ return RX_MGMT_CFG80211_RX_ASSOC;
+}
static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
struct ieee80211_mgmt *mgmt,
size_t len,
@@ -1717,7 +2263,9 @@ static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
struct ieee80211_channel *channel;
bool need_ps = false;
- if (sdata->u.mgd.associated) {
+ if (sdata->u.mgd.associated &&
+ memcmp(mgmt->bssid, sdata->u.mgd.associated->bssid,
+ ETH_ALEN) == 0) {
bss = (void *)sdata->u.mgd.associated->priv;
/* not previously set so we may need to recalc */
need_ps = !bss->dtim_period;
@@ -1787,6 +2335,15 @@ static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
if (ifmgd->associated &&
memcmp(mgmt->bssid, ifmgd->associated->bssid, ETH_ALEN) == 0)
ieee80211_reset_ap_probe(sdata);
+
+ if (ifmgd->auth_data && !ifmgd->auth_data->bss->proberesp_ies &&
+ memcmp(mgmt->bssid, ifmgd->auth_data->bss->bssid, ETH_ALEN) == 0) {
+ /* got probe response, continue with auth */
+ printk(KERN_DEBUG "%s: direct probe responded\n", sdata->name);
+ ifmgd->auth_data->tries = 0;
+ ifmgd->auth_data->timeout = jiffies;
+ run_again(ifmgd, ifmgd->auth_data->timeout);
+ }
}
/*
@@ -1826,7 +2383,7 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
u32 ncrc;
u8 *bssid;
- ASSERT_MGD_MTX(ifmgd);
+ lockdep_assert_held(&ifmgd->mtx);
/* Process beacon from the current BSS */
baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
@@ -1836,21 +2393,25 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
if (rx_status->freq != local->hw.conf.channel->center_freq)
return;
- /*
- * We might have received a number of frames, among them a
- * disassoc frame and a beacon...
- */
- if (!ifmgd->associated)
- return;
+ if (ifmgd->assoc_data && !ifmgd->assoc_data->have_beacon &&
+ memcmp(mgmt->bssid, ifmgd->assoc_data->bss->bssid, ETH_ALEN) == 0) {
+ ieee802_11_parse_elems(mgmt->u.beacon.variable,
+ len - baselen, &elems);
- bssid = ifmgd->associated->bssid;
+ ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems,
+ false);
+ ifmgd->assoc_data->have_beacon = true;
+ ifmgd->assoc_data->sent_assoc = false;
+ /* continue assoc process */
+ ifmgd->assoc_data->timeout = jiffies;
+ run_again(ifmgd, ifmgd->assoc_data->timeout);
+ return;
+ }
- /*
- * And in theory even frames from a different AP we were just
- * associated to a split-second ago!
- */
- if (memcmp(bssid, mgmt->bssid, ETH_ALEN) != 0)
+ if (!ifmgd->associated ||
+ memcmp(mgmt->bssid, ifmgd->associated->bssid, ETH_ALEN))
return;
+ bssid = ifmgd->associated->bssid;
/* Track average RSSI from the Beacon frames of the current AP */
ifmgd->last_beacon_signal = rx_status->signal;
@@ -2034,6 +2595,7 @@ void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
struct ieee80211_rx_status *rx_status;
struct ieee80211_mgmt *mgmt;
+ struct cfg80211_bss *bss = NULL;
enum rx_mgmt_action rma = RX_MGMT_NONE;
u16 fc;
@@ -2043,92 +2605,59 @@ void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
mutex_lock(&ifmgd->mtx);
- if (ifmgd->associated &&
- memcmp(ifmgd->associated->bssid, mgmt->bssid, ETH_ALEN) == 0) {
- switch (fc & IEEE80211_FCTL_STYPE) {
- case IEEE80211_STYPE_BEACON:
- ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len,
- rx_status);
- break;
- case IEEE80211_STYPE_PROBE_RESP:
- ieee80211_rx_mgmt_probe_resp(sdata, skb);
- break;
- case IEEE80211_STYPE_DEAUTH:
- rma = ieee80211_rx_mgmt_deauth(sdata, mgmt, skb->len);
- break;
- case IEEE80211_STYPE_DISASSOC:
- rma = ieee80211_rx_mgmt_disassoc(sdata, mgmt, skb->len);
- break;
- case IEEE80211_STYPE_ACTION:
- switch (mgmt->u.action.category) {
- case WLAN_CATEGORY_SPECTRUM_MGMT:
- ieee80211_sta_process_chanswitch(sdata,
- &mgmt->u.action.u.chan_switch.sw_elem,
- (void *)ifmgd->associated->priv,
- rx_status->mactime);
- break;
- }
- }
- mutex_unlock(&ifmgd->mtx);
-
- switch (rma) {
- case RX_MGMT_NONE:
- /* no action */
- break;
- case RX_MGMT_CFG80211_DEAUTH:
- cfg80211_send_deauth(sdata->dev, (u8 *)mgmt, skb->len);
- break;
- case RX_MGMT_CFG80211_DISASSOC:
- cfg80211_send_disassoc(sdata->dev, (u8 *)mgmt, skb->len);
+ switch (fc & IEEE80211_FCTL_STYPE) {
+ case IEEE80211_STYPE_BEACON:
+ ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len, rx_status);
+ break;
+ case IEEE80211_STYPE_PROBE_RESP:
+ ieee80211_rx_mgmt_probe_resp(sdata, skb);
+ break;
+ case IEEE80211_STYPE_AUTH:
+ rma = ieee80211_rx_mgmt_auth(sdata, mgmt, skb->len);
+ break;
+ case IEEE80211_STYPE_DEAUTH:
+ rma = ieee80211_rx_mgmt_deauth(sdata, mgmt, skb->len);
+ break;
+ case IEEE80211_STYPE_DISASSOC:
+ rma = ieee80211_rx_mgmt_disassoc(sdata, mgmt, skb->len);
+ break;
+ case IEEE80211_STYPE_ASSOC_RESP:
+ case IEEE80211_STYPE_REASSOC_RESP:
+ rma = ieee80211_rx_mgmt_assoc_resp(sdata, mgmt, skb->len, &bss);
+ break;
+ case IEEE80211_STYPE_ACTION:
+ switch (mgmt->u.action.category) {
+ case WLAN_CATEGORY_SPECTRUM_MGMT:
+ ieee80211_sta_process_chanswitch(sdata,
+ &mgmt->u.action.u.chan_switch.sw_elem,
+ (void *)ifmgd->associated->priv,
+ rx_status->mactime);
break;
- default:
- WARN(1, "unexpected: %d", rma);
}
- return;
}
-
mutex_unlock(&ifmgd->mtx);
- if (skb->len >= 24 + 2 /* mgmt + deauth reason */ &&
- (fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_DEAUTH) {
- struct ieee80211_local *local = sdata->local;
- struct ieee80211_work *wk;
-
- mutex_lock(&local->mtx);
- list_for_each_entry(wk, &local->work_list, list) {
- if (wk->sdata != sdata)
- continue;
-
- if (wk->type != IEEE80211_WORK_ASSOC &&
- wk->type != IEEE80211_WORK_ASSOC_BEACON_WAIT)
- continue;
-
- if (memcmp(mgmt->bssid, wk->filter_ta, ETH_ALEN))
- continue;
- if (memcmp(mgmt->sa, wk->filter_ta, ETH_ALEN))
- continue;
-
- /*
- * Printing the message only here means we can't
- * spuriously print it, but it also means that it
- * won't be printed when the frame comes in before
- * we even tried to associate or in similar cases.
- *
- * Ultimately, I suspect cfg80211 should print the
- * messages instead.
- */
- printk(KERN_DEBUG
- "%s: deauthenticated from %pM (Reason: %u)\n",
- sdata->name, mgmt->bssid,
- le16_to_cpu(mgmt->u.deauth.reason_code));
-
- list_del_rcu(&wk->list);
- free_work(wk);
- break;
- }
- mutex_unlock(&local->mtx);
-
+ switch (rma) {
+ case RX_MGMT_NONE:
+ /* no action */
+ break;
+ case RX_MGMT_CFG80211_DEAUTH:
cfg80211_send_deauth(sdata->dev, (u8 *)mgmt, skb->len);
+ break;
+ case RX_MGMT_CFG80211_DISASSOC:
+ cfg80211_send_disassoc(sdata->dev, (u8 *)mgmt, skb->len);
+ break;
+ case RX_MGMT_CFG80211_RX_AUTH:
+ cfg80211_send_rx_auth(sdata->dev, (u8 *)mgmt, skb->len);
+ break;
+ case RX_MGMT_CFG80211_RX_ASSOC:
+ cfg80211_send_rx_assoc(sdata->dev, bss, (u8 *)mgmt, skb->len);
+ break;
+ case RX_MGMT_CFG80211_ASSOC_TIMEOUT:
+ cfg80211_send_assoc_timeout(sdata->dev, mgmt->bssid);
+ break;
+ default:
+ WARN(1, "unexpected: %d", rma);
}
}
@@ -2173,14 +2702,160 @@ static void ieee80211_sta_connection_lost(struct ieee80211_sub_if_data *sdata,
mutex_lock(&ifmgd->mtx);
}
+static int ieee80211_probe_auth(struct ieee80211_sub_if_data *sdata)
+{
+ struct ieee80211_local *local = sdata->local;
+ struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
+ struct ieee80211_mgd_auth_data *auth_data = ifmgd->auth_data;
+
+ lockdep_assert_held(&ifmgd->mtx);
+
+ if (WARN_ON_ONCE(!auth_data))
+ return -EINVAL;
+
+ if (!auth_data->synced) {
+ int ret = drv_tx_sync(local, sdata, auth_data->bss->bssid,
+ IEEE80211_TX_SYNC_AUTH);
+ if (ret)
+ return ret;
+ }
+ auth_data->synced = true;
+
+ auth_data->tries++;
+
+ if (auth_data->tries > IEEE80211_AUTH_MAX_TRIES) {
+ printk(KERN_DEBUG "%s: authentication with %pM timed out\n",
+ sdata->name, auth_data->bss->bssid);
+
+ /*
+ * Most likely AP is not in the range so remove the
+ * bss struct for that AP.
+ */
+ cfg80211_unlink_bss(local->hw.wiphy, auth_data->bss);
+
+ return -ETIMEDOUT;
+ }
+
+ if (auth_data->bss->proberesp_ies) {
+ printk(KERN_DEBUG "%s: send auth to %pM (try %d/%d)\n",
+ sdata->name, auth_data->bss->bssid, auth_data->tries,
+ IEEE80211_AUTH_MAX_TRIES);
+
+ auth_data->expected_transaction = 2;
+ ieee80211_send_auth(sdata, 1, auth_data->algorithm,
+ auth_data->ie, auth_data->ie_len,
+ auth_data->bss->bssid,
+ auth_data->bss->bssid, NULL, 0, 0);
+ } else {
+ const u8 *ssidie;
+
+ printk(KERN_DEBUG "%s: direct probe to %pM (try %d/%i)\n",
+ sdata->name, auth_data->bss->bssid, auth_data->tries,
+ IEEE80211_AUTH_MAX_TRIES);
+
+ ssidie = ieee80211_bss_get_ie(auth_data->bss, WLAN_EID_SSID);
+ if (!ssidie)
+ return -EINVAL;
+ /*
+ * Direct probe is sent to broadcast address as some APs
+ * will not answer to direct packet in unassociated state.
+ */
+ ieee80211_send_probe_req(sdata, NULL, ssidie + 2, ssidie[1],
+ NULL, 0, (u32) -1, true, false);
+ }
+
+ auth_data->timeout = jiffies + IEEE80211_AUTH_TIMEOUT;
+ run_again(ifmgd, auth_data->timeout);
+
+ return 0;
+}
+
+static int ieee80211_do_assoc(struct ieee80211_sub_if_data *sdata)
+{
+ struct ieee80211_mgd_assoc_data *assoc_data = sdata->u.mgd.assoc_data;
+ struct ieee80211_local *local = sdata->local;
+
+ lockdep_assert_held(&sdata->u.mgd.mtx);
+
+ if (!assoc_data->synced) {
+ int ret = drv_tx_sync(local, sdata, assoc_data->bss->bssid,
+ IEEE80211_TX_SYNC_ASSOC);
+ if (ret)
+ return ret;
+ }
+ assoc_data->synced = true;
+
+ assoc_data->tries++;
+ if (assoc_data->tries > IEEE80211_ASSOC_MAX_TRIES) {
+ printk(KERN_DEBUG "%s: association with %pM timed out\n",
+ sdata->name, assoc_data->bss->bssid);
+
+ /*
+ * Most likely AP is not in the range so remove the
+ * bss struct for that AP.
