projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
ath9k: fix TX power reporting on AR9003 chips
[linux-2.6-block.git] / net / mac80211 / mesh_plink.c
CommitLineData
c3896d2c 1/*
264d9b7d 2 * Copyright (c) 2008, 2009 open80211s Ltd.
c3896d2c
LCC		 3 * Author: Luis Carlos Cobo <luisca@cozybit.com>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
5a0e3ad6 9#include <linux/gfp.h>
902acc78
JB		 10#include <linux/kernel.h>
11#include <linux/random.h>
c3896d2c 12#include "ieee80211_i.h"
2c8dccc7 13#include "rate.h"
c3896d2c 14#include "mesh.h"
c3896d2c
LCC		 15
16#ifdef CONFIG_MAC80211_VERBOSE_MPL_DEBUG
17#define mpl_dbg(fmt, args...) printk(KERN_DEBUG fmt, ##args)
18#else
19#define mpl_dbg(fmt, args...) do { (void)(0); } while (0)
20#endif
21
8db09850
TP		 22#define PLINK_GET_LLID(p) (p + 2)
23#define PLINK_GET_PLID(p) (p + 4)
c3896d2c
LCC		 24
25#define mod_plink_timer(s, t) (mod_timer(&s->plink_timer, \
26 jiffies + HZ * t / 1000))
27
472dbc45
JB		 28#define dot11MeshMaxRetries(s) (s->u.mesh.mshcfg.dot11MeshMaxRetries)
29#define dot11MeshRetryTimeout(s) (s->u.mesh.mshcfg.dot11MeshRetryTimeout)
30#define dot11MeshConfirmTimeout(s) (s->u.mesh.mshcfg.dot11MeshConfirmTimeout)
31#define dot11MeshHoldingTimeout(s) (s->u.mesh.mshcfg.dot11MeshHoldingTimeout)
32#define dot11MeshMaxPeerLinks(s) (s->u.mesh.mshcfg.dot11MeshMaxPeerLinks)
c3896d2c 33
3d4f9699
AN		 34/* We only need a valid sta if user configured a minimum rssi_threshold. */
35#define rssi_threshold_check(sta, sdata) \
55335137 36 (sdata->u.mesh.mshcfg.rssi_threshold == 0 ||\
3d4f9699
AN		 37 (sta && (s8) -ewma_read(&sta->avg_signal) > \
38 sdata->u.mesh.mshcfg.rssi_threshold))
55335137 39
c3896d2c
LCC		 40enum plink_event {
41 PLINK_UNDEFINED,
42 OPN_ACPT,
43 OPN_RJCT,
44 OPN_IGNR,
45 CNF_ACPT,
46 CNF_RJCT,
47 CNF_IGNR,
48 CLS_ACPT,
49 CLS_IGNR
50};
51
ba4a14e1
TP		 52static int mesh_plink_frame_tx(struct ieee80211_sub_if_data *sdata,
53 enum ieee80211_self_protected_actioncode action,
54 u8 *da, __le16 llid, __le16 plid, __le16 reason);
55
c3896d2c
LCC		 56static inline
57void mesh_plink_inc_estab_count(struct ieee80211_sub_if_data *sdata)
58{
472dbc45 59 atomic_inc(&sdata->u.mesh.mshstats.estab_plinks);
d0709a65 60 mesh_accept_plinks_update(sdata);
c3896d2c
LCC		 61}
62
63static inline
64void mesh_plink_dec_estab_count(struct ieee80211_sub_if_data *sdata)
65{
472dbc45 66 atomic_dec(&sdata->u.mesh.mshstats.estab_plinks);
d0709a65 67 mesh_accept_plinks_update(sdata);
c3896d2c
LCC		 68}
69
70/**
71 * mesh_plink_fsm_restart - restart a mesh peer link finite state machine
72 *
23c7a29c 73 * @sta: mesh peer link to restart
c3896d2c 74 *
07346f81 75 * Locking: this function must be called holding sta->lock
c3896d2c
LCC		 76 */
77static inline void mesh_plink_fsm_restart(struct sta_info *sta)
78{
57cf8043 79 sta->plink_state = NL80211_PLINK_LISTEN;
37659ff8
LCC		 80 sta->llid = sta->plid = sta->reason = 0;
81 sta->plink_retries = 0;
c3896d2c
LCC		 82}
83
93e5deb1
JB		 84/*
85 * NOTE: This is just an alias for sta_info_alloc(), see notes
86 * on it in the lifecycle management section!
87 */
03e4497e 88static struct sta_info *mesh_plink_alloc(struct ieee80211_sub_if_data *sdata,
739522ba
TP		 89 u8 *hw_addr, u32 rates,
90 struct ieee802_11_elems *elems)
c3896d2c 91{
d0709a65 92 struct ieee80211_local *local = sdata->local;
739522ba 93 struct ieee80211_supported_band *sband;
c3896d2c
LCC		 94 struct sta_info *sta;
95
739522ba
TP		 96 sband = local->hw.wiphy->bands[local->oper_channel->band];
97
c3896d2c 98 if (local->num_sta >= MESH_MAX_PLINKS)
73651ee6 99 return NULL;
c3896d2c 100
34e89507 101 sta = sta_info_alloc(sdata, hw_addr, GFP_KERNEL);
73651ee6
JB		 102 if (!sta)
103 return NULL;
c3896d2c 104
83d5cc01
JB		 105 sta_info_pre_move_state(sta, IEEE80211_STA_AUTH);
106 sta_info_pre_move_state(sta, IEEE80211_STA_ASSOC);
107 sta_info_pre_move_state(sta, IEEE80211_STA_AUTHORIZED);
d9a7ddb0 108
c2c98fde 109 set_sta_flag(sta, WLAN_STA_WME);
d9a7ddb0 110
323ce79a 111 sta->sta.supp_rates[local->hw.conf.channel->band] = rates;
739522ba 112 if (elems->ht_cap_elem)
ef96a842
BG		 113 ieee80211_ht_cap_ie_to_sta_ht_cap(sdata, sband,
114 elems->ht_cap_elem,
739522ba 115 &sta->sta.ht_cap);
b973c31a 116 rate_control_rate_init(sta);
c3896d2c
LCC		 117
118 return sta;
119}
120
121/**
c9370197 122 * __mesh_plink_deactivate - deactivate mesh peer link
c3896d2c
LCC		 123 *
124 * @sta: mesh peer link to deactivate
125 *
126 * All mesh paths with this peer as next hop will be flushed
127 *
07346f81 128 * Locking: the caller must hold sta->lock
c3896d2c 129 */
c9370197 130static bool __mesh_plink_deactivate(struct sta_info *sta)
c3896d2c 131{
d0709a65 132 struct ieee80211_sub_if_data *sdata = sta->sdata;
c9370197 133 bool deactivated = false;
d0709a65 134
57cf8043 135 if (sta->plink_state == NL80211_PLINK_ESTAB) {
c3896d2c 136 mesh_plink_dec_estab_count(sdata);
c9370197
JL		 137 deactivated = true;
138 }
57cf8043 139 sta->plink_state = NL80211_PLINK_BLOCKED;
c3896d2c 140 mesh_path_flush_by_nexthop(sta);
c9370197
JL		 141
142 return deactivated;
c3896d2c
LCC		 143}
144
902acc78 145/**
c9370197 146 * mesh_plink_deactivate - deactivate mesh peer link
902acc78
JB		 147 *
148 * @sta: mesh peer link to deactivate
149 *
150 * All mesh paths with this peer as next hop will be flushed
151 */
152void mesh_plink_deactivate(struct sta_info *sta)
153{
c9370197
JL		 154 struct ieee80211_sub_if_data *sdata = sta->sdata;
155 bool deactivated;
156
07346f81 157 spin_lock_bh(&sta->lock);
c9370197 158 deactivated = __mesh_plink_deactivate(sta);
ba4a14e1
TP		 159 sta->reason = cpu_to_le16(WLAN_REASON_MESH_PEER_CANCELED);
160 mesh_plink_frame_tx(sdata, WLAN_SP_MESH_PEERING_CLOSE,
161 sta->sta.addr, sta->llid, sta->plid,
162 sta->reason);
07346f81 163 spin_unlock_bh(&sta->lock);
c9370197
JL		 164
165 if (deactivated)
166 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON);
902acc78
JB		 167}
168
f698d856 169static int mesh_plink_frame_tx(struct ieee80211_sub_if_data *sdata,
54ef656b
TP		 170 enum ieee80211_self_protected_actioncode action,
171 u8 *da, __le16 llid, __le16 plid, __le16 reason) {
f698d856 172 struct ieee80211_local *local = sdata->local;
3b69a9c5 173 struct sk_buff *skb;