+ */
+ cfg80211_unlink_bss(local->hw.wiphy, assoc_data->bss);
+
+ return -ETIMEDOUT;
+ }
+
+ printk(KERN_DEBUG "%s: associate with %pM (try %d/%d)\n",
+ sdata->name, assoc_data->bss->bssid, assoc_data->tries,
+ IEEE80211_ASSOC_MAX_TRIES);
+ ieee80211_send_assoc(sdata);
+
+ assoc_data->timeout = jiffies + IEEE80211_ASSOC_TIMEOUT;
+ run_again(&sdata->u.mgd, assoc_data->timeout);
+
+ return 0;
+}
+
void ieee80211_sta_work(struct ieee80211_sub_if_data *sdata)
{
struct ieee80211_local *local = sdata->local;
struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
- /* then process the rest of the work */
mutex_lock(&ifmgd->mtx);
+ if (ifmgd->auth_data &&
+ time_after(jiffies, ifmgd->auth_data->timeout)) {
+ if (ifmgd->auth_data->done) {
+ /*
+ * ok ... we waited for assoc but userspace didn't,
+ * so let's just kill the auth data
+ */
+ ieee80211_destroy_auth_data(sdata, false);
+ } else if (ieee80211_probe_auth(sdata)) {
+ u8 bssid[ETH_ALEN];
+
+ memcpy(bssid, ifmgd->auth_data->bss->bssid, ETH_ALEN);
+
+ ieee80211_destroy_auth_data(sdata, false);
+
+ mutex_unlock(&ifmgd->mtx);
+ cfg80211_send_auth_timeout(sdata->dev, bssid);
+ mutex_lock(&ifmgd->mtx);
+ }
+ } else if (ifmgd->auth_data)
+ run_again(ifmgd, ifmgd->auth_data->timeout);
+
+ if (ifmgd->assoc_data &&
+ time_after(jiffies, ifmgd->assoc_data->timeout)) {
+ if (!ifmgd->assoc_data->have_beacon ||
+ ieee80211_do_assoc(sdata)) {
+ u8 bssid[ETH_ALEN];
+
+ memcpy(bssid, ifmgd->assoc_data->bss->bssid, ETH_ALEN);
+
+ ieee80211_destroy_assoc_data(sdata, false);
+
+ mutex_unlock(&ifmgd->mtx);
+ cfg80211_send_assoc_timeout(sdata->dev, bssid);
+ mutex_lock(&ifmgd->mtx);
+ }
+ } else if (ifmgd->assoc_data)
+ run_again(ifmgd, ifmgd->assoc_data->timeout);
+
if (ifmgd->flags & (IEEE80211_STA_BEACON_POLL |
IEEE80211_STA_CONNECTION_POLL) &&
ifmgd->associated) {
@@ -2256,6 +2931,10 @@ void ieee80211_sta_work(struct ieee80211_sub_if_data *sdata)
}
mutex_unlock(&ifmgd->mtx);
+
+ mutex_lock(&local->mtx);
+ ieee80211_recalc_idle(local);
+ mutex_unlock(&local->mtx);
}
static void ieee80211_sta_bcn_mon_timer(unsigned long data)
@@ -2428,53 +3107,24 @@ int ieee80211_max_network_latency(struct notifier_block *nb,
}
/* config hooks */
-static enum work_done_result
-ieee80211_probe_auth_done(struct ieee80211_work *wk,
- struct sk_buff *skb)
-{
- struct ieee80211_local *local = wk->sdata->local;
-
- if (!skb) {
- cfg80211_send_auth_timeout(wk->sdata->dev, wk->filter_ta);
- goto destroy;
- }
-
- if (wk->type == IEEE80211_WORK_AUTH) {
- cfg80211_send_rx_auth(wk->sdata->dev, skb->data, skb->len);
- goto destroy;
- }
-
- mutex_lock(&wk->sdata->u.mgd.mtx);
- ieee80211_rx_mgmt_probe_resp(wk->sdata, skb);
- mutex_unlock(&wk->sdata->u.mgd.mtx);
-
- wk->type = IEEE80211_WORK_AUTH;
- wk->probe_auth.tries = 0;
- return WORK_DONE_REQUEUE;
- destroy:
- if (wk->probe_auth.synced)
- drv_finish_tx_sync(local, wk->sdata, wk->filter_ta,
- IEEE80211_TX_SYNC_AUTH);
-
- return WORK_DONE_DESTROY;
-}
-
int ieee80211_mgd_auth(struct ieee80211_sub_if_data *sdata,
struct cfg80211_auth_request *req)
{
- const u8 *ssid;
- struct ieee80211_work *wk;
+ struct ieee80211_local *local = sdata->local;
+ struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
+ struct ieee80211_mgd_auth_data *auth_data;
+ struct sta_info *sta;
u16 auth_alg;
+ int err;
- if (req->local_state_change)
- return 0; /* no need to update mac80211 state */
+ /* prepare auth data structure */
switch (req->auth_type) {
case NL80211_AUTHTYPE_OPEN_SYSTEM:
auth_alg = WLAN_AUTH_OPEN;
break;
case NL80211_AUTHTYPE_SHARED_KEY:
- if (IS_ERR(sdata->local->wep_tx_tfm))
+ if (IS_ERR(local->wep_tx_tfm))
return -EOPNOTSUPP;
auth_alg = WLAN_AUTH_SHARED_KEY;
break;
@@ -2488,171 +3138,142 @@ int ieee80211_mgd_auth(struct ieee80211_sub_if_data *sdata,
return -EOPNOTSUPP;
}
- wk = kzalloc(sizeof(*wk) + req->ie_len, GFP_KERNEL);
- if (!wk)
+ auth_data = kzalloc(sizeof(*auth_data) + req->ie_len, GFP_KERNEL);
+ if (!auth_data)
return -ENOMEM;
- memcpy(wk->filter_ta, req->bss->bssid, ETH_ALEN);
+ auth_data->bss = req->bss;
if (req->ie && req->ie_len) {
- memcpy(wk->ie, req->ie, req->ie_len);
- wk->ie_len = req->ie_len;
+ memcpy(auth_data->ie, req->ie, req->ie_len);
+ auth_data->ie_len = req->ie_len;
}
if (req->key && req->key_len) {
- wk->probe_auth.key_len = req->key_len;
- wk->probe_auth.key_idx = req->key_idx;
- memcpy(wk->probe_auth.key, req->key, req->key_len);
+ auth_data->key_len = req->key_len;
+ auth_data->key_idx = req->key_idx;
+ memcpy(auth_data->key, req->key, req->key_len);
}
- ssid = ieee80211_bss_get_ie(req->bss, WLAN_EID_SSID);
- memcpy(wk->probe_auth.ssid, ssid + 2, ssid[1]);
- wk->probe_auth.ssid_len = ssid[1];
-
- wk->probe_auth.algorithm = auth_alg;
- wk->probe_auth.privacy = req->bss->capability & WLAN_CAPABILITY_PRIVACY;
-
- /* if we already have a probe, don't probe again */
- if (req->bss->proberesp_ies)
- wk->type = IEEE80211_WORK_AUTH;
- else
- wk->type = IEEE80211_WORK_DIRECT_PROBE;
- wk->chan = req->bss->channel;
- wk->chan_type = NL80211_CHAN_NO_HT;
- wk->sdata = sdata;
- wk->done = ieee80211_probe_auth_done;
-
- ieee80211_add_work(wk);
- return 0;
-}
-
-/* create and insert a dummy station entry */
-static int ieee80211_pre_assoc(struct ieee80211_sub_if_data *sdata,
- u8 *bssid) {
- struct sta_info *sta;
- int err;
+ auth_data->algorithm = auth_alg;
- sta = sta_info_alloc(sdata, bssid, GFP_KERNEL);
- if (!sta)
- return -ENOMEM;
+ /* try to authenticate/probe */
- sta->dummy = true;
+ mutex_lock(&ifmgd->mtx);
- err = sta_info_insert(sta);
- sta = NULL;
- if (err) {
- printk(KERN_DEBUG "%s: failed to insert Dummy STA entry for"
- " the AP (error %d)\n", sdata->name, err);
- return err;
+ if ((ifmgd->auth_data && !ifmgd->auth_data->done) ||
+ ifmgd->assoc_data) {
+ err = -EBUSY;
+ goto err_free;
}
- return 0;
-}
+ if (ifmgd->auth_data)
+ ieee80211_destroy_auth_data(sdata, false);
-static enum work_done_result ieee80211_assoc_done(struct ieee80211_work *wk,
- struct sk_buff *skb)
-{
- struct ieee80211_local *local = wk->sdata->local;
- struct ieee80211_mgmt *mgmt;
- struct ieee80211_rx_status *rx_status;
- struct ieee802_11_elems elems;
- struct cfg80211_bss *cbss = wk->assoc.bss;
- u16 status;
+ /* prep auth_data so we don't go into idle on disassoc */
+ ifmgd->auth_data = auth_data;
- if (!skb) {
- sta_info_destroy_addr(wk->sdata, cbss->bssid);
- cfg80211_send_assoc_timeout(wk->sdata->dev, wk->filter_ta);
- goto destroy;
- }
+ if (ifmgd->associated)
+ ieee80211_set_disassoc(sdata, true, false);
- if (wk->type == IEEE80211_WORK_ASSOC_BEACON_WAIT) {
- mutex_lock(&wk->sdata->u.mgd.mtx);
- rx_status = (void *) skb->cb;
- ieee802_11_parse_elems(skb->data + 24 + 12, skb->len - 24 - 12, &elems);
- ieee80211_rx_bss_info(wk->sdata, (void *)skb->data, skb->len, rx_status,
- &elems, true);
- mutex_unlock(&wk->sdata->u.mgd.mtx);
+ printk(KERN_DEBUG "%s: authenticate with %pM\n",
+ sdata->name, req->bss->bssid);
- wk->type = IEEE80211_WORK_ASSOC;
- /* not really done yet */
- return WORK_DONE_REQUEUE;
- }
+ mutex_lock(&local->mtx);
+ ieee80211_recalc_idle(sdata->local);
+ mutex_unlock(&local->mtx);
- mgmt = (void *)skb->data;
- status = le16_to_cpu(mgmt->u.assoc_resp.status_code);
+ /* switch to the right channel */
+ local->oper_channel = req->bss->channel;
+ ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL);
- if (status == WLAN_STATUS_SUCCESS) {
- if (wk->assoc.synced)
- drv_finish_tx_sync(local, wk->sdata, wk->filter_ta,
- IEEE80211_TX_SYNC_ASSOC);
+ /* set BSSID */
+ memcpy(ifmgd->bssid, req->bss->bssid, ETH_ALEN);
+ ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID);
- mutex_lock(&wk->sdata->u.mgd.mtx);
- if (!ieee80211_assoc_success(wk, mgmt, skb->len)) {
- mutex_unlock(&wk->sdata->u.mgd.mtx);
- /* oops -- internal error -- send timeout for now */
- sta_info_destroy_addr(wk->sdata, cbss->bssid);
- cfg80211_send_assoc_timeout(wk->sdata->dev,
- wk->filter_ta);
- return WORK_DONE_DESTROY;
- }
+ /* add station entry */
+ sta = sta_info_alloc(sdata, req->bss->bssid, GFP_KERNEL);
+ if (!sta) {
+ err = -ENOMEM;
+ goto err_clear;
+ }
- mutex_unlock(&wk->sdata->u.mgd.mtx);
- } else {
- /* assoc failed - destroy the dummy station entry */
- sta_info_destroy_addr(wk->sdata, cbss->bssid);
+ err = sta_info_insert(sta);
+ if (err) {
+ printk(KERN_DEBUG
+ "%s: failed to insert STA entry for the AP %pM (error %d)\n",
+ sdata->name, req->bss->bssid, err);
+ goto err_clear;
}
- cfg80211_send_rx_assoc(wk->sdata->dev, skb->data, skb->len);
- destroy:
- if (wk->assoc.synced)
- drv_finish_tx_sync(local, wk->sdata, wk->filter_ta,
- IEEE80211_TX_SYNC_ASSOC);
+ err = ieee80211_probe_auth(sdata);
+ if (err) {
+ if (auth_data->synced)
+ drv_finish_tx_sync(local, sdata, req->bss->bssid,
+ IEEE80211_TX_SYNC_AUTH);
+ sta_info_destroy_addr(sdata, req->bss->bssid);
+ goto err_clear;
+ }
+
+ /* hold our own reference */
+ cfg80211_ref_bss(auth_data->bss);
+ err = 0;
+ goto out_unlock;
+
+ err_clear:
+ ifmgd->auth_data = NULL;
+ err_free:
+ kfree(auth_data);
+ out_unlock:
+ mutex_unlock(&ifmgd->mtx);
- return WORK_DONE_DESTROY;
+ return err;
}
int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
struct cfg80211_assoc_request *req)
{
+ struct ieee80211_local *local = sdata->local;
struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
struct ieee80211_bss *bss = (void *)req->bss->priv;
- struct ieee80211_work *wk;
- const u8 *ssid;
+ struct ieee80211_mgd_assoc_data *assoc_data;
+ struct sta_info *sta;
+ const u8 *ssidie;
int i, err;
+ ssidie = ieee80211_bss_get_ie(req->bss, WLAN_EID_SSID);
+ if (!ssidie)
+ return -EINVAL;
+
+ assoc_data = kzalloc(sizeof(*assoc_data) + req->ie_len, GFP_KERNEL);
+ if (!assoc_data)
+ return -ENOMEM;
+
mutex_lock(&ifmgd->mtx);
- if (ifmgd->associated) {
- if (!req->prev_bssid ||
- memcmp(req->prev_bssid, ifmgd->associated->bssid,
- ETH_ALEN)) {
- /*
- * We are already associated and the request was not a
- * reassociation request from the current BSS, so
- * reject it.
- */
- mutex_unlock(&ifmgd->mtx);
- return -EALREADY;
- }
- /* Trying to reassociate - clear previous association state */
+ if (ifmgd->associated)
ieee80211_set_disassoc(sdata, true, false);
+
+ if (ifmgd->auth_data && !ifmgd->auth_data->done) {
+ err = -EBUSY;
+ goto err_free;
}
- mutex_unlock(&ifmgd->mtx);
- wk = kzalloc(sizeof(*wk) + req->ie_len, GFP_KERNEL);
- if (!wk)
- return -ENOMEM;
+ if (ifmgd->assoc_data) {
+ err = -EBUSY;
+ goto err_free;
+ }
- /*
- * create a dummy station info entry in order
- * to start accepting incoming EAPOL packets from the station
- */
- err = ieee80211_pre_assoc(sdata, req->bss->bssid);
- if (err) {
- kfree(wk);
- return err;
+ if (ifmgd->auth_data) {
+ bool match;
+
+ /* keep sta info, bssid if matching */
+ match = memcmp(ifmgd->bssid, req->bss->bssid, ETH_ALEN) == 0;
+ ieee80211_destroy_auth_data(sdata, match);
}
+ /* prepare assoc data */
+
ifmgd->flags &= ~IEEE80211_STA_DISABLE_11N;
ifmgd->flags &= ~IEEE80211_STA_NULLFUNC_ACKED;
@@ -2664,7 +3285,6 @@ int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
req->crypto.ciphers_pairwise[i] == WLAN_CIPHER_SUITE_WEP104)
ifmgd->flags |= IEEE80211_STA_DISABLE_11N;
-
if (req->flags & ASSOC_REQ_DISABLE_HT)
ifmgd->flags |= IEEE80211_STA_DISABLE_11N;
@@ -2673,16 +3293,12 @@ int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
sizeof(ifmgd->ht_capa_mask));
if (req->ie && req->ie_len) {
- memcpy(wk->ie, req->ie, req->ie_len);
- wk->ie_len = req->ie_len;
- } else
- wk->ie_len = 0;
-
- wk->assoc.bss = req->bss;
+ memcpy(assoc_data->ie, req->ie, req->ie_len);
+ assoc_data->ie_len = req->ie_len;
+ }
- memcpy(wk->filter_ta, req->bss->bssid, ETH_ALEN);
+ assoc_data->bss = req->bss;
- /* new association always uses requested smps mode */
if (ifmgd->req_smps == IEEE80211_SMPS_AUTOMATIC) {
if (ifmgd->powersave)
ifmgd->ap_smps = IEEE80211_SMPS_DYNAMIC;
@@ -2691,7 +3307,6 @@ int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
} else
ifmgd->ap_smps = ifmgd->req_smps;
- wk->assoc.smps = ifmgd->ap_smps;
/*
* IEEE802.11n does not allow TKIP/WEP as pairwise ciphers in HT mode.
* We still associate in non-HT mode (11a/b/g) if any one of these
@@ -2699,39 +3314,27 @@ int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
* We can set this to true for non-11n hardware, that'll be checked
* separately along with the peer capabilities.
*/
- wk->assoc.use_11n = !(ifmgd->flags & IEEE80211_STA_DISABLE_11N);
- wk->assoc.capability = req->bss->capability;
- wk->assoc.wmm_used = bss->wmm_used;
- wk->assoc.supp_rates = bss->supp_rates;
- wk->assoc.supp_rates_len = bss->supp_rates_len;
- wk->assoc.ht_information_ie =
+ assoc_data->capability = req->bss->capability;
+ assoc_data->wmm_used = bss->wmm_used;
+ assoc_data->supp_rates = bss->supp_rates;
+ assoc_data->supp_rates_len = bss->supp_rates_len;
+ assoc_data->ht_information_ie =
ieee80211_bss_get_ie(req->bss, WLAN_EID_HT_INFORMATION);
if (bss->wmm_used && bss->uapsd_supported &&
(sdata->local->hw.flags & IEEE80211_HW_SUPPORTS_UAPSD)) {
- wk->assoc.uapsd_used = true;
+ assoc_data->uapsd_used = true;
ifmgd->flags |= IEEE80211_STA_UAPSD_ENABLED;
} else {
- wk->assoc.uapsd_used = false;
+ assoc_data->uapsd_used = false;
ifmgd->flags &= ~IEEE80211_STA_UAPSD_ENABLED;
}
- ssid = ieee80211_bss_get_ie(req->bss, WLAN_EID_SSID);
- memcpy(wk->assoc.ssid, ssid + 2, ssid[1]);
- wk->assoc.ssid_len = ssid[1];
+ memcpy(assoc_data->ssid, ssidie + 2, ssidie[1]);
+ assoc_data->ssid_len = ssidie[1];
if (req->prev_bssid)
- memcpy(wk->assoc.prev_bssid, req->prev_bssid, ETH_ALEN);
-
- wk->chan = req->bss->channel;
- wk->chan_type = NL80211_CHAN_NO_HT;
- wk->sdata = sdata;
- wk->done = ieee80211_assoc_done;
- if (!bss->dtim_period &&
- sdata->local->hw.flags & IEEE80211_HW_NEED_DTIM_PERIOD)
- wk->type = IEEE80211_WORK_ASSOC_BEACON_WAIT;
- else
- wk->type = IEEE80211_WORK_ASSOC;
+ memcpy(assoc_data->prev_bssid, req->prev_bssid, ETH_ALEN);
if (req->use_mfp) {
ifmgd->mfp = IEEE80211_MFP_REQUIRED;
@@ -2749,89 +3352,100 @@ int ieee80211_mgd_assoc(struct ieee80211_sub_if_data *sdata,
sdata->control_port_protocol = req->crypto.control_port_ethertype;
sdata->control_port_no_encrypt = req->crypto.control_port_no_encrypt;
- ieee80211_add_work(wk);
- return 0;
+ /* kick off associate process */
+
+ ifmgd->assoc_data = assoc_data;
+
+ mutex_lock(&local->mtx);
+ ieee80211_recalc_idle(sdata->local);
+ mutex_unlock(&local->mtx);
+
+ /* switch to the right channel */
+ local->oper_channel = req->bss->channel;
+ ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL);
+
+ rcu_read_lock();
+ sta = sta_info_get(sdata, req->bss->bssid);
+ rcu_read_unlock();
+
+ if (!sta) {
+ /* set BSSID */
+ memcpy(ifmgd->bssid, req->bss->bssid, ETH_ALEN);
+ ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BSSID);
+
+ sta = sta_info_alloc(sdata, req->bss->bssid, GFP_KERNEL);
+ if (!sta) {
+ err = -ENOMEM;
+ goto err_clear;
+ }
+
+ sta_info_pre_move_state(sta, IEEE80211_STA_AUTH);
+
+ err = sta_info_insert(sta);
+ sta = NULL;
+ if (err) {
+ printk(KERN_DEBUG
+ "%s: failed to insert STA entry for the AP (error %d)\n",
+ sdata->name, err);
+ goto err_clear;
+ }
+ } else
+ WARN_ON_ONCE(memcmp(ifmgd->bssid, req->bss->bssid, ETH_ALEN));
+
+ if (!bss->dtim_period &&
+ sdata->local->hw.flags & IEEE80211_HW_NEED_DTIM_PERIOD) {
+ /*
+ * Wait up to one beacon interval ...
+ * should this be more if we miss one?
+ */
+ printk(KERN_DEBUG "%s: waiting for beacon from %pM\n",
+ sdata->name, ifmgd->bssid);
+ assoc_data->timeout = jiffies +
+ TU_TO_EXP_TIME(req->bss->beacon_interval);
+ } else {
+ assoc_data->have_beacon = true;
+ assoc_data->sent_assoc = false;
+ assoc_data->timeout = jiffies;
+ }
+ run_again(ifmgd, assoc_data->timeout);
+
+ err = 0;
+ goto out;
+ err_clear:
+ ifmgd->assoc_data = NULL;
+ err_free:
+ kfree(assoc_data);
+ out:
+ mutex_unlock(&ifmgd->mtx);
+
+ return err;
}
int ieee80211_mgd_deauth(struct ieee80211_sub_if_data *sdata,
struct cfg80211_deauth_request *req,
void *cookie)
{
- struct ieee80211_local *local = sdata->local;
struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
- u8 bssid[ETH_ALEN];
bool assoc_bss = false;
mutex_lock(&ifmgd->mtx);
- memcpy(bssid, req->bss->bssid, ETH_ALEN);
- if (ifmgd->associated == req->bss) {
+ if (ifmgd->associated &&
+ memcmp(ifmgd->associated->bssid, req->bssid, ETH_ALEN) == 0) {
ieee80211_set_disassoc(sdata, false, true);
- mutex_unlock(&ifmgd->mtx);
assoc_bss = true;
- } else {
- bool not_auth_yet = false;
- struct ieee80211_work *tmp, *wk = NULL;
-
+ } else if (ifmgd->auth_data) {
+ ieee80211_destroy_auth_data(sdata, false);
mutex_unlock(&ifmgd->mtx);
-
- mutex_lock(&local->mtx);
- list_for_each_entry(tmp, &local->work_list, list) {
- if (tmp->sdata != sdata)
- continue;
-
- if (tmp->type != IEEE80211_WORK_DIRECT_PROBE &&
- tmp->type != IEEE80211_WORK_AUTH &&
- tmp->type != IEEE80211_WORK_ASSOC &&
- tmp->type != IEEE80211_WORK_ASSOC_BEACON_WAIT)
- continue;
-
- if (memcmp(req->bss->bssid, tmp->filter_ta, ETH_ALEN))
- continue;
-
- not_auth_yet = tmp->type == IEEE80211_WORK_DIRECT_PROBE;
- list_del_rcu(&tmp->list);
- synchronize_rcu();
- wk = tmp;
- break;
- }
- mutex_unlock(&local->mtx);
-
- if (wk && wk->type == IEEE80211_WORK_ASSOC) {
- /* clean up dummy sta & TX sync */
- sta_info_destroy_addr(wk->sdata, wk->filter_ta);
- if (wk->assoc.synced)
- drv_finish_tx_sync(local, wk->sdata,
- wk->filter_ta,
- IEEE80211_TX_SYNC_ASSOC);
- } else if (wk && wk->type == IEEE80211_WORK_AUTH) {
- if (wk->probe_auth.synced)
- drv_finish_tx_sync(local, wk->sdata,
- wk->filter_ta,
- IEEE80211_TX_SYNC_AUTH);
- }
- kfree(wk);
-
- /*
- * If somebody requests authentication and we haven't
- * sent out an auth frame yet there's no need to send
- * out a deauth frame either. If the state was PROBE,
- * then this is the case. If it's AUTH we have sent a
- * frame, and if it's IDLE we have completed the auth
- * process already.
- */
- if (not_auth_yet) {
- __cfg80211_auth_canceled(sdata->dev, bssid);
- return 0;
- }
+ return 0;
}
+ mutex_unlock(&ifmgd->mtx);
printk(KERN_DEBUG "%s: deauthenticating from %pM by local choice (reason=%d)\n",
- sdata->name, bssid, req->reason_code);
+ sdata->name, req->bssid, req->reason_code);
- ieee80211_send_deauth_disassoc(sdata, bssid, IEEE80211_STYPE_DEAUTH,
- req->reason_code, cookie,
- !req->local_state_change);
+ ieee80211_send_deauth_disassoc(sdata, req->bssid, IEEE80211_STYPE_DEAUTH,
+ req->reason_code, cookie, true);
if (assoc_bss)
sta_info_flush(sdata->local, sdata);
diff --git a/net/mac80211/pm.c b/net/mac80211/pm.c
index 596efaf..2b53a53 100644
--- a/net/mac80211/pm.c
+++ b/net/mac80211/pm.c
@@ -98,13 +98,12 @@ int __ieee80211_suspend(struct ieee80211_hw *hw, struct cfg80211_wowlan *wowlan)
mutex_lock(&local->sta_mtx);
list_for_each_entry(sta, &local->sta_list, list) {
if (sta->uploaded) {
- sdata = sta->sdata;
- if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
- sdata = container_of(sdata->bss,
- struct ieee80211_sub_if_data,
- u.ap);
+ enum ieee80211_sta_state state;
- drv_sta_remove(local, sdata, &sta->sta);
+ state = sta->sta_state;
+ for (; state > IEEE80211_STA_NOTEXIST; state--)
+ WARN_ON(drv_sta_state(local, sdata, sta,
+ state, state - 1));
}
mesh_plink_quiesce(sta);
diff --git a/net/mac80211/rate.c b/net/mac80211/rate.c
index 3fef26d..111fba3 100644
--- a/net/mac80211/rate.c
+++ b/net/mac80211/rate.c
@@ -324,7 +324,7 @@ static bool rate_idx_match_mcs_mask(struct ieee80211_tx_rate *rate,
rbit = rate->idx % 8;
/* sanity check */
- if (ridx < 0 || ridx > IEEE80211_HT_MCS_MASK_LEN)
+ if (ridx < 0 || ridx >= IEEE80211_HT_MCS_MASK_LEN)
return false;
/* See whether the selected rate or anything below it is allowed. */
@@ -439,7 +439,7 @@ void rate_control_get_rate(struct ieee80211_sub_if_data *sdata,
u32 mask;
u8 mcs_mask[IEEE80211_HT_MCS_MASK_LEN];
- if (sta) {
+ if (sta && test_sta_flag(sta, WLAN_STA_RATE_CONTROL)) {
ista = &sta->sta;
priv_sta = sta->rate_ctrl_priv;
}
diff --git a/net/mac80211/rate.h b/net/mac80211/rate.h
index 8268457..fbb1efd 100644
--- a/net/mac80211/rate.h
+++ b/net/mac80211/rate.h
@@ -37,7 +37,7 @@ static inline void rate_control_tx_status(struct ieee80211_local *local,
struct ieee80211_sta *ista = &sta->sta;
void *priv_sta = sta->rate_ctrl_priv;
- if (!ref)
+ if (!ref || !test_sta_flag(sta, WLAN_STA_RATE_CONTROL))
return;
ref->ops->tx_status(ref->priv, sband, ista, priv_sta, skb);
@@ -58,6 +58,7 @@ static inline void rate_control_rate_init(struct sta_info *sta)
sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
ref->ops->rate_init(ref->priv, sband, ista, priv_sta);
+ set_sta_flag(sta, WLAN_STA_RATE_CONTROL);
}
static inline void rate_control_rate_update(struct ieee80211_local *local,
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index b5ee084..3ab85c0 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -859,7 +859,12 @@ ieee80211_rx_h_check(struct ieee80211_rx_data *rx)
rx->sdata->vif.type != NL80211_IFTYPE_ADHOC &&
rx->sdata->vif.type != NL80211_IFTYPE_WDS &&
(!rx->sta || !test_sta_flag(rx->sta, WLAN_STA_ASSOC)))) {
- if (rx->sta && rx->sta->dummy &&
+ /*
+ * accept port control frames from the AP even when it's not
+ * yet marked ASSOC to prevent a race where we don't set the
+ * assoc bit quickly enough before it sends the first frame
+ */
+ if (rx->sta && rx->sdata->vif.type == NL80211_IFTYPE_STATION &&
ieee80211_is_data_present(hdr->frame_control)) {
u16 ethertype;
u8 *payload;
@@ -2479,14 +2484,9 @@ static ieee80211_rx_result debug_noinline
ieee80211_rx_h_mgmt(struct ieee80211_rx_data *rx)
{
struct ieee80211_sub_if_data *sdata = rx->sdata;
- ieee80211_rx_result rxs;
struct ieee80211_mgmt *mgmt = (void *)rx->skb->data;
__le16 stype;
- rxs = ieee80211_work_rx_mgmt(rx->sdata, rx->skb);
- if (rxs != RX_CONTINUE)
- return rxs;
-
stype = mgmt->frame_control & cpu_to_le16(IEEE80211_FCTL_STYPE);
if (!ieee80211_vif_is_mesh(&sdata->vif) &&
@@ -2495,10 +2495,13 @@ ieee80211_rx_h_mgmt(struct ieee80211_rx_data *rx)
return RX_DROP_MONITOR;
switch (stype) {
+ case cpu_to_le16(IEEE80211_STYPE_AUTH):
case cpu_to_le16(IEEE80211_STYPE_BEACON):
case cpu_to_le16(IEEE80211_STYPE_PROBE_RESP):
/* process for all: mesh, mlme, ibss */
break;
+ case cpu_to_le16(IEEE80211_STYPE_ASSOC_RESP):
+ case cpu_to_le16(IEEE80211_STYPE_REASSOC_RESP):
case cpu_to_le16(IEEE80211_STYPE_DEAUTH):
case cpu_to_le16(IEEE80211_STYPE_DISASSOC):
if (is_multicast_ether_addr(mgmt->da) &&
@@ -2510,7 +2513,6 @@ ieee80211_rx_h_mgmt(struct ieee80211_rx_data *rx)
return RX_DROP_MONITOR;
break;
case cpu_to_le16(IEEE80211_STYPE_PROBE_REQ):
- case cpu_to_le16(IEEE80211_STYPE_AUTH):
/* process only for ibss */
if (sdata->vif.type != NL80211_IFTYPE_ADHOC)
return RX_DROP_MONITOR;
@@ -2949,7 +2951,7 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
if (ieee80211_is_data(fc)) {
prev_sta = NULL;
- for_each_sta_info_rx(local, hdr->addr2, sta, tmp) {
+ for_each_sta_info(local, hdr->addr2, sta, tmp) {
if (!prev_sta) {
prev_sta = sta;
continue;
@@ -2993,7 +2995,7 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
continue;
}
- rx.sta = sta_info_get_bss_rx(prev, hdr->addr2);
+ rx.sta = sta_info_get_bss(prev, hdr->addr2);
rx.sdata = prev;
ieee80211_prepare_and_rx_handle(&rx, skb, false);
@@ -3001,7 +3003,7 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw,
}
if (prev) {
- rx.sta = sta_info_get_bss_rx(prev, hdr->addr2);
+ rx.sta = sta_info_get_bss(prev, hdr->addr2);
rx.sdata = prev;
if (ieee80211_prepare_and_rx_handle(&rx, skb, true))
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index fa08238..4034ee61 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -100,25 +100,6 @@ struct sta_info *sta_info_get(struct ieee80211_sub_if_data *sdata,
sta = rcu_dereference_check(local->sta_hash[STA_HASH(addr)],
lockdep_is_held(&local->sta_mtx));
while (sta) {
- if (sta->sdata == sdata && !sta->dummy &&
- memcmp(sta->sta.addr, addr, ETH_ALEN) == 0)
- break;
- sta = rcu_dereference_check(sta->hnext,
- lockdep_is_held(&local->sta_mtx));
- }
- return sta;
-}
-
-/* get a station info entry even if it is a dummy station*/
-struct sta_info *sta_info_get_rx(struct ieee80211_sub_if_data *sdata,
- const u8 *addr)
-{
- struct ieee80211_local *local = sdata->local;
- struct sta_info *sta;
-
- sta = rcu_dereference_check(local->sta_hash[STA_HASH(addr)],
- lockdep_is_held(&local->sta_mtx));
- while (sta) {
if (sta->sdata == sdata &&
memcmp(sta->sta.addr, addr, ETH_ALEN) == 0)
break;
@@ -143,30 +124,6 @@ struct sta_info *sta_info_get_bss(struct ieee80211_sub_if_data *sdata,
while (sta) {
if ((sta->sdata == sdata ||
(sta->sdata->bss && sta->sdata->bss == sdata->bss)) &&
- !sta->dummy &&
- memcmp(sta->sta.addr, addr, ETH_ALEN) == 0)
- break;
- sta = rcu_dereference_check(sta->hnext,
- lockdep_is_held(&local->sta_mtx));
- }
- return sta;
-}
-
-/*
- * Get sta info either from the specified interface
- * or from one of its vlans (including dummy stations)
- */
-struct sta_info *sta_info_get_bss_rx(struct ieee80211_sub_if_data *sdata,
- const u8 *addr)
-{
- struct ieee80211_local *local = sdata->local;
- struct sta_info *sta;
-
- sta = rcu_dereference_check(local->sta_hash[STA_HASH(addr)],
- lockdep_is_held(&local->sta_mtx));
- while (sta) {
- if ((sta->sdata == sdata ||
- (sta->sdata->bss && sta->sdata->bss == sdata->bss)) &&
memcmp(sta->sta.addr, addr, ETH_ALEN) == 0)
break;
sta = rcu_dereference_check(sta->hnext,
@@ -293,6 +250,8 @@ struct sta_info *sta_info_alloc(struct ieee80211_sub_if_data *sdata,
sta->sdata = sdata;
sta->last_rx = jiffies;
+ sta->sta_state = IEEE80211_STA_NONE;
+
do_posix_clock_monotonic_gettime(&uptime);
sta->last_connected = uptime.tv_sec;
ewma_init(&sta->avg_signal, 1024, 8);
@@ -349,6 +308,43 @@ static int sta_info_insert_check(struct sta_info *sta)
return 0;
}
+static int sta_info_insert_drv_state(struct ieee80211_local *local,
+ struct ieee80211_sub_if_data *sdata,
+ struct sta_info *sta)
+{
+ enum ieee80211_sta_state state;
+ int err = 0;
+
+ for (state = IEEE80211_STA_NOTEXIST; state < sta->sta_state; state++) {
+ err = drv_sta_state(local, sdata, sta, state, state + 1);
+ if (err)
+ break;
+ }
+
+ if (!err) {
+ /*
+ * Drivers using legacy sta_add/sta_remove callbacks only
+ * get uploaded set to true after sta_add is called.