c3896d2c
LCC		 174 struct ieee80211_mgmt *mgmt;
175 bool include_plid = false;
8db09850 176 u16 peering_proto = 0;
3b69a9c5
TP		 177 u8 *pos, ie_len = 4;
178 int hdr_len = offsetof(struct ieee80211_mgmt, u.action.u.self_prot) +
179 sizeof(mgmt->u.action.u.self_prot);
180
65e8b0cc 181 skb = dev_alloc_skb(local->tx_headroom +
3b69a9c5
TP		 182 hdr_len +
183 2 + /* capability info */
184 2 + /* AID */
185 2 + 8 + /* supported rates */
186 2 + (IEEE80211_MAX_SUPP_RATES - 8) +
187 2 + sdata->u.mesh.mesh_id_len +
188 2 + sizeof(struct ieee80211_meshconf_ie) +
176f3608 189 2 + sizeof(struct ieee80211_ht_cap) +
074d46d1 190 2 + sizeof(struct ieee80211_ht_operation) +
3b69a9c5
TP		 191 2 + 8 + /* peering IE */
192 sdata->u.mesh.ie_len);
c3896d2c
LCC		 193 if (!skb)
194 return -1;
65e8b0cc 195 skb_reserve(skb, local->tx_headroom);
3b69a9c5
TP		 196 mgmt = (struct ieee80211_mgmt *) skb_put(skb, hdr_len);
197 memset(mgmt, 0, hdr_len);
e7827a70
HH		 198 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
199 IEEE80211_STYPE_ACTION);
c3896d2c 200 memcpy(mgmt->da, da, ETH_ALEN);
47846c9b 201 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
915b5c50 202 memcpy(mgmt->bssid, sdata->vif.addr, ETH_ALEN);
8db09850
TP		 203 mgmt->u.action.category = WLAN_CATEGORY_SELF_PROTECTED;
204 mgmt->u.action.u.self_prot.action_code = action;
c3896d2c 205
8db09850
TP		 206 if (action != WLAN_SP_MESH_PEERING_CLOSE) {
207 /* capability info */
208 pos = skb_put(skb, 2);
209 memset(pos, 0, 2);
54ef656b 210 if (action == WLAN_SP_MESH_PEERING_CONFIRM) {
8db09850
TP		 211 /* AID */
212 pos = skb_put(skb, 2);
77fa76bb 213 memcpy(pos + 2, &plid, 2);
c3896d2c 214 }
657c3e0c
AN		 215 if (ieee80211_add_srates_ie(&sdata->vif, skb, true) ||
216 ieee80211_add_ext_srates_ie(&sdata->vif, skb, true) ||
082ebb0c
TP		 217 mesh_add_rsn_ie(skb, sdata) ||
218 mesh_add_meshid_ie(skb, sdata) ||
219 mesh_add_meshconf_ie(skb, sdata))
220 return -1;
8db09850
TP		 221 } else { /* WLAN_SP_MESH_PEERING_CLOSE */
222 if (mesh_add_meshid_ie(skb, sdata))
223 return -1;
c3896d2c
LCC		 224 }
225
8db09850 226 /* Add Mesh Peering Management element */
c3896d2c 227 switch (action) {
54ef656b 228 case WLAN_SP_MESH_PEERING_OPEN:
c3896d2c 229 break;
54ef656b 230 case WLAN_SP_MESH_PEERING_CONFIRM:
8db09850 231 ie_len += 2;
c3896d2c
LCC		 232 include_plid = true;
233 break;
54ef656b 234 case WLAN_SP_MESH_PEERING_CLOSE:
8db09850
TP		 235 if (plid) {
236 ie_len += 2;
c3896d2c
LCC		 237 include_plid = true;
238 }
8db09850 239 ie_len += 2; /* reason code */
c3896d2c 240 break;
8db09850
TP		 241 default:
242 return -EINVAL;
c3896d2c
LCC		 243 }
244
8db09850
TP		 245 if (WARN_ON(skb_tailroom(skb) < 2 + ie_len))
246 return -ENOMEM;
247
c3896d2c 248 pos = skb_put(skb, 2 + ie_len);
8db09850 249 *pos++ = WLAN_EID_PEER_MGMT;
c3896d2c 250 *pos++ = ie_len;
8db09850
TP		 251 memcpy(pos, &peering_proto, 2);
252 pos += 2;
c3896d2c 253 memcpy(pos, &llid, 2);
8db09850 254 pos += 2;
c3896d2c 255 if (include_plid) {
c3896d2c 256 memcpy(pos, &plid, 2);
8db09850 257 pos += 2;
c3896d2c 258 }
54ef656b 259 if (action == WLAN_SP_MESH_PEERING_CLOSE) {
c3896d2c 260 memcpy(pos, &reason, 2);
8db09850 261 pos += 2;
c3896d2c 262 }
176f3608
TP		 263
264 if (action != WLAN_SP_MESH_PEERING_CLOSE) {
265 if (mesh_add_ht_cap_ie(skb, sdata) ||
074d46d1 266 mesh_add_ht_oper_ie(skb, sdata))
176f3608
TP		 267 return -1;
268 }
269
8db09850
TP		 270 if (mesh_add_vendor_ies(skb, sdata))
271 return -1;
c3896d2c 272
62ae67be 273 ieee80211_tx_skb(sdata, skb);
c3896d2c
LCC		 274 return 0;
275}
276
1570ca59
JC		 277void mesh_neighbour_update(u8 *hw_addr, u32 rates,
278 struct ieee80211_sub_if_data *sdata,
279 struct ieee802_11_elems *elems)
c3896d2c 280{
f698d856 281 struct ieee80211_local *local = sdata->local;
c3896d2c
LCC		 282 struct sta_info *sta;
283
d0709a65
JB		 284 rcu_read_lock();
285
abe60632 286 sta = sta_info_get(sdata, hw_addr);
c3896d2c 287 if (!sta) {
34e89507 288 rcu_read_unlock();
1570ca59
JC		 289 /* Userspace handles peer allocation when security is enabled
290 * */
b130e5ce 291 if (sdata->u.mesh.security & IEEE80211_MESH_SEC_AUTHED)
1570ca59
JC		 292 cfg80211_notify_new_peer_candidate(sdata->dev, hw_addr,
293 elems->ie_start, elems->total_len,
294 GFP_KERNEL);
295 else
739522ba 296 sta = mesh_plink_alloc(sdata, hw_addr, rates, elems);
34e89507 297 if (!sta)
73651ee6 298 return;
34e89507 299 if (sta_info_insert_rcu(sta)) {
d0709a65 300 rcu_read_unlock();
c3896d2c 301 return;
d0709a65 302 }
c3896d2c
LCC		 303 }
304
305 sta->last_rx = jiffies;
323ce79a 306 sta->sta.supp_rates[local->hw.conf.channel->band] = rates;
1570ca59 307 if (mesh_peer_accepts_plinks(elems) &&
57cf8043 308 sta->plink_state == NL80211_PLINK_LISTEN &&
472dbc45 309 sdata->u.mesh.accepting_plinks &&
55335137 310 sdata->u.mesh.mshcfg.auto_open_plinks &&
3d4f9699 311 rssi_threshold_check(sta, sdata))
c3896d2c
LCC		 312 mesh_plink_open(sta);
313
d0709a65 314 rcu_read_unlock();
c3896d2c
LCC		 315}
316
317static void mesh_plink_timer(unsigned long data)
318{
319 struct sta_info *sta;
320 __le16 llid, plid, reason;
c3896d2c 321 struct ieee80211_sub_if_data *sdata;
c3896d2c 322
d0709a65
JB		 323 /*
324 * This STA is valid because sta_info_destroy() will
325 * del_timer_sync() this timer after having made sure
326 * it cannot be readded (by deleting the plink.)
327 */
c3896d2c
LCC		 328 sta = (struct sta_info *) data;
329
5bb644a0
JB		 330 if (sta->sdata->local->quiescing) {
331 sta->plink_timer_was_running = true;
332 return;
333 }
334
07346f81 335 spin_lock_bh(&sta->lock);
c3896d2c
LCC		 336 if (sta->ignore_plink_timer) {
337 sta->ignore_plink_timer = false;
07346f81 338 spin_unlock_bh(&sta->lock);
c3896d2c
LCC		 339 return;
340 }
0c68ae26
JB		 341 mpl_dbg("Mesh plink timer for %pM fired on state %d\n",
342 sta->sta.addr, sta->plink_state);
c3896d2c
LCC		 343 reason = 0;
344 llid = sta->llid;
345 plid = sta->plid;
d0709a65 346 sdata = sta->sdata;
c3896d2c
LCC		 347
348 switch (sta->plink_state) {
57cf8043
JC		 349 case NL80211_PLINK_OPN_RCVD:
350 case NL80211_PLINK_OPN_SNT:
c3896d2c
LCC		 351 /* retry timer */
352 if (sta->plink_retries < dot11MeshMaxRetries(sdata)) {
353 u32 rand;
0c68ae26
JB		 354 mpl_dbg("Mesh plink for %pM (retry, timeout): %d %d\n",