+ */
+ if (!local->ops->sta_add)
+ sta->uploaded = true;
+ return 0;
+ }
+
+ if (sdata->vif.type == NL80211_IFTYPE_ADHOC) {
+ printk(KERN_DEBUG
+ "%s: failed to move IBSS STA %pM to state %d (%d) - keeping it anyway.\n",
+ sdata->name, sta->sta.addr, state + 1, err);
+ err = 0;
+ }
+
+ /* unwind on error */
+ for (; state > IEEE80211_STA_NOTEXIST; state--)
+ WARN_ON(drv_sta_state(local, sdata, sta, state, state - 1));
+
+ return err;
+}
+
/*
* should be called with sta_mtx locked
* this function replaces the mutex lock
@@ -358,72 +354,43 @@ static int sta_info_insert_finish(struct sta_info *sta) __acquires(RCU)
{
struct ieee80211_local *local = sta->local;
struct ieee80211_sub_if_data *sdata = sta->sdata;
- struct sta_info *exist_sta;
- bool dummy_reinsert = false;
+ struct station_info sinfo;
int err = 0;
lockdep_assert_held(&local->sta_mtx);
- /*
- * check if STA exists already.
- * only accept a scenario of a second call to sta_info_insert_finish
- * with a dummy station entry that was inserted earlier
- * in that case - assume that the dummy station flag should
- * be removed.
- */
- exist_sta = sta_info_get_bss_rx(sdata, sta->sta.addr);
- if (exist_sta) {
- if (exist_sta == sta && sta->dummy) {
- dummy_reinsert = true;
- } else {
- err = -EEXIST;
- goto out_err;
- }
- }
-
- if (!sta->dummy || dummy_reinsert) {
- /* notify driver */
- err = drv_sta_add(local, sdata, &sta->sta);
- if (err) {
- if (sdata->vif.type != NL80211_IFTYPE_ADHOC)
- goto out_err;
- printk(KERN_DEBUG "%s: failed to add IBSS STA %pM to "
- "driver (%d) - keeping it anyway.\n",
- sdata->name, sta->sta.addr, err);
- } else
- sta->uploaded = true;
+ /* check if STA exists already */
+ if (sta_info_get_bss(sdata, sta->sta.addr)) {
+ err = -EEXIST;
+ goto out_err;
}
- if (!dummy_reinsert) {
- local->num_sta++;
- local->sta_generation++;
- smp_mb();
+ /* notify driver */
+ err = sta_info_insert_drv_state(local, sdata, sta);
+ if (err)
+ goto out_err;
- /* make the station visible */
- sta_info_hash_add(local, sta);
+ local->num_sta++;
+ local->sta_generation++;
+ smp_mb();
- list_add(&sta->list, &local->sta_list);
+ /* make the station visible */
+ sta_info_hash_add(local, sta);
- set_sta_flag(sta, WLAN_STA_INSERTED);
- } else {
- sta->dummy = false;
- }
+ list_add(&sta->list, &local->sta_list);
- if (!sta->dummy) {
- struct station_info sinfo;
+ set_sta_flag(sta, WLAN_STA_INSERTED);
- ieee80211_sta_debugfs_add(sta);
- rate_control_add_sta_debugfs(sta);
+ ieee80211_sta_debugfs_add(sta);
+ rate_control_add_sta_debugfs(sta);
- memset(&sinfo, 0, sizeof(sinfo));
- sinfo.filled = 0;
- sinfo.generation = local->sta_generation;
- cfg80211_new_sta(sdata->dev, sta->sta.addr, &sinfo, GFP_KERNEL);
- }
+ memset(&sinfo, 0, sizeof(sinfo));
+ sinfo.filled = 0;
+ sinfo.generation = local->sta_generation;
+ cfg80211_new_sta(sdata->dev, sta->sta.addr, &sinfo, GFP_KERNEL);
#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
- wiphy_debug(local->hw.wiphy, "Inserted %sSTA %pM\n",
- sta->dummy ? "dummy " : "", sta->sta.addr);
+ wiphy_debug(local->hw.wiphy, "Inserted STA %pM\n", sta->sta.addr);
#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
/* move reference to rcu-protected */
@@ -475,25 +442,6 @@ int sta_info_insert(struct sta_info *sta)
return err;
}
-/* Caller must hold sta->local->sta_mtx */
-int sta_info_reinsert(struct sta_info *sta)
-{
- struct ieee80211_local *local = sta->local;
- int err = 0;
-
- err = sta_info_insert_check(sta);
- if (err) {
- mutex_unlock(&local->sta_mtx);
- return err;
- }
-
- might_sleep();
-
- err = sta_info_insert_finish(sta);
- rcu_read_unlock();
- return err;
-}
-
static inline void __bss_tim_set(struct ieee80211_if_ap *bss, u16 aid)
{
/*
@@ -757,20 +705,17 @@ int __must_check __sta_info_destroy(struct sta_info *sta)
RCU_INIT_POINTER(sdata->u.vlan.sta, NULL);
while (sta->sta_state > IEEE80211_STA_NONE) {
- int err = sta_info_move_state(sta, sta->sta_state - 1);
- if (err) {
+ ret = sta_info_move_state(sta, sta->sta_state - 1);
+ if (ret) {
WARN_ON_ONCE(1);
break;
}
}
if (sta->uploaded) {
- if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
- sdata = container_of(sdata->bss,
- struct ieee80211_sub_if_data,
- u.ap);
- drv_sta_remove(local, sdata, &sta->sta);
- sdata = sta->sdata;
+ ret = drv_sta_state(local, sdata, sta, IEEE80211_STA_NONE,
+ IEEE80211_STA_NOTEXIST);
+ WARN_ON_ONCE(ret != 0);
}
/*
@@ -843,7 +788,7 @@ int sta_info_destroy_addr(struct ieee80211_sub_if_data *sdata, const u8 *addr)
int ret;
mutex_lock(&sdata->local->sta_mtx);
- sta = sta_info_get_rx(sdata, addr);
+ sta = sta_info_get(sdata, addr);
ret = __sta_info_destroy(sta);
mutex_unlock(&sdata->local->sta_mtx);
@@ -857,7 +802,7 @@ int sta_info_destroy_addr_bss(struct ieee80211_sub_if_data *sdata,
int ret;
mutex_lock(&sdata->local->sta_mtx);
- sta = sta_info_get_bss_rx(sdata, addr);
+ sta = sta_info_get_bss(sdata, addr);
ret = __sta_info_destroy(sta);
mutex_unlock(&sdata->local->sta_mtx);
@@ -1408,20 +1353,60 @@ int sta_info_move_state(struct sta_info *sta,
if (sta->sta_state == new_state)
return 0;
+ /* check allowed transitions first */
+
+ switch (new_state) {
+ case IEEE80211_STA_NONE:
+ if (sta->sta_state != IEEE80211_STA_AUTH)
+ return -EINVAL;
+ break;
+ case IEEE80211_STA_AUTH:
+ if (sta->sta_state != IEEE80211_STA_NONE &&
+ sta->sta_state != IEEE80211_STA_ASSOC)
+ return -EINVAL;
+ break;
+ case IEEE80211_STA_ASSOC:
+ if (sta->sta_state != IEEE80211_STA_AUTH &&
+ sta->sta_state != IEEE80211_STA_AUTHORIZED)
+ return -EINVAL;
+ break;
+ case IEEE80211_STA_AUTHORIZED:
+ if (sta->sta_state != IEEE80211_STA_ASSOC)
+ return -EINVAL;
+ break;
+ default:
+ WARN(1, "invalid state %d", new_state);
+ return -EINVAL;
+ }
+
+#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
+ printk(KERN_DEBUG "%s: moving STA %pM to state %d\n",
+ sta->sdata->name, sta->sta.addr, new_state);
+#endif
+
+ /*
+ * notify the driver before the actual changes so it can
+ * fail the transition
+ */
+ if (test_sta_flag(sta, WLAN_STA_INSERTED)) {
+ int err = drv_sta_state(sta->local, sta->sdata, sta,
+ sta->sta_state, new_state);
+ if (err)
+ return err;
+ }
+
+ /* reflect the change in all state variables */
+
switch (new_state) {
case IEEE80211_STA_NONE:
if (sta->sta_state == IEEE80211_STA_AUTH)
clear_bit(WLAN_STA_AUTH, &sta->_flags);
- else
- return -EINVAL;
break;
case IEEE80211_STA_AUTH:
if (sta->sta_state == IEEE80211_STA_NONE)
set_bit(WLAN_STA_AUTH, &sta->_flags);
else if (sta->sta_state == IEEE80211_STA_ASSOC)
clear_bit(WLAN_STA_ASSOC, &sta->_flags);
- else
- return -EINVAL;
break;
case IEEE80211_STA_ASSOC:
if (sta->sta_state == IEEE80211_STA_AUTH) {
@@ -1430,24 +1415,19 @@ int sta_info_move_state(struct sta_info *sta,
if (sta->sdata->vif.type == NL80211_IFTYPE_AP)
atomic_dec(&sta->sdata->u.ap.num_sta_authorized);
clear_bit(WLAN_STA_AUTHORIZED, &sta->_flags);
- } else
- return -EINVAL;
+ }
break;
case IEEE80211_STA_AUTHORIZED:
if (sta->sta_state == IEEE80211_STA_ASSOC) {
if (sta->sdata->vif.type == NL80211_IFTYPE_AP)
atomic_inc(&sta->sdata->u.ap.num_sta_authorized);
set_bit(WLAN_STA_AUTHORIZED, &sta->_flags);
- } else
- return -EINVAL;
+ }
break;
default:
- WARN(1, "invalid state %d", new_state);
- return -EINVAL;
+ break;
}
- printk(KERN_DEBUG "%s: moving STA %pM to state %d\n",
- sta->sdata->name, sta->sta.addr, new_state);
sta->sta_state = new_state;
return 0;
diff --git a/net/mac80211/sta_info.h b/net/mac80211/sta_info.h
index 381de37..23a97c9 100644
--- a/net/mac80211/sta_info.h
+++ b/net/mac80211/sta_info.h
@@ -53,6 +53,7 @@
* reply to other uAPSD trigger frames or PS-Poll.
* @WLAN_STA_4ADDR_EVENT: 4-addr event was already sent for this frame.
* @WLAN_STA_INSERTED: This station is inserted into the hash table.
+ * @WLAN_STA_RATE_CONTROL: rate control was initialized for this station.