355 sta->sta.addr, sta->plink_retries,
356 sta->plink_timeout);
c3896d2c
LCC		 357 get_random_bytes(&rand, sizeof(u32));
358 sta->plink_timeout = sta->plink_timeout +
359 rand % sta->plink_timeout;
360 ++sta->plink_retries;
d0709a65 361 mod_plink_timer(sta, sta->plink_timeout);
07346f81 362 spin_unlock_bh(&sta->lock);
54ef656b
TP		 363 mesh_plink_frame_tx(sdata, WLAN_SP_MESH_PEERING_OPEN,
364 sta->sta.addr, llid, 0, 0);
c3896d2c
LCC		 365 break;
366 }
54ef656b 367 reason = cpu_to_le16(WLAN_REASON_MESH_MAX_RETRIES);
c3896d2c 368 /* fall through on else */
57cf8043 369 case NL80211_PLINK_CNF_RCVD:
c3896d2c
LCC		 370 /* confirm timer */
371 if (!reason)
54ef656b 372 reason = cpu_to_le16(WLAN_REASON_MESH_CONFIRM_TIMEOUT);
57cf8043 373 sta->plink_state = NL80211_PLINK_HOLDING;
d0709a65 374 mod_plink_timer(sta, dot11MeshHoldingTimeout(sdata));
07346f81 375 spin_unlock_bh(&sta->lock);
54ef656b
TP		 376 mesh_plink_frame_tx(sdata, WLAN_SP_MESH_PEERING_CLOSE,
377 sta->sta.addr, llid, plid, reason);
c3896d2c 378 break;
57cf8043 379 case NL80211_PLINK_HOLDING:
c3896d2c 380 /* holding timer */
d0709a65 381 del_timer(&sta->plink_timer);
c3896d2c 382 mesh_plink_fsm_restart(sta);
07346f81 383 spin_unlock_bh(&sta->lock);
c3896d2c
LCC		 384 break;
385 default:
07346f81 386 spin_unlock_bh(&sta->lock);
c3896d2c
LCC		 387 break;
388 }
c3896d2c
LCC		 389}
390
5bb644a0
JB		 391#ifdef CONFIG_PM
392void mesh_plink_quiesce(struct sta_info *sta)
393{
394 if (del_timer_sync(&sta->plink_timer))
395 sta->plink_timer_was_running = true;
396}
397
398void mesh_plink_restart(struct sta_info *sta)
399{
400 if (sta->plink_timer_was_running) {
401 add_timer(&sta->plink_timer);
402 sta->plink_timer_was_running = false;
403 }
404}
405#endif
406
c3896d2c
LCC		 407static inline void mesh_plink_timer_set(struct sta_info *sta, int timeout)
408{
409 sta->plink_timer.expires = jiffies + (HZ * timeout / 1000);
410 sta->plink_timer.data = (unsigned long) sta;
411 sta->plink_timer.function = mesh_plink_timer;
412 sta->plink_timeout = timeout;
c3896d2c
LCC		 413 add_timer(&sta->plink_timer);
414}
415
416int mesh_plink_open(struct sta_info *sta)
417{
418 __le16 llid;
d0709a65 419 struct ieee80211_sub_if_data *sdata = sta->sdata;
c3896d2c 420
c2c98fde 421 if (!test_sta_flag(sta, WLAN_STA_AUTH))
53e80511
JC		 422 return -EPERM;
423
07346f81 424 spin_lock_bh(&sta->lock);
c3896d2c
LCC		 425 get_random_bytes(&llid, 2);
426 sta->llid = llid;
57cf8043 427 if (sta->plink_state != NL80211_PLINK_LISTEN) {
07346f81 428 spin_unlock_bh(&sta->lock);
c3896d2c
LCC		 429 return -EBUSY;
430 }
57cf8043 431 sta->plink_state = NL80211_PLINK_OPN_SNT;
c3896d2c 432 mesh_plink_timer_set(sta, dot11MeshRetryTimeout(sdata));
07346f81 433 spin_unlock_bh(&sta->lock);
0c68ae26
JB		 434 mpl_dbg("Mesh plink: starting establishment with %pM\n",
435 sta->sta.addr);
c3896d2c 436
54ef656b 437 return mesh_plink_frame_tx(sdata, WLAN_SP_MESH_PEERING_OPEN,
17741cdc 438 sta->sta.addr, llid, 0, 0);
c3896d2c
LCC		 439}
440
441void mesh_plink_block(struct sta_info *sta)
442{
c9370197
JL		 443 struct ieee80211_sub_if_data *sdata = sta->sdata;