*/
enum ieee80211_sta_info_flags {
WLAN_STA_AUTH,
@@ -73,14 +74,7 @@ enum ieee80211_sta_info_flags {
WLAN_STA_SP,
WLAN_STA_4ADDR_EVENT,
WLAN_STA_INSERTED,
-};
-
-enum ieee80211_sta_state {
- /* NOTE: These need to be ordered correctly! */
- IEEE80211_STA_NONE,
- IEEE80211_STA_AUTH,
- IEEE80211_STA_ASSOC,
- IEEE80211_STA_AUTHORIZED,
+ WLAN_STA_RATE_CONTROL,
};
#define STA_TID_NUM 16
@@ -273,8 +267,6 @@ struct sta_ampdu_mlme {
* @dead: set to true when sta is unlinked
* @uploaded: set to true when sta is uploaded to the driver
* @lost_packets: number of consecutive lost packets
- * @dummy: indicate a dummy station created for receiving
- * EAP frames before association
* @sta: station information we share with the driver
* @sta_state: duplicates information about station state (for debug)
* @beacon_loss_count: number of times beacon loss has triggered
@@ -372,9 +364,6 @@ struct sta_info {
unsigned int lost_packets;
unsigned int beacon_loss_count;
- /* should be right in front of sta to be in the same cache line */
- bool dummy;
-
/* keep last! */
struct ieee80211_sta sta;
};
@@ -476,15 +465,9 @@ rcu_dereference_protected_tid_tx(struct sta_info *sta, int tid)
struct sta_info *sta_info_get(struct ieee80211_sub_if_data *sdata,
const u8 *addr);
-struct sta_info *sta_info_get_rx(struct ieee80211_sub_if_data *sdata,
- const u8 *addr);
-
struct sta_info *sta_info_get_bss(struct ieee80211_sub_if_data *sdata,
const u8 *addr);
-struct sta_info *sta_info_get_bss_rx(struct ieee80211_sub_if_data *sdata,
- const u8 *addr);
-
static inline
void for_each_sta_info_type_check(struct ieee80211_local *local,
const u8 *addr,
@@ -493,23 +476,7 @@ void for_each_sta_info_type_check(struct ieee80211_local *local,
{
}
-#define for_each_sta_info(local, _addr, _sta, nxt) \
- for ( /* initialise loop */ \
- _sta = rcu_dereference(local->sta_hash[STA_HASH(_addr)]),\
- nxt = _sta ? rcu_dereference(_sta->hnext) : NULL; \
- /* typecheck */ \
- for_each_sta_info_type_check(local, (_addr), _sta, nxt),\
- /* continue condition */ \
- _sta; \
- /* advance loop */ \
- _sta = nxt, \
- nxt = _sta ? rcu_dereference(_sta->hnext) : NULL \
- ) \
- /* run code only if address matches and it's not a dummy sta */ \
- if (memcmp(_sta->sta.addr, (_addr), ETH_ALEN) == 0 && \
- !_sta->dummy)
-
-#define for_each_sta_info_rx(local, _addr, _sta, nxt) \
+#define for_each_sta_info(local, _addr, _sta, nxt) \
for ( /* initialise loop */ \
_sta = rcu_dereference(local->sta_hash[STA_HASH(_addr)]),\
nxt = _sta ? rcu_dereference(_sta->hnext) : NULL; \
@@ -548,7 +515,6 @@ void sta_info_free(struct ieee80211_local *local, struct sta_info *sta);
*/
int sta_info_insert(struct sta_info *sta);
int sta_info_insert_rcu(struct sta_info *sta) __acquires(RCU);
-int sta_info_reinsert(struct sta_info *sta);
int __must_check __sta_info_destroy(struct sta_info *sta);
int sta_info_destroy_addr(struct ieee80211_sub_if_data *sdata,
diff --git a/net/mac80211/util.c b/net/mac80211/util.c
index d82d886..264397a 100644
--- a/net/mac80211/util.c
+++ b/net/mac80211/util.c
@@ -1185,13 +1185,12 @@ int ieee80211_reconfig(struct ieee80211_local *local)
mutex_lock(&local->sta_mtx);
list_for_each_entry(sta, &local->sta_list, list) {
if (sta->uploaded) {
- sdata = sta->sdata;
- if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
- sdata = container_of(sdata->bss,
- struct ieee80211_sub_if_data,
- u.ap);
+ enum ieee80211_sta_state state;
- WARN_ON(drv_sta_add(local, sdata, &sta->sta));
+ for (state = IEEE80211_STA_NOTEXIST;
+ state < sta->sta_state - 1; state++)
+ WARN_ON(drv_sta_state(local, sta->sdata, sta,
+ state, state + 1));
}
}
mutex_unlock(&local->sta_mtx);
diff --git a/net/mac80211/work.c b/net/mac80211/work.c
index 0a1a176..c6e230e 100644
--- a/net/mac80211/work.c
+++ b/net/mac80211/work.c
@@ -27,16 +27,9 @@
#include "rate.h"
#include "driver-ops.h"
-#define IEEE80211_AUTH_TIMEOUT (HZ / 5)
-#define IEEE80211_AUTH_MAX_TRIES 3
-#define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
-#define IEEE80211_ASSOC_MAX_TRIES 3
-
enum work_action {
- WORK_ACT_MISMATCH,
WORK_ACT_NONE,
WORK_ACT_TIMEOUT,
- WORK_ACT_DONE,
};
@@ -71,465 +64,6 @@ void free_work(struct ieee80211_work *wk)
kfree_rcu(wk, rcu_head);
}
-static int ieee80211_compatible_rates(const u8 *supp_rates, int supp_rates_len,
- struct ieee80211_supported_band *sband,
- u32 *rates)
-{
- int i, j, count;
- *rates = 0;
- count = 0;
- for (i = 0; i < supp_rates_len; i++) {
- int rate = (supp_rates[i] & 0x7F) * 5;
-
- for (j = 0; j < sband->n_bitrates; j++)
- if (sband->bitrates[j].bitrate == rate) {
- *rates |= BIT(j);
- count++;
- break;
- }
- }
-
- return count;
-}
-
-/* frame sending functions */
-
-static void ieee80211_add_ht_ie(struct ieee80211_sub_if_data *sdata,
- struct sk_buff *skb, const u8 *ht_info_ie,
- struct ieee80211_supported_band *sband,
- struct ieee80211_channel *channel,
- enum ieee80211_smps_mode smps)
-{
- struct ieee80211_ht_info *ht_info;
- u8 *pos;
- u32 flags = channel->flags;
- u16 cap;
- struct ieee80211_sta_ht_cap ht_cap;
-
- BUILD_BUG_ON(sizeof(ht_cap) != sizeof(sband->ht_cap));
-
- if (!sband->ht_cap.ht_supported)
- return;
-
- if (!ht_info_ie)
- return;
-
- if (ht_info_ie[1] < sizeof(struct ieee80211_ht_info))
- return;
-
- memcpy(&ht_cap, &sband->ht_cap, sizeof(ht_cap));
- ieee80211_apply_htcap_overrides(sdata, &ht_cap);
-
- ht_info = (struct ieee80211_ht_info *)(ht_info_ie + 2);
-
- /* determine capability flags */
- cap = ht_cap.cap;
-
- switch (ht_info->ht_param & IEEE80211_HT_PARAM_CHA_SEC_OFFSET) {
- case IEEE80211_HT_PARAM_CHA_SEC_ABOVE:
- if (flags & IEEE80211_CHAN_NO_HT40PLUS) {
- cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
- cap &= ~IEEE80211_HT_CAP_SGI_40;
- }
- break;
- case IEEE80211_HT_PARAM_CHA_SEC_BELOW:
- if (flags & IEEE80211_CHAN_NO_HT40MINUS) {
- cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40;
- cap &= ~IEEE80211_HT_CAP_SGI_40;
- }
- break;
- }
-
- /* set SM PS mode properly */
- cap &= ~IEEE80211_HT_CAP_SM_PS;
- switch (smps) {
- case IEEE80211_SMPS_AUTOMATIC:
- case IEEE80211_SMPS_NUM_MODES:
- WARN_ON(1);
- case IEEE80211_SMPS_OFF:
- cap |= WLAN_HT_CAP_SM_PS_DISABLED <<
- IEEE80211_HT_CAP_SM_PS_SHIFT;
- break;
- case IEEE80211_SMPS_STATIC:
- cap |= WLAN_HT_CAP_SM_PS_STATIC <<
- IEEE80211_HT_CAP_SM_PS_SHIFT;
- break;
- case IEEE80211_SMPS_DYNAMIC:
- cap |= WLAN_HT_CAP_SM_PS_DYNAMIC <<
- IEEE80211_HT_CAP_SM_PS_SHIFT;
- break;
- }
-
- /* reserve and fill IE */
- pos = skb_put(skb, sizeof(struct ieee80211_ht_cap) + 2);
- ieee80211_ie_build_ht_cap(pos, &ht_cap, cap);
-}
-
-static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
- struct ieee80211_work *wk)
-{
- struct ieee80211_local *local = sdata->local;
- struct sk_buff *skb;
- struct ieee80211_mgmt *mgmt;
- u8 *pos, qos_info;
- size_t offset = 0, noffset;
- int i, count, rates_len, supp_rates_len;
- u16 capab;
- struct ieee80211_supported_band *sband;
- u32 rates = 0;
-
- sband = local->hw.wiphy->bands[wk->chan->band];
-
- if (wk->assoc.supp_rates_len) {
- /*
- * Get all rates supported by the device and the AP as
- * some APs don't like getting a superset of their rates
- * in the association request (e.g. D-Link DAP 1353 in
- * b-only mode)...
- */
- rates_len = ieee80211_compatible_rates(wk->assoc.supp_rates,
- wk->assoc.supp_rates_len,
- sband, &rates);
- } else {
- /*
- * In case AP not provide any supported rates information
- * before association, we send information element(s) with
- * all rates that we support.
- */
- rates = ~0;
- rates_len = sband->n_bitrates;
- }
-
- skb = alloc_skb(local->hw.extra_tx_headroom +
- sizeof(*mgmt) + /* bit too much but doesn't matter */
- 2 + wk->assoc.ssid_len + /* SSID */
- 4 + rates_len + /* (extended) rates */
- 4 + /* power capability */
- 2 + 2 * sband->n_channels + /* supported channels */
- 2 + sizeof(struct ieee80211_ht_cap) + /* HT */
- wk->ie_len + /* extra IEs */
- 9, /* WMM */
- GFP_KERNEL);
- if (!skb)
- return;
-
- skb_reserve(skb, local->hw.extra_tx_headroom);
-
- capab = WLAN_CAPABILITY_ESS;
-
- if (sband->band == IEEE80211_BAND_2GHZ) {
- if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
- capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
- if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE))
- capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
- }
-
- if (wk->assoc.capability & WLAN_CAPABILITY_PRIVACY)
- capab |= WLAN_CAPABILITY_PRIVACY;
-
- if ((wk->assoc.capability & WLAN_CAPABILITY_SPECTRUM_MGMT) &&
- (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT))
- capab |= WLAN_CAPABILITY_SPECTRUM_MGMT;
-
- mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
- memset(mgmt, 0, 24);
- memcpy(mgmt->da, wk->filter_ta, ETH_ALEN);
- memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
- memcpy(mgmt->bssid, wk->filter_ta, ETH_ALEN);
-
- if (!is_zero_ether_addr(wk->assoc.prev_bssid)) {
- skb_put(skb, 10);
- mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
- IEEE80211_STYPE_REASSOC_REQ);
- mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
- mgmt->u.reassoc_req.listen_interval =
- cpu_to_le16(local->hw.conf.listen_interval);
- memcpy(mgmt->u.reassoc_req.current_ap, wk->assoc.prev_bssid,
- ETH_ALEN);
- } else {
- skb_put(skb, 4);
- mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
- IEEE80211_STYPE_ASSOC_REQ);
- mgmt->u.assoc_req.capab_info = cpu_to_le16(capab);
- mgmt->u.assoc_req.listen_interval =
- cpu_to_le16(local->hw.conf.listen_interval);
- }
-
- /* SSID */
- pos = skb_put(skb, 2 + wk->assoc.ssid_len);
- *pos++ = WLAN_EID_SSID;
- *pos++ = wk->assoc.ssid_len;
- memcpy(pos, wk->assoc.ssid, wk->assoc.ssid_len);
-
- /* add all rates which were marked to be used above */
- supp_rates_len = rates_len;
- if (supp_rates_len > 8)
- supp_rates_len = 8;
-
- pos = skb_put(skb, supp_rates_len + 2);
- *pos++ = WLAN_EID_SUPP_RATES;
- *pos++ = supp_rates_len;
-
- count = 0;
- for (i = 0; i < sband->n_bitrates; i++) {
- if (BIT(i) & rates) {
- int rate = sband->bitrates[i].bitrate;
- *pos++ = (u8) (rate / 5);
- if (++count == 8)
- break;
- }
- }
-
- if (rates_len > count) {
- pos = skb_put(skb, rates_len - count + 2);
- *pos++ = WLAN_EID_EXT_SUPP_RATES;
- *pos++ = rates_len - count;
-
- for (i++; i < sband->n_bitrates; i++) {
- if (BIT(i) & rates) {
- int rate = sband->bitrates[i].bitrate;
- *pos++ = (u8) (rate / 5);
- }
- }
- }
-
- if (capab & WLAN_CAPABILITY_SPECTRUM_MGMT) {
- /* 1. power capabilities */
- pos = skb_put(skb, 4);
- *pos++ = WLAN_EID_PWR_CAPABILITY;
- *pos++ = 2;
- *pos++ = 0; /* min tx power */
- *pos++ = wk->chan->max_power; /* max tx power */
-
- /* 2. supported channels */
- /* TODO: get this in reg domain format */
- pos = skb_put(skb, 2 * sband->n_channels + 2);
- *pos++ = WLAN_EID_SUPPORTED_CHANNELS;
- *pos++ = 2 * sband->n_channels;
- for (i = 0; i < sband->n_channels; i++) {
- *pos++ = ieee80211_frequency_to_channel(
- sband->channels[i].center_freq);
- *pos++ = 1; /* one channel in the subband*/
- }
- }
-
- /* if present, add any custom IEs that go before HT */
- if (wk->ie_len && wk->ie) {
- static const u8 before_ht[] = {
- WLAN_EID_SSID,
- WLAN_EID_SUPP_RATES,
- WLAN_EID_EXT_SUPP_RATES,
- WLAN_EID_PWR_CAPABILITY,
- WLAN_EID_SUPPORTED_CHANNELS,
- WLAN_EID_RSN,
- WLAN_EID_QOS_CAPA,
- WLAN_EID_RRM_ENABLED_CAPABILITIES,
- WLAN_EID_MOBILITY_DOMAIN,
- WLAN_EID_SUPPORTED_REGULATORY_CLASSES,
- };
- noffset = ieee80211_ie_split(wk->ie, wk->ie_len,
- before_ht, ARRAY_SIZE(before_ht),
- offset);
- pos = skb_put(skb, noffset - offset);
- memcpy(pos, wk->ie + offset, noffset - offset);
- offset = noffset;
- }
-
- if (wk->assoc.use_11n && wk->assoc.wmm_used &&
- local->hw.queues >= 4)
- ieee80211_add_ht_ie(sdata, skb, wk->assoc.ht_information_ie,
- sband, wk->chan, wk->assoc.smps);
-
- /* if present, add any custom non-vendor IEs that go after HT */
- if (wk->ie_len && wk->ie) {
- noffset = ieee80211_ie_split_vendor(wk->ie, wk->ie_len,
- offset);
- pos = skb_put(skb, noffset - offset);
- memcpy(pos, wk->ie + offset, noffset - offset);
- offset = noffset;
- }
-
- if (wk->assoc.wmm_used && local->hw.queues >= 4) {
- if (wk->assoc.uapsd_used) {
- qos_info = local->uapsd_queues;
- qos_info |= (local->uapsd_max_sp_len <<
- IEEE80211_WMM_IE_STA_QOSINFO_SP_SHIFT);
- } else {
- qos_info = 0;
- }
-
- pos = skb_put(skb, 9);
- *pos++ = WLAN_EID_VENDOR_SPECIFIC;
- *pos++ = 7; /* len */
- *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */
- *pos++ = 0x50;
- *pos++ = 0xf2;
- *pos++ = 2; /* WME */
- *pos++ = 0; /* WME info */
- *pos++ = 1; /* WME ver */
- *pos++ = qos_info;
- }
-
- /* add any remaining custom (i.e. vendor specific here) IEs */
- if (wk->ie_len && wk->ie) {
- noffset = wk->ie_len;
- pos = skb_put(skb, noffset - offset);
- memcpy(pos, wk->ie + offset, noffset - offset);
- }
-
- IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
- ieee80211_tx_skb(sdata, skb);
-}
-
-static void ieee80211_remove_auth_bss(struct ieee80211_local *local,
- struct ieee80211_work *wk)
-{
- struct cfg80211_bss *cbss;
- u16 capa_val = WLAN_CAPABILITY_ESS;
-
- if (wk->probe_auth.privacy)
- capa_val |= WLAN_CAPABILITY_PRIVACY;
-
- cbss = cfg80211_get_bss(local->hw.wiphy, wk->chan, wk->filter_ta,
- wk->probe_auth.ssid, wk->probe_auth.ssid_len,
- WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_PRIVACY,
- capa_val);
- if (!cbss)
- return;
-
- cfg80211_unlink_bss(local->hw.wiphy, cbss);
- cfg80211_put_bss(cbss);
-}
-
-static enum work_action __must_check
-ieee80211_direct_probe(struct ieee80211_work *wk)
-{
- struct ieee80211_sub_if_data *sdata = wk->sdata;
- struct ieee80211_local *local = sdata->local;
-
- if (!wk->probe_auth.synced) {
- int ret = drv_tx_sync(local, sdata, wk->filter_ta,
- IEEE80211_TX_SYNC_AUTH);
- if (ret)
- return WORK_ACT_TIMEOUT;
- }
- wk->probe_auth.synced = true;
-
- wk->probe_auth.tries++;
- if (wk->probe_auth.tries > IEEE80211_AUTH_MAX_TRIES) {
- printk(KERN_DEBUG "%s: direct probe to %pM timed out\n",
- sdata->name, wk->filter_ta);
-
- /*
- * Most likely AP is not in the range so remove the
- * bss struct for that AP.
- */
- ieee80211_remove_auth_bss(local, wk);
-
- return WORK_ACT_TIMEOUT;
- }
-
- printk(KERN_DEBUG "%s: direct probe to %pM (try %d/%i)\n",
- sdata->name, wk->filter_ta, wk->probe_auth.tries,
- IEEE80211_AUTH_MAX_TRIES);
-
- /*
- * Direct probe is sent to broadcast address as some APs
- * will not answer to direct packet in unassociated state.