444 bool deactivated;
445
07346f81 446 spin_lock_bh(&sta->lock);
c9370197 447 deactivated = __mesh_plink_deactivate(sta);
57cf8043 448 sta->plink_state = NL80211_PLINK_BLOCKED;
07346f81 449 spin_unlock_bh(&sta->lock);
c9370197
JL		 450
451 if (deactivated)
452 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON);
c3896d2c
LCC		 453}
454
c3896d2c 455
f698d856 456void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_mgmt *mgmt,
c3896d2c
LCC		 457 size_t len, struct ieee80211_rx_status *rx_status)
458{
d0709a65 459 struct ieee80211_local *local = sdata->local;
c3896d2c
LCC		 460 struct ieee802_11_elems elems;
461 struct sta_info *sta;
462 enum plink_event event;
54ef656b 463 enum ieee80211_self_protected_actioncode ftype;
c3896d2c 464 size_t baselen;
d12c7452 465 bool deactivated, matches_local = true;
c3896d2c
LCC		 466 u8 ie_len;
467 u8 *baseaddr;
9ebb61a2 468 u32 rates, basic_rates = 0;
c3896d2c 469 __le16 plid, llid, reason;
1460dd15
RP		 470#ifdef CONFIG_MAC80211_VERBOSE_MPL_DEBUG
471 static const char *mplstates[] = {
57cf8043
JC		 472 [NL80211_PLINK_LISTEN] = "LISTEN",
473 [NL80211_PLINK_OPN_SNT] = "OPN-SNT",
474 [NL80211_PLINK_OPN_RCVD] = "OPN-RCVD",
475 [NL80211_PLINK_CNF_RCVD] = "CNF_RCVD",
476 [NL80211_PLINK_ESTAB] = "ESTAB",
477 [NL80211_PLINK_HOLDING] = "HOLDING",
478 [NL80211_PLINK_BLOCKED] = "BLOCKED"
1460dd15
RP		 479 };
480#endif
c3896d2c 481
9c80d3dc
JB		 482 /* need action_code, aux */
483 if (len < IEEE80211_MIN_ACTION_SIZE + 3)
484 return;
485
c3896d2c
LCC		 486 if (is_multicast_ether_addr(mgmt->da)) {
487 mpl_dbg("Mesh plink: ignore frame from multicast address");
488 return;
489 }
490
8db09850
TP		 491 baseaddr = mgmt->u.action.u.self_prot.variable;
492 baselen = (u8 *) mgmt->u.action.u.self_prot.variable - (u8 *) mgmt;
493 if (mgmt->u.action.u.self_prot.action_code ==
54ef656b 494 WLAN_SP_MESH_PEERING_CONFIRM) {
c3896d2c 495 baseaddr += 4;
70bdb6b2 496 baselen += 4;
c3896d2c
LCC		 497 }
498 ieee802_11_parse_elems(baseaddr, len - baselen, &elems);
8db09850 499 if (!elems.peering) {
c3896d2c
LCC		 500 mpl_dbg("Mesh plink: missing necessary peer link ie\n");
501 return;
502 }
b130e5ce
JC		 503 if (elems.rsn_len &&
504 sdata->u.mesh.security == IEEE80211_MESH_SEC_NONE) {
5cff5e01
JC		 505 mpl_dbg("Mesh plink: can't establish link with secure peer\n");
506 return;
507 }
c3896d2c 508
8db09850
TP		 509 ftype = mgmt->u.action.u.self_prot.action_code;
510 ie_len = elems.peering_len;
511 if ((ftype == WLAN_SP_MESH_PEERING_OPEN && ie_len != 4) ||
512 (ftype == WLAN_SP_MESH_PEERING_CONFIRM && ie_len != 6) ||
513 (ftype == WLAN_SP_MESH_PEERING_CLOSE && ie_len != 6
514 && ie_len != 8)) {
0938393f
RP		 515 mpl_dbg("Mesh plink: incorrect plink ie length %d %d\n",
516 ftype, ie_len);
c3896d2c
LCC		 517 return;
518 }
519
54ef656b
TP		 520 if (ftype != WLAN_SP_MESH_PEERING_CLOSE &&
521 (!elems.mesh_id || !elems.mesh_config)) {
c3896d2c
LCC		 522 mpl_dbg("Mesh plink: missing necessary ie\n");
523 return;
524 }
525 /* Note the lines below are correct, the llid in the frame is the plid
526 * from the point of view of this host.