- */
- ieee80211_send_probe_req(sdata, NULL, wk->probe_auth.ssid,
- wk->probe_auth.ssid_len, NULL, 0,
- (u32) -1, true, false);
-
- wk->timeout = jiffies + IEEE80211_AUTH_TIMEOUT;
- run_again(local, wk->timeout);
-
- return WORK_ACT_NONE;
-}
-
-
-static enum work_action __must_check
-ieee80211_authenticate(struct ieee80211_work *wk)
-{
- struct ieee80211_sub_if_data *sdata = wk->sdata;
- struct ieee80211_local *local = sdata->local;
-
- if (!wk->probe_auth.synced) {
- int ret = drv_tx_sync(local, sdata, wk->filter_ta,
- IEEE80211_TX_SYNC_AUTH);
- if (ret)
- return WORK_ACT_TIMEOUT;
- }
- wk->probe_auth.synced = true;
-
- wk->probe_auth.tries++;
- if (wk->probe_auth.tries > IEEE80211_AUTH_MAX_TRIES) {
- printk(KERN_DEBUG "%s: authentication with %pM"
- " timed out\n", sdata->name, wk->filter_ta);
-
- /*
- * Most likely AP is not in the range so remove the
- * bss struct for that AP.
- */
- ieee80211_remove_auth_bss(local, wk);
-
- return WORK_ACT_TIMEOUT;
- }
-
- printk(KERN_DEBUG "%s: authenticate with %pM (try %d)\n",
- sdata->name, wk->filter_ta, wk->probe_auth.tries);
-
- ieee80211_send_auth(sdata, 1, wk->probe_auth.algorithm, wk->ie,
- wk->ie_len, wk->filter_ta, wk->filter_ta, NULL, 0,
- 0);
- wk->probe_auth.transaction = 2;
-
- wk->timeout = jiffies + IEEE80211_AUTH_TIMEOUT;
- run_again(local, wk->timeout);
-
- return WORK_ACT_NONE;
-}
-
-static enum work_action __must_check
-ieee80211_associate(struct ieee80211_work *wk)
-{
- struct ieee80211_sub_if_data *sdata = wk->sdata;
- struct ieee80211_local *local = sdata->local;
-
- if (!wk->assoc.synced) {
- int ret = drv_tx_sync(local, sdata, wk->filter_ta,
- IEEE80211_TX_SYNC_ASSOC);
- if (ret)
- return WORK_ACT_TIMEOUT;
- }
- wk->assoc.synced = true;
-
- wk->assoc.tries++;
- if (wk->assoc.tries > IEEE80211_ASSOC_MAX_TRIES) {
- printk(KERN_DEBUG "%s: association with %pM"
- " timed out\n",
- sdata->name, wk->filter_ta);
-
- /*
- * Most likely AP is not in the range so remove the
- * bss struct for that AP.
- */
- if (wk->assoc.bss)
- cfg80211_unlink_bss(local->hw.wiphy, wk->assoc.bss);
-
- return WORK_ACT_TIMEOUT;
- }
-
- printk(KERN_DEBUG "%s: associate with %pM (try %d)\n",
- sdata->name, wk->filter_ta, wk->assoc.tries);
- ieee80211_send_assoc(sdata, wk);
-
- wk->timeout = jiffies + IEEE80211_ASSOC_TIMEOUT;
- run_again(local, wk->timeout);
-
- return WORK_ACT_NONE;
-}
-
static enum work_action __must_check
ieee80211_remain_on_channel_timeout(struct ieee80211_work *wk)
{
@@ -569,300 +103,6 @@ ieee80211_offchannel_tx(struct ieee80211_work *wk)
return WORK_ACT_TIMEOUT;
}
-static enum work_action __must_check
-ieee80211_assoc_beacon_wait(struct ieee80211_work *wk)
-{
- if (wk->started)
- return WORK_ACT_TIMEOUT;
-
- /*
- * Wait up to one beacon interval ...
- * should this be more if we miss one?
- */
- printk(KERN_DEBUG "%s: waiting for beacon from %pM\n",
- wk->sdata->name, wk->filter_ta);
- wk->timeout = TU_TO_EXP_TIME(wk->assoc.bss->beacon_interval);
- return WORK_ACT_NONE;
-}
-
-static void ieee80211_auth_challenge(struct ieee80211_work *wk,
- struct ieee80211_mgmt *mgmt,
- size_t len)
-{
- struct ieee80211_sub_if_data *sdata = wk->sdata;
- u8 *pos;
- struct ieee802_11_elems elems;
-
- pos = mgmt->u.auth.variable;
- ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
- if (!elems.challenge)
- return;
- ieee80211_send_auth(sdata, 3, wk->probe_auth.algorithm,
- elems.challenge - 2, elems.challenge_len + 2,
- wk->filter_ta, wk->filter_ta, wk->probe_auth.key,
- wk->probe_auth.key_len, wk->probe_auth.key_idx);
- wk->probe_auth.transaction = 4;
-}
-
-static enum work_action __must_check
-ieee80211_rx_mgmt_auth(struct ieee80211_work *wk,
- struct ieee80211_mgmt *mgmt, size_t len)
-{
- u16 auth_alg, auth_transaction, status_code;
-
- if (wk->type != IEEE80211_WORK_AUTH)
- return WORK_ACT_MISMATCH;
-
- if (len < 24 + 6)
- return WORK_ACT_NONE;
-
- auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
- auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
- status_code = le16_to_cpu(mgmt->u.auth.status_code);
-
- if (auth_alg != wk->probe_auth.algorithm ||
- auth_transaction != wk->probe_auth.transaction)
- return WORK_ACT_NONE;
-
- if (status_code != WLAN_STATUS_SUCCESS) {
- printk(KERN_DEBUG "%s: %pM denied authentication (status %d)\n",
- wk->sdata->name, mgmt->sa, status_code);
- return WORK_ACT_DONE;
- }
-
- switch (wk->probe_auth.algorithm) {
- case WLAN_AUTH_OPEN:
- case WLAN_AUTH_LEAP:
- case WLAN_AUTH_FT:
- break;
- case WLAN_AUTH_SHARED_KEY:
- if (wk->probe_auth.transaction != 4) {
- ieee80211_auth_challenge(wk, mgmt, len);
- /* need another frame */
- return WORK_ACT_NONE;
- }
- break;
- default:
- WARN_ON(1);
- return WORK_ACT_NONE;
- }
-
- printk(KERN_DEBUG "%s: authenticated\n", wk->sdata->name);
- return WORK_ACT_DONE;
-}
-
-static enum work_action __must_check
-ieee80211_rx_mgmt_assoc_resp(struct ieee80211_work *wk,
- struct ieee80211_mgmt *mgmt, size_t len,
- bool reassoc)
-{
- struct ieee80211_sub_if_data *sdata = wk->sdata;
- struct ieee80211_local *local = sdata->local;
- u16 capab_info, status_code, aid;
- struct ieee802_11_elems elems;
- u8 *pos;
-
- if (wk->type != IEEE80211_WORK_ASSOC)
- return WORK_ACT_MISMATCH;
-
- /*
- * AssocResp and ReassocResp have identical structure, so process both
- * of them in this function.
- */
-
- if (len < 24 + 6)
- return WORK_ACT_NONE;
-
- capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
- status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code);
- aid = le16_to_cpu(mgmt->u.assoc_resp.aid);
-
- printk(KERN_DEBUG "%s: RX %sssocResp from %pM (capab=0x%x "
- "status=%d aid=%d)\n",
- sdata->name, reassoc ? "Rea" : "A", mgmt->sa,
- capab_info, status_code, (u16)(aid & ~(BIT(15) | BIT(14))));
-
- pos = mgmt->u.assoc_resp.variable;
- ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
-
- if (status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY &&
- elems.timeout_int && elems.timeout_int_len == 5 &&
- elems.timeout_int[0] == WLAN_TIMEOUT_ASSOC_COMEBACK) {
- u32 tu, ms;
- tu = get_unaligned_le32(elems.timeout_int + 1);
- ms = tu * 1024 / 1000;
- printk(KERN_DEBUG "%s: %pM rejected association temporarily; "
- "comeback duration %u TU (%u ms)\n",
- sdata->name, mgmt->sa, tu, ms);
- wk->timeout = jiffies + msecs_to_jiffies(ms);
- if (ms > IEEE80211_ASSOC_TIMEOUT)
- run_again(local, wk->timeout);
- return WORK_ACT_NONE;
- }
-
- if (status_code != WLAN_STATUS_SUCCESS)
- printk(KERN_DEBUG "%s: %pM denied association (code=%d)\n",
- sdata->name, mgmt->sa, status_code);
- else
- printk(KERN_DEBUG "%s: associated\n", sdata->name);
-
- return WORK_ACT_DONE;
-}
-
-static enum work_action __must_check
-ieee80211_rx_mgmt_probe_resp(struct ieee80211_work *wk,
- struct ieee80211_mgmt *mgmt, size_t len,
- struct ieee80211_rx_status *rx_status)
-{
- struct ieee80211_sub_if_data *sdata = wk->sdata;
- struct ieee80211_local *local = sdata->local;
- size_t baselen;
-
- ASSERT_WORK_MTX(local);
-
- if (wk->type != IEEE80211_WORK_DIRECT_PROBE)
- return WORK_ACT_MISMATCH;
-
- if (len < 24 + 12)
- return WORK_ACT_NONE;
-
- baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt;
- if (baselen > len)
- return WORK_ACT_NONE;
-
- printk(KERN_DEBUG "%s: direct probe responded\n", sdata->name);
- return WORK_ACT_DONE;
-}
-
-static enum work_action __must_check
-ieee80211_rx_mgmt_beacon(struct ieee80211_work *wk,
- struct ieee80211_mgmt *mgmt, size_t len)
-{
- struct ieee80211_sub_if_data *sdata = wk->sdata;
- struct ieee80211_local *local = sdata->local;
-
- ASSERT_WORK_MTX(local);
-
- if (wk->type != IEEE80211_WORK_ASSOC_BEACON_WAIT)
- return WORK_ACT_MISMATCH;
-
- if (len < 24 + 12)
- return WORK_ACT_NONE;
-
- printk(KERN_DEBUG "%s: beacon received\n", sdata->name);
- return WORK_ACT_DONE;
-}
-
-static void ieee80211_work_rx_queued_mgmt(struct ieee80211_local *local,
- struct sk_buff *skb)
-{
- struct ieee80211_rx_status *rx_status;
- struct ieee80211_mgmt *mgmt;
- struct ieee80211_work *wk;
- enum work_action rma = WORK_ACT_NONE;
- u16 fc;
-
- rx_status = (struct ieee80211_rx_status *) skb->cb;
- mgmt = (struct ieee80211_mgmt *) skb->data;
- fc = le16_to_cpu(mgmt->frame_control);
-
- mutex_lock(&local->mtx);
-
- list_for_each_entry(wk, &local->work_list, list) {
- const u8 *bssid = NULL;
-
- switch (wk->type) {
- case IEEE80211_WORK_DIRECT_PROBE:
- case IEEE80211_WORK_AUTH:
- case IEEE80211_WORK_ASSOC:
- case IEEE80211_WORK_ASSOC_BEACON_WAIT:
- bssid = wk->filter_ta;
- break;
- default:
- continue;
- }
-
- /*
- * Before queuing, we already verified mgmt->sa,
- * so this is needed just for matching.
- */
- if (compare_ether_addr(bssid, mgmt->bssid))
- continue;
-
- switch (fc & IEEE80211_FCTL_STYPE) {
- case IEEE80211_STYPE_BEACON:
- rma = ieee80211_rx_mgmt_beacon(wk, mgmt, skb->len);
- break;
- case IEEE80211_STYPE_PROBE_RESP:
- rma = ieee80211_rx_mgmt_probe_resp(wk, mgmt, skb->len,
- rx_status);
- break;
- case IEEE80211_STYPE_AUTH:
- rma = ieee80211_rx_mgmt_auth(wk, mgmt, skb->len);
- break;
- case IEEE80211_STYPE_ASSOC_RESP:
- rma = ieee80211_rx_mgmt_assoc_resp(wk, mgmt,
- skb->len, false);
- break;
- case IEEE80211_STYPE_REASSOC_RESP:
- rma = ieee80211_rx_mgmt_assoc_resp(wk, mgmt,
- skb->len, true);
- break;
- default:
- WARN_ON(1);
- rma = WORK_ACT_NONE;
- }
-
- /*
- * We've either received an unexpected frame, or we have
- * multiple work items and need to match the frame to the
- * right one.
- */
- if (rma == WORK_ACT_MISMATCH)
- continue;
-
- /*
- * We've processed this frame for that work, so it can't
- * belong to another work struct.
- * NB: this is also required for correctness for 'rma'!
- */
- break;
- }
-
- switch (rma) {
- case WORK_ACT_MISMATCH:
- /* ignore this unmatched frame */
- break;
- case WORK_ACT_NONE:
- break;
- case WORK_ACT_DONE:
- list_del_rcu(&wk->list);
- break;
- default:
- WARN(1, "unexpected: %d", rma);
- }
-
- mutex_unlock(&local->mtx);
-
- if (rma != WORK_ACT_DONE)
- goto out;
-
- switch (wk->done(wk, skb)) {
- case WORK_DONE_DESTROY:
- free_work(wk);
- break;
- case WORK_DONE_REQUEUE:
- synchronize_rcu();
- wk->started = false; /* restart */
- mutex_lock(&local->mtx);
- list_add_tail(&wk->list, &local->work_list);
- mutex_unlock(&local->mtx);
- }
-
- out:
- kfree_skb(skb);
-}
-
static void ieee80211_work_timer(unsigned long data)
{
struct ieee80211_local *local = (void *) data;
@@ -877,7 +117,6 @@ static void ieee80211_work_work(struct work_struct *work)
{
struct ieee80211_local *local =
container_of(work, struct ieee80211_local, work_work);
- struct sk_buff *skb;
struct ieee80211_work *wk, *tmp;
LIST_HEAD(free_work);
enum work_action rma;
@@ -893,10 +132,6 @@ static void ieee80211_work_work(struct work_struct *work)
if (WARN(local->suspended, "work scheduled while going to suspend\n"))
return;
- /* first process frames to avoid timing out while a frame is pending */
- while ((skb = skb_dequeue(&local->work_skb_queue)))
- ieee80211_work_rx_queued_mgmt(local, skb);
-
mutex_lock(&local->mtx);
ieee80211_recalc_idle(local);
@@ -947,24 +182,12 @@ static void ieee80211_work_work(struct work_struct *work)
case IEEE80211_WORK_ABORT:
rma = WORK_ACT_TIMEOUT;
break;
- case IEEE80211_WORK_DIRECT_PROBE:
- rma = ieee80211_direct_probe(wk);
- break;
- case IEEE80211_WORK_AUTH:
- rma = ieee80211_authenticate(wk);
- break;
- case IEEE80211_WORK_ASSOC:
- rma = ieee80211_associate(wk);
- break;
case IEEE80211_WORK_REMAIN_ON_CHANNEL:
rma = ieee80211_remain_on_channel_timeout(wk);
break;
case IEEE80211_WORK_OFFCHANNEL_TX:
rma = ieee80211_offchannel_tx(wk);
break;
- case IEEE80211_WORK_ASSOC_BEACON_WAIT:
- rma = ieee80211_assoc_beacon_wait(wk);
- break;
}
wk->started = started;
@@ -1052,7 +275,6 @@ void ieee80211_work_init(struct ieee80211_local *local)
setup_timer(&local->work_timer, ieee80211_work_timer,
(unsigned long)local);
INIT_WORK(&local->work_work, ieee80211_work_work);
- skb_queue_head_init(&local->work_skb_queue);
}
void ieee80211_work_purge(struct ieee80211_sub_if_data *sdata)
@@ -1086,43 +308,6 @@ void ieee80211_work_purge(struct ieee80211_sub_if_data *sdata)
mutex_unlock(&local->mtx);
}
-ieee80211_rx_result ieee80211_work_rx_mgmt(struct ieee80211_sub_if_data *sdata,
- struct sk_buff *skb)
-{
- struct ieee80211_local *local = sdata->local;
- struct ieee80211_mgmt *mgmt;
- struct ieee80211_work *wk;
- u16 fc;
-
- if (skb->len < 24)
- return RX_DROP_MONITOR;
-
- mgmt = (struct ieee80211_mgmt *) skb->data;
- fc = le16_to_cpu(mgmt->frame_control);
-
- list_for_each_entry_rcu(wk, &local->work_list, list) {
- if (sdata != wk->sdata)
- continue;
- if (compare_ether_addr(wk->filter_ta, mgmt->sa))
- continue;
- if (compare_ether_addr(wk->filter_ta, mgmt->bssid))
- continue;
-
- switch (fc & IEEE80211_FCTL_STYPE) {
- case IEEE80211_STYPE_AUTH:
- case IEEE80211_STYPE_PROBE_RESP:
- case IEEE80211_STYPE_ASSOC_RESP:
- case IEEE80211_STYPE_REASSOC_RESP:
- case IEEE80211_STYPE_BEACON:
- skb_queue_tail(&local->work_skb_queue, skb);
- ieee80211_queue_work(&local->hw, &local->work_work);
- return RX_QUEUED;
- }
- }
-
- return RX_CONTINUE;
-}
-
static enum work_done_result ieee80211_remain_done(struct ieee80211_work *wk,
struct sk_buff *skb)
{
diff --git a/net/wireless/core.h b/net/wireless/core.h
index 43ad9c8..3ac2dd0 100644
--- a/net/wireless/core.h
+++ b/net/wireless/core.h
@@ -144,11 +144,6 @@ static inline struct cfg80211_internal_bss *bss_from_pub(struct cfg80211_bss *pu
return container_of(pub, struct cfg80211_internal_bss, pub);
}
-static inline void cfg80211_ref_bss(struct cfg80211_internal_bss *bss)
-{
- kref_get(&bss->ref);
-}
-
static inline void cfg80211_hold_bss(struct cfg80211_internal_bss *bss)
{
atomic_inc(&bss->hold);
@@ -325,15 +320,13 @@ int __cfg80211_mlme_auth(struct cfg80211_registered_device *rdev,
const u8 *bssid,
const u8 *ssid, int ssid_len,
const u8 *ie, int ie_len,
- const u8 *key, int key_len, int key_idx,
- bool local_state_change);
+ const u8 *key, int key_len, int key_idx);
int cfg80211_mlme_auth(struct cfg80211_registered_device *rdev,
struct net_device *dev, struct ieee80211_channel *chan,
enum nl80211_auth_type auth_type, const u8 *bssid,
const u8 *ssid, int ssid_len,
const u8 *ie, int ie_len,
- const u8 *key, int key_len, int key_idx,
- bool local_state_change);
+ const u8 *key, int key_len, int key_idx);
int __cfg80211_mlme_assoc(struct cfg80211_registered_device *rdev,
struct net_device *dev,
struct ieee80211_channel *chan,
@@ -421,7 +414,8 @@ void __cfg80211_disconnected(struct net_device *dev, const u8 *ie,
size_t ie_len, u16 reason, bool from_ap);
void cfg80211_sme_scan_done(struct net_device *dev);
void cfg80211_sme_rx_auth(struct net_device *dev, const u8 *buf, size_t len);
-void cfg80211_sme_disassoc(struct net_device *dev, int idx);
+void cfg80211_sme_disassoc(struct net_device *dev,
+ struct cfg80211_internal_bss *bss);
void __cfg80211_scan_done(struct work_struct *wk);
void ___cfg80211_scan_done(struct cfg80211_registered_device *rdev, bool leak);
void __cfg80211_sched_scan_results(struct work_struct *wk);
diff --git a/net/wireless/mlme.c b/net/wireless/mlme.c
index 438dfc1..d553d36 100644
--- a/net/wireless/mlme.c
+++ b/net/wireless/mlme.c
@@ -20,40 +20,18 @@ void cfg80211_send_rx_auth(struct net_device *dev, const u8 *buf, size_t len)
struct wireless_dev *wdev = dev->ieee80211_ptr;
struct wiphy *wiphy = wdev->wiphy;
struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
- struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf;
- u8 *bssid = mgmt->bssid;
- int i;
- u16 status = le16_to_cpu(mgmt->u.auth.status_code);
- bool done = false;
wdev_lock(wdev);
- for (i = 0; i < MAX_AUTH_BSSES; i++) {
- if (wdev->authtry_bsses[i] &&
- memcmp(wdev->authtry_bsses[i]->pub.bssid, bssid,
- ETH_ALEN) == 0) {
- if (status == WLAN_STATUS_SUCCESS) {
- wdev->auth_bsses[i] = wdev->authtry_bsses[i];
- } else {
- cfg80211_unhold_bss(wdev->authtry_bsses[i]);
- cfg80211_put_bss(&wdev->authtry_bsses[i]->pub);
- }
- wdev->authtry_bsses[i] = NULL;
- done = true;
- break;
- }
- }
-
- if (done) {
- nl80211_send_rx_auth(rdev, dev, buf, len, GFP_KERNEL);
- cfg80211_sme_rx_auth(dev, buf, len);
- }
+ nl80211_send_rx_auth(rdev, dev, buf, len, GFP_KERNEL);
+ cfg80211_sme_rx_auth(dev, buf, len);
wdev_unlock(wdev);
}
EXPORT_SYMBOL(cfg80211_send_rx_auth);
-void cfg80211_send_rx_assoc(struct net_device *dev, const u8 *buf, size_t len)
+void cfg80211_send_rx_assoc(struct net_device *dev, struct cfg80211_bss *bss,
+ const u8 *buf, size_t len)
{
u16 status_code;
struct wireless_dev *wdev = dev->ieee80211_ptr;
@@ -61,8 +39,7 @@ void cfg80211_send_rx_assoc(struct net_device *dev, const u8 *buf, size_t len)
struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf;
u8 *ie = mgmt->u.assoc_resp.variable;
- int i, ieoffs = offsetof(struct ieee80211_mgmt, u.assoc_resp.variable);
- struct cfg80211_internal_bss *bss = NULL;
+ int ieoffs = offsetof(struct ieee80211_mgmt, u.assoc_resp.variable);
wdev_lock(wdev);
@@ -75,43 +52,20 @@ void cfg80211_send_rx_assoc(struct net_device *dev, const u8 *buf, size_t len)
* frame instead of reassoc.
*/
if (status_code != WLAN_STATUS_SUCCESS && wdev->conn &&
- cfg80211_sme_failed_reassoc(wdev))
+ cfg80211_sme_failed_reassoc(wdev)) {
+ cfg80211_put_bss(bss);
goto out;
+ }
nl80211_send_rx_assoc(rdev, dev, buf, len, GFP_KERNEL);
- if (status_code == WLAN_STATUS_SUCCESS) {
- for (i = 0; i < MAX_AUTH_BSSES; i++) {
- if (!wdev->auth_bsses[i])
- continue;
- if (memcmp(wdev->auth_bsses[i]->pub.bssid, mgmt->bssid,
- ETH_ALEN) == 0) {
- bss = wdev->auth_bsses[i];
- wdev->auth_bsses[i] = NULL;
- /* additional reference to drop hold */
- cfg80211_ref_bss(bss);
- break;
- }
- }
-
- /*
- * We might be coming here because the driver reported
- * a successful association at the same time as the
- * user requested a deauth. In that case, we will have
- * removed the BSS from the auth_bsses list due to the
- * deauth request when the assoc response makes it. If
- * the two code paths acquire the lock the other way
- * around, that's just the standard situation of a
- * deauth being requested while connected.
- */
- if (!bss)
- goto out;
- } else if (wdev->conn) {
+ if (status_code != WLAN_STATUS_SUCCESS && wdev->conn) {
cfg80211_sme_failed_assoc(wdev);
/*
* do not call connect_result() now because the
* sme will schedule work that does it later.
*/
+ cfg80211_put_bss(bss);
goto out;
}
@@ -124,17 +78,10 @@ void cfg80211_send_rx_assoc(struct net_device *dev, const u8 *buf, size_t len)
wdev->sme_state = CFG80211_SME_CONNECTING;
}
- /* this consumes one bss reference (unless bss is NULL) */
+ /* this consumes the bss reference */
__cfg80211_connect_result(dev, mgmt->bssid, NULL, 0, ie, len - ieoffs,
status_code,
- status_code == WLAN_STATUS_SUCCESS,
- bss ? &bss->pub : NULL);
- /* drop hold now, and also reference acquired above */
- if (bss) {
- cfg80211_unhold_bss(bss);
- cfg80211_put_bss(&bss->pub);
- }
-
+ status_code == WLAN_STATUS_SUCCESS, bss);
out:
wdev_unlock(wdev);
}
@@ -148,8 +95,7 @@ void __cfg80211_send_deauth(struct net_device *dev,
struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf;
const u8 *bssid = mgmt->bssid;
- int i;
- bool found = false, was_current = false;
+ bool was_current = false;
ASSERT_WDEV_LOCK(wdev);
@@ -158,32 +104,9 @@ void __cfg80211_send_deauth(struct net_device *dev,
cfg80211_unhold_bss(wdev->current_bss);
cfg80211_put_bss(&wdev->current_bss->pub);
wdev->current_bss = NULL;
- found = true;
was_current = true;
- } else for (i = 0; i < MAX_AUTH_BSSES; i++) {
- if (wdev->auth_bsses[i] &&
- memcmp(wdev->auth_bsses[i]->pub.bssid, bssid, ETH_ALEN) == 0) {
- cfg80211_unhold_bss(wdev->auth_bsses[i]);
- cfg80211_put_bss(&wdev->auth_bsses[i]->pub);
- wdev->auth_bsses[i] = NULL;
- found = true;
- break;
- }
- if (wdev->authtry_bsses[i] &&
- memcmp(wdev->authtry_bsses[i]->pub.bssid, bssid,
- ETH_ALEN) == 0 &&
- memcmp(mgmt->sa, dev->dev_addr, ETH_ALEN) == 0) {
- cfg80211_unhold_bss(wdev->authtry_bsses[i]);
- cfg80211_put_bss(&wdev->authtry_bsses[i]->pub);
- wdev->authtry_bsses[i] = NULL;
- found = true;
- break;
- }
}
- if (!found)
- return;
-
nl80211_send_deauth(rdev, dev, buf, len, GFP_KERNEL);
if (wdev->sme_state == CFG80211_SME_CONNECTED && was_current) {
@@ -220,10 +143,8 @@ void __cfg80211_send_disassoc(struct net_device *dev,
struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf;
const u8 *bssid = mgmt->bssid;
- int i;
u16 reason_code;
bool from_ap;
- bool done = false;
ASSERT_WDEV_LOCK(wdev);
@@ -234,16 +155,10 @@ void __cfg80211_send_disassoc(struct net_device *dev,
if (wdev->current_bss &&
memcmp(wdev->current_bss->pub.bssid, bssid, ETH_ALEN) == 0) {
- for (i = 0; i < MAX_AUTH_BSSES; i++) {
- if (wdev->authtry_bsses[i] || wdev->auth_bsses[i])
- continue;
- wdev->auth_bsses[i] = wdev->current_bss;
- wdev->current_bss = NULL;
- done = true;
- cfg80211_sme_disassoc(dev, i);
- break;
- }
- WARN_ON(!done);
+ cfg80211_sme_disassoc(dev, wdev->current_bss);
+ cfg80211_unhold_bss(wdev->current_bss);
+ cfg80211_put_bss(&wdev->current_bss->pub);
+ wdev->current_bss = NULL;
} else
WARN_ON(1);
@@ -287,34 +202,6 @@ void cfg80211_send_unprot_disassoc(struct net_device *dev, const u8 *buf,
}
EXPORT_SYMBOL(cfg80211_send_unprot_disassoc);
-static void __cfg80211_auth_remove(struct wireless_dev *wdev, const u8 *addr)
-{
- int i;
- bool done = false;
-
- ASSERT_WDEV_LOCK(wdev);
-
- for (i = 0; addr && i < MAX_AUTH_BSSES; i++) {
- if (wdev->authtry_bsses[i] &&
- memcmp(wdev->authtry_bsses[i]->pub.bssid,
- addr, ETH_ALEN) == 0) {
- cfg80211_unhold_bss(wdev->authtry_bsses[i]);
- cfg80211_put_bss(&wdev->authtry_bsses[i]->pub);
- wdev->authtry_bsses[i] = NULL;
- done = true;
- break;
- }
- }
-
- WARN_ON(!done);
-}
-
-void __cfg80211_auth_canceled(struct net_device *dev, const u8 *addr)
-{
- __cfg80211_auth_remove(dev->ieee80211_ptr, addr);
-}
-EXPORT_SYMBOL(__cfg80211_auth_canceled);
-
void cfg80211_send_auth_timeout(struct net_device *dev, const u8 *addr)
{
struct wireless_dev *wdev = dev->ieee80211_ptr;
@@ -329,8 +216,6 @@ void cfg80211_send_auth_timeout(struct net_device *dev, const u8 *addr)
WLAN_STATUS_UNSPECIFIED_FAILURE,
false, NULL);
- __cfg80211_auth_remove(wdev, addr);
-
wdev_unlock(wdev);
}
EXPORT_SYMBOL(cfg80211_send_auth_timeout);
@@ -340,8 +225,6 @@ void cfg80211_send_assoc_timeout(struct net_device *dev, const u8 *addr)
struct wireless_dev *wdev = dev->ieee80211_ptr;
struct wiphy *wiphy = wdev->wiphy;
struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