527 */
8db09850 528 memcpy(&plid, PLINK_GET_LLID(elems.peering), 2);
54ef656b 529 if (ftype == WLAN_SP_MESH_PEERING_CONFIRM ||
8db09850
TP		 530 (ftype == WLAN_SP_MESH_PEERING_CLOSE && ie_len == 8))
531 memcpy(&llid, PLINK_GET_PLID(elems.peering), 2);
c3896d2c 532
d0709a65
JB		 533 rcu_read_lock();
534
abe60632 535 sta = sta_info_get(sdata, mgmt->sa);
54ef656b 536 if (!sta && ftype != WLAN_SP_MESH_PEERING_OPEN) {
c3896d2c 537 mpl_dbg("Mesh plink: cls or cnf from unknown peer\n");
d0709a65 538 rcu_read_unlock();
c3896d2c
LCC		 539 return;
540 }
541
55335137 542 if (ftype == WLAN_SP_MESH_PEERING_OPEN &&
3d4f9699 543 !rssi_threshold_check(sta, sdata)) {
55335137 544 mpl_dbg("Mesh plink: %pM does not meet rssi threshold\n",
3d4f9699 545 mgmt->sa);
55335137
AN		 546 rcu_read_unlock();
547 return;
548 }
549
c2c98fde 550 if (sta && !test_sta_flag(sta, WLAN_STA_AUTH)) {
53e80511
JC		 551 mpl_dbg("Mesh plink: Action frame from non-authed peer\n");
552 rcu_read_unlock();
553 return;
554 }
555
57cf8043 556 if (sta && sta->plink_state == NL80211_PLINK_BLOCKED) {
d0709a65 557 rcu_read_unlock();
c3896d2c
LCC		 558 return;
559 }
560
561 /* Now we will figure out the appropriate event... */
562 event = PLINK_UNDEFINED;
9ebb61a2
AN		 563 rates = ieee80211_sta_get_rates(local, &elems,
564 rx_status->band, &basic_rates);
565
54ef656b 566 if (ftype != WLAN_SP_MESH_PEERING_CLOSE &&
fe40cb62 567 (!mesh_matches_local(&elems, sdata, basic_rates))) {
d12c7452 568 matches_local = false;
c3896d2c 569 switch (ftype) {
54ef656b 570 case WLAN_SP_MESH_PEERING_OPEN:
c3896d2c
LCC		 571 event = OPN_RJCT;
572 break;
54ef656b 573 case WLAN_SP_MESH_PEERING_CONFIRM:
c3896d2c
LCC		 574 event = CNF_RJCT;
575 break;
54ef656b 576 default:
c3896d2c
LCC		 577 break;
578 }
d12c7452
CL		 579 }
580
581 if (!sta && !matches_local) {
582 rcu_read_unlock();
54ef656b 583 reason = cpu_to_le16(WLAN_REASON_MESH_CONFIG);
d12c7452 584 llid = 0;
54ef656b
TP		 585 mesh_plink_frame_tx(sdata, WLAN_SP_MESH_PEERING_CLOSE,
586 mgmt->sa, llid, plid, reason);
d12c7452 587 return;
c3896d2c 588 } else if (!sta) {
54ef656b 589 /* ftype == WLAN_SP_MESH_PEERING_OPEN */
34e89507
JB		 590
591 rcu_read_unlock();
592
c3896d2c
LCC		 593 if (!mesh_plink_free_count(sdata)) {
594 mpl_dbg("Mesh plink error: no more free plinks\n");
595 return;
596 }
739522ba 597 sta = mesh_plink_alloc(sdata, mgmt->sa, rates, &elems);
73651ee6 598 if (!sta) {
c3896d2c
LCC		 599 mpl_dbg("Mesh plink error: plink table full\n");
600 return;
601 }
34e89507 602 if (sta_info_insert_rcu(sta)) {
73651ee6
JB		 603 rcu_read_unlock();
604 return;
605 }
c3896d2c 606 event = OPN_ACPT;
07346f81 607 spin_lock_bh(&sta->lock);
d12c7452 608 } else if (matches_local) {
07346f81 609 spin_lock_bh(&sta->lock);
c3896d2c 610 switch (ftype) {
54ef656b 611 case WLAN_SP_MESH_PEERING_OPEN:
c3896d2c 612 if (!mesh_plink_free_count(sdata) ||
d0709a65 613 (sta->plid && sta->plid != plid))
c3896d2c
LCC		 614 event = OPN_IGNR;
615 else
616 event = OPN_ACPT;
617 break;
54ef656b 618 case WLAN_SP_MESH_PEERING_CONFIRM:
c3896d2c 619 if (!mesh_plink_free_count(sdata) ||
d0709a65 620 (sta->llid != llid || sta->plid != plid))
c3896d2c
LCC		 621 event = CNF_IGNR;
622 else
623 event = CNF_ACPT;
624 break;
54ef656b 625 case WLAN_SP_MESH_PEERING_CLOSE:
57cf8043 626 if (sta->plink_state == NL80211_PLINK_ESTAB)
c3896d2c
LCC		 627 /* Do not check for llid or plid. This does not
628 * follow the standard but since multiple plinks
629 * per sta are not supported, it is necessary in
630 * order to avoid a livelock when MP A sees an
631 * establish peer link to MP B but MP B does not
632 * see it. This can be caused by a timeout in
633 * B's peer link establishment or B beign
634 * restarted.