- int i;
- bool done = false;
wdev_lock(wdev);
@@ -351,20 +234,6 @@ void cfg80211_send_assoc_timeout(struct net_device *dev, const u8 *addr)
WLAN_STATUS_UNSPECIFIED_FAILURE,
false, NULL);
- for (i = 0; addr && i < MAX_AUTH_BSSES; i++) {
- if (wdev->auth_bsses[i] &&
- memcmp(wdev->auth_bsses[i]->pub.bssid,
- addr, ETH_ALEN) == 0) {
- cfg80211_unhold_bss(wdev->auth_bsses[i]);
- cfg80211_put_bss(&wdev->auth_bsses[i]->pub);
- wdev->auth_bsses[i] = NULL;
- done = true;
- break;
- }
- }
-
- WARN_ON(!done);
-
wdev_unlock(wdev);
}
EXPORT_SYMBOL(cfg80211_send_assoc_timeout);
@@ -403,13 +272,11 @@ int __cfg80211_mlme_auth(struct cfg80211_registered_device *rdev,
const u8 *bssid,
const u8 *ssid, int ssid_len,
const u8 *ie, int ie_len,
- const u8 *key, int key_len, int key_idx,
- bool local_state_change)
+ const u8 *key, int key_len, int key_idx)
{
struct wireless_dev *wdev = dev->ieee80211_ptr;
struct cfg80211_auth_request req;
- struct cfg80211_internal_bss *bss;
- int i, err, slot = -1, nfree = 0;
+ int err;
ASSERT_WDEV_LOCK(wdev);
@@ -421,20 +288,8 @@ int __cfg80211_mlme_auth(struct cfg80211_registered_device *rdev,
memcmp(bssid, wdev->current_bss->pub.bssid, ETH_ALEN) == 0)
return -EALREADY;
- for (i = 0; i < MAX_AUTH_BSSES; i++) {
- if (wdev->authtry_bsses[i] &&
- memcmp(bssid, wdev->authtry_bsses[i]->pub.bssid,
- ETH_ALEN) == 0)
- return -EALREADY;
- if (wdev->auth_bsses[i] &&
- memcmp(bssid, wdev->auth_bsses[i]->pub.bssid,
- ETH_ALEN) == 0)
- return -EALREADY;
- }
-
memset(&req, 0, sizeof(req));
- req.local_state_change = local_state_change;
req.ie = ie;
req.ie_len = ie_len;
req.auth_type = auth_type;
@@ -446,39 +301,9 @@ int __cfg80211_mlme_auth(struct cfg80211_registered_device *rdev,
if (!req.bss)
return -ENOENT;
- bss = bss_from_pub(req.bss);
-
- for (i = 0; i < MAX_AUTH_BSSES; i++) {
- if (!wdev->auth_bsses[i] && !wdev->authtry_bsses[i]) {
- slot = i;
- nfree++;
- }
- }
-
- /* we need one free slot for disassoc and one for this auth */
- if (nfree < 2) {
- err = -ENOSPC;
- goto out;
- }
-
- if (local_state_change)
- wdev->auth_bsses[slot] = bss;
- else
- wdev->authtry_bsses[slot] = bss;
- cfg80211_hold_bss(bss);
-
err = rdev->ops->auth(&rdev->wiphy, dev, &req);
- if (err) {
- if (local_state_change)
- wdev->auth_bsses[slot] = NULL;
- else
- wdev->authtry_bsses[slot] = NULL;
- cfg80211_unhold_bss(bss);
- }
- out:
- if (err)
- cfg80211_put_bss(req.bss);
+ cfg80211_put_bss(req.bss);
return err;
}
@@ -487,15 +312,14 @@ int cfg80211_mlme_auth(struct cfg80211_registered_device *rdev,
enum nl80211_auth_type auth_type, const u8 *bssid,
const u8 *ssid, int ssid_len,
const u8 *ie, int ie_len,
- const u8 *key, int key_len, int key_idx,
- bool local_state_change)
+ const u8 *key, int key_len, int key_idx)
{
int err;
wdev_lock(dev->ieee80211_ptr);
err = __cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid,
ssid, ssid_len, ie, ie_len,
- key, key_len, key_idx, local_state_change);
+ key, key_len, key_idx);
wdev_unlock(dev->ieee80211_ptr);
return err;
@@ -530,8 +354,7 @@ int __cfg80211_mlme_assoc(struct cfg80211_registered_device *rdev,
{
struct wireless_dev *wdev = dev->ieee80211_ptr;
struct cfg80211_assoc_request req;
- struct cfg80211_internal_bss *bss;
- int i, err, slot = -1;
+ int err;
bool was_connected = false;
ASSERT_WDEV_LOCK(wdev);
@@ -573,26 +396,14 @@ int __cfg80211_mlme_assoc(struct cfg80211_registered_device *rdev,
return -ENOENT;
}
- bss = bss_from_pub(req.bss);
-
- for (i = 0; i < MAX_AUTH_BSSES; i++) {
- if (bss == wdev->auth_bsses[i]) {
- slot = i;
- break;
- }
- }
+ err = rdev->ops->assoc(&rdev->wiphy, dev, &req);
- if (slot < 0) {
- err = -ENOTCONN;
- goto out;
+ if (err) {
+ if (was_connected)
+ wdev->sme_state = CFG80211_SME_CONNECTED;
+ cfg80211_put_bss(req.bss);
}
- err = rdev->ops->assoc(&rdev->wiphy, dev, &req);
- out:
- if (err && was_connected)
- wdev->sme_state = CFG80211_SME_CONNECTED;
- /* still a reference in wdev->auth_bsses[slot] */
- cfg80211_put_bss(req.bss);
return err;
}
@@ -624,34 +435,25 @@ int __cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev,
bool local_state_change)
{
struct wireless_dev *wdev = dev->ieee80211_ptr;
- struct cfg80211_deauth_request req;
- int i;
+ struct cfg80211_deauth_request req = {
+ .bssid = bssid,
+ .reason_code = reason,
+ .ie = ie,
+ .ie_len = ie_len,
+ };
ASSERT_WDEV_LOCK(wdev);
- memset(&req, 0, sizeof(req));
- req.reason_code = reason;
- req.local_state_change = local_state_change;
- req.ie = ie;
- req.ie_len = ie_len;
- if (wdev->current_bss &&
- memcmp(wdev->current_bss->pub.bssid, bssid, ETH_ALEN) == 0) {
- req.bss = &wdev->current_bss->pub;
- } else for (i = 0; i < MAX_AUTH_BSSES; i++) {
- if (wdev->auth_bsses[i] &&
- memcmp(bssid, wdev->auth_bsses[i]->pub.bssid, ETH_ALEN) == 0) {
- req.bss = &wdev->auth_bsses[i]->pub;
- break;
- }
- if (wdev->authtry_bsses[i] &&
- memcmp(bssid, wdev->authtry_bsses[i]->pub.bssid, ETH_ALEN) == 0) {
- req.bss = &wdev->authtry_bsses[i]->pub;
- break;
+ if (local_state_change) {
+ if (wdev->current_bss &&
+ memcmp(wdev->current_bss->pub.bssid, bssid, ETH_ALEN) == 0) {
+ cfg80211_unhold_bss(wdev->current_bss);
+ cfg80211_put_bss(&wdev->current_bss->pub);
+ wdev->current_bss = NULL;
}
- }
- if (!req.bss)
- return -ENOTCONN;
+ return 0;
+ }
return rdev->ops->deauth(&rdev->wiphy, dev, &req, wdev);
}
@@ -722,7 +524,7 @@ void cfg80211_mlme_down(struct cfg80211_registered_device *rdev,
{
struct wireless_dev *wdev = dev->ieee80211_ptr;
struct cfg80211_deauth_request req;
- int i;
+ u8 bssid[ETH_ALEN];
ASSERT_WDEV_LOCK(wdev);
@@ -734,35 +536,17 @@ void cfg80211_mlme_down(struct cfg80211_registered_device *rdev,
req.ie = NULL;
req.ie_len = 0;
- if (wdev->current_bss) {
- req.bss = &wdev->current_bss->pub;
- rdev->ops->deauth(&rdev->wiphy, dev, &req, wdev);
- if (wdev->current_bss) {
- cfg80211_unhold_bss(wdev->current_bss);
- cfg80211_put_bss(&wdev->current_bss->pub);
- wdev->current_bss = NULL;
- }
- }
+ if (!wdev->current_bss)
+ return;
- for (i = 0; i < MAX_AUTH_BSSES; i++) {
- if (wdev->auth_bsses[i]) {
- req.bss = &wdev->auth_bsses[i]->pub;
- rdev->ops->deauth(&rdev->wiphy, dev, &req, wdev);
- if (wdev->auth_bsses[i]) {
- cfg80211_unhold_bss(wdev->auth_bsses[i]);
- cfg80211_put_bss(&wdev->auth_bsses[i]->pub);
- wdev->auth_bsses[i] = NULL;
- }
- }
- if (wdev->authtry_bsses[i]) {
- req.bss = &wdev->authtry_bsses[i]->pub;
- rdev->ops->deauth(&rdev->wiphy, dev, &req, wdev);
- if (wdev->authtry_bsses[i]) {
- cfg80211_unhold_bss(wdev->authtry_bsses[i]);
- cfg80211_put_bss(&wdev->authtry_bsses[i]->pub);
- wdev->authtry_bsses[i] = NULL;
- }
- }
+ memcpy(bssid, wdev->current_bss->pub.bssid, ETH_ALEN);
+ req.bssid = bssid;
+ rdev->ops->deauth(&rdev->wiphy, dev, &req, wdev);
+
+ if (wdev->current_bss) {
+ cfg80211_unhold_bss(wdev->current_bss);
+ cfg80211_put_bss(&wdev->current_bss->pub);
+ wdev->current_bss = NULL;
}
}
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index c910b07..fe27476 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -2654,13 +2654,6 @@ static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
break;
case NL80211_IFTYPE_P2P_CLIENT:
case NL80211_IFTYPE_STATION:
- /* disallow things sta doesn't support */
- if (params.plink_action)
- return -EINVAL;
- if (params.ht_capa)
- return -EINVAL;
- if (params.listen_interval >= 0)
- return -EINVAL;
/*
* Don't allow userspace to change the TDLS_PEER flag,
* but silently ignore attempts to change it since we
@@ -2668,7 +2661,15 @@ static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
* to change the flag.
*/
params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
-
+ /* fall through */
+ case NL80211_IFTYPE_ADHOC:
+ /* disallow things sta doesn't support */
+ if (params.plink_action)
+ return -EINVAL;
+ if (params.ht_capa)
+ return -EINVAL;
+ if (params.listen_interval >= 0)
+ return -EINVAL;
/* reject any changes other than AUTHORIZED */
if (params.sta_flags_mask & ~BIT(NL80211_STA_FLAG_AUTHORIZED))
return -EINVAL;
@@ -4083,7 +4084,6 @@ static int nl80211_send_bss(struct sk_buff *msg, struct netlink_callback *cb,
struct cfg80211_bss *res = &intbss->pub;
void *hdr;
struct nlattr *bss;
- int i;
ASSERT_WDEV_LOCK(wdev);
@@ -4136,13 +4136,6 @@ static int nl80211_send_bss(struct sk_buff *msg, struct netlink_callback *cb,
if (intbss == wdev->current_bss)
NLA_PUT_U32(msg, NL80211_BSS_STATUS,
NL80211_BSS_STATUS_ASSOCIATED);
- else for (i = 0; i < MAX_AUTH_BSSES; i++) {
- if (intbss != wdev->auth_bsses[i])
- continue;
- NLA_PUT_U32(msg, NL80211_BSS_STATUS,
- NL80211_BSS_STATUS_AUTHENTICATED);
- break;
- }
break;
case NL80211_IFTYPE_ADHOC:
if (intbss == wdev->current_bss)
@@ -4410,10 +4403,16 @@ static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info)
local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
+ /*
+ * Since we no longer track auth state, ignore
+ * requests to only change local state.
+ */
+ if (local_state_change)
+ return 0;
+
return cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid,
ssid, ssid_len, ie, ie_len,
- key.p.key, key.p.key_len, key.idx,
- local_state_change);
+ key.p.key, key.p.key_len, key.idx);
}
static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev,
@@ -4804,6 +4803,9 @@ static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info)
return PTR_ERR(connkeys);
}
+ ibss.control_port =
+ nla_get_flag(info->attrs[NL80211_ATTR_CONTROL_PORT]);
+
err = cfg80211_join_ibss(rdev, dev, &ibss, connkeys);
if (err)
kfree(connkeys);
@@ -5408,7 +5410,7 @@ static bool ht_rateset_to_mask(struct ieee80211_supported_band *sband,
rbit = BIT(rates[i] % 8);
/* check validity */
- if ((ridx < 0) || (ridx > IEEE80211_HT_MCS_MASK_LEN))
+ if ((ridx < 0) || (ridx >= IEEE80211_HT_MCS_MASK_LEN))
return false;
/* check availability */
diff --git a/net/wireless/scan.c b/net/wireless/scan.c
index 31119e3..afde7e5 100644
--- a/net/wireless/scan.c
+++ b/net/wireless/scan.c
@@ -861,6 +861,18 @@ cfg80211_inform_bss_frame(struct wiphy *wiphy,
}
EXPORT_SYMBOL(cfg80211_inform_bss_frame);
+void cfg80211_ref_bss(struct cfg80211_bss *pub)
+{
+ struct cfg80211_internal_bss *bss;
+
+ if (!pub)
+ return;
+
+ bss = container_of(pub, struct cfg80211_internal_bss, pub);
+ kref_get(&bss->ref);
+}
+EXPORT_SYMBOL(cfg80211_ref_bss);
+
void cfg80211_put_bss(struct cfg80211_bss *pub)
{
struct cfg80211_internal_bss *bss;
diff --git a/net/wireless/sme.c b/net/wireless/sme.c
index 7b9ecae..f7e937f 100644
--- a/net/wireless/sme.c
+++ b/net/wireless/sme.c
@@ -179,7 +179,7 @@ static int cfg80211_conn_do_work(struct wireless_dev *wdev)
params->ssid, params->ssid_len,
NULL, 0,
params->key, params->key_len,
- params->key_idx, false);
+ params->key_idx);
case CFG80211_CONN_ASSOCIATE_NEXT:
BUG_ON(!rdev->ops->assoc);
wdev->conn->state = CFG80211_CONN_ASSOCIATING;
@@ -477,6 +477,7 @@ void __cfg80211_connect_result(struct net_device *dev, const u8 *bssid,
kfree(wdev->connect_keys);
wdev->connect_keys = NULL;
wdev->ssid_len = 0;
+ cfg80211_put_bss(bss);
return;
}
@@ -701,31 +702,10 @@ void __cfg80211_disconnected(struct net_device *dev, const u8 *ie,
wdev->ssid_len = 0;
if (wdev->conn) {
- const u8 *bssid;
- int ret;
-
kfree(wdev->conn->ie);
wdev->conn->ie = NULL;
kfree(wdev->conn);
wdev->conn = NULL;
-
- /*
- * If this disconnect was due to a disassoc, we
- * we might still have an auth BSS around. For
- * the userspace SME that's currently expected,
- * but for the kernel SME (nl80211 CONNECT or
- * wireless extensions) we want to clear up all
- * state.
- */
- for (i = 0; i < MAX_AUTH_BSSES; i++) {
- if (!wdev->auth_bsses[i])
- continue;
- bssid = wdev->auth_bsses[i]->pub.bssid;
- ret = __cfg80211_mlme_deauth(rdev, dev, bssid, NULL, 0,
- WLAN_REASON_DEAUTH_LEAVING,
- false);
- WARN(ret, "deauth failed: %d\n", ret);
- }
}
nl80211_send_disconnected(rdev, dev, reason, ie, ie_len, from_ap);
@@ -1012,7 +992,8 @@ int cfg80211_disconnect(struct cfg80211_registered_device *rdev,
return err;
}
-void cfg80211_sme_disassoc(struct net_device *dev, int idx)
+void cfg80211_sme_disassoc(struct net_device *dev,
+ struct cfg80211_internal_bss *bss)
{
struct wireless_dev *wdev = dev->ieee80211_ptr;
struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
@@ -1031,16 +1012,8 @@ void cfg80211_sme_disassoc(struct net_device *dev, int idx)
* want it any more so deauthenticate too.
*/
- if (!wdev->auth_bsses[idx])
- return;
+ memcpy(bssid, bss->pub.bssid, ETH_ALEN);
- memcpy(bssid, wdev->auth_bsses[idx]->pub.bssid, ETH_ALEN);
- if (__cfg80211_mlme_deauth(rdev, dev, bssid,
- NULL, 0, WLAN_REASON_DEAUTH_LEAVING,
- false)) {
- /* whatever -- assume gone anyway */
- cfg80211_unhold_bss(wdev->auth_bsses[idx]);
- cfg80211_put_bss(&wdev->auth_bsses[idx]->pub);
- wdev->auth_bsses[idx] = NULL;
- }
+ __cfg80211_mlme_deauth(rdev, dev, bssid, NULL, 0,
+ WLAN_REASON_DEAUTH_LEAVING, false);
}