635 */
636 event = CLS_ACPT;
637 else if (sta->plid != plid)
638 event = CLS_IGNR;
639 else if (ie_len == 7 && sta->llid != llid)
640 event = CLS_IGNR;
641 else
642 event = CLS_ACPT;
643 break;
644 default:
645 mpl_dbg("Mesh plink: unknown frame subtype\n");
07346f81 646 spin_unlock_bh(&sta->lock);
d0709a65 647 rcu_read_unlock();
c3896d2c
LCC		 648 return;
649 }
d12c7452
CL		 650 } else {
651 spin_lock_bh(&sta->lock);
c3896d2c
LCC		 652 }
653
1460dd15
RP		 654 mpl_dbg("Mesh plink (peer, state, llid, plid, event): %pM %s %d %d %d\n",
655 mgmt->sa, mplstates[sta->plink_state],
0c68ae26
JB		 656 le16_to_cpu(sta->llid), le16_to_cpu(sta->plid),
657 event);
c3896d2c
LCC		 658 reason = 0;
659 switch (sta->plink_state) {
660 /* spin_unlock as soon as state is updated at each case */
57cf8043 661 case NL80211_PLINK_LISTEN:
c3896d2c
LCC		 662 switch (event) {
663 case CLS_ACPT:
664 mesh_plink_fsm_restart(sta);
07346f81 665 spin_unlock_bh(&sta->lock);
c3896d2c
LCC		 666 break;
667 case OPN_ACPT:
57cf8043 668 sta->plink_state = NL80211_PLINK_OPN_RCVD;
c3896d2c
LCC		 669 sta->plid = plid;
670 get_random_bytes(&llid, 2);
671 sta->llid = llid;
672 mesh_plink_timer_set(sta, dot11MeshRetryTimeout(sdata));
07346f81 673 spin_unlock_bh(&sta->lock);
54ef656b
TP		 674 mesh_plink_frame_tx(sdata,
675 WLAN_SP_MESH_PEERING_OPEN,
676 sta->sta.addr, llid, 0, 0);
677 mesh_plink_frame_tx(sdata,
678 WLAN_SP_MESH_PEERING_CONFIRM,
679 sta->sta.addr, llid, plid, 0);
c3896d2c
LCC		 680 break;
681 default:
07346f81 682 spin_unlock_bh(&sta->lock);
c3896d2c
LCC		 683 break;
684 }
685 break;
686
57cf8043 687 case NL80211_PLINK_OPN_SNT:
c3896d2c
LCC		 688 switch (event) {
689 case OPN_RJCT:
690 case CNF_RJCT:
54ef656b 691 reason = cpu_to_le16(WLAN_REASON_MESH_CONFIG);
c3896d2c
LCC		 692 case CLS_ACPT:
693 if (!reason)
54ef656b 694 reason = cpu_to_le16(WLAN_REASON_MESH_CLOSE);
c3896d2c 695 sta->reason = reason;
57cf8043 696 sta->plink_state = NL80211_PLINK_HOLDING;
c3896d2c
LCC		 697 if (!mod_plink_timer(sta,
698 dot11MeshHoldingTimeout(sdata)))
699 sta->ignore_plink_timer = true;
700
701 llid = sta->llid;
07346f81 702 spin_unlock_bh(&sta->lock);
54ef656b
TP		 703 mesh_plink_frame_tx(sdata,
704 WLAN_SP_MESH_PEERING_CLOSE,
705 sta->sta.addr, llid, plid, reason);
c3896d2c
LCC		 706 break;
707 case OPN_ACPT:
708 /* retry timer is left untouched */
57cf8043 709 sta->plink_state = NL80211_PLINK_OPN_RCVD;
c3896d2c
LCC		 710 sta->plid = plid;
711 llid = sta->llid;
07346f81 712 spin_unlock_bh(&sta->lock);
54ef656b
TP		 713 mesh_plink_frame_tx(sdata,
714 WLAN_SP_MESH_PEERING_CONFIRM,
715 sta->sta.addr, llid, plid, 0);
c3896d2c
LCC		 716 break;
717 case CNF_ACPT:
57cf8043 718 sta->plink_state = NL80211_PLINK_CNF_RCVD;
c3896d2c
LCC		 719 if (!mod_plink_timer(sta,
720 dot11MeshConfirmTimeout(sdata)))
721 sta->ignore_plink_timer = true;
722
07346f81 723 spin_unlock_bh(&sta->lock);
c3896d2c
LCC		 724 break;
725 default:
07346f81 726 spin_unlock_bh(&sta->lock);
c3896d2c
LCC		 727 break;
728 }
729 break;
730
57cf8043 731 case NL80211_PLINK_OPN_RCVD:
c3896d2c
LCC		 732 switch (event) {
733 case OPN_RJCT:
734 case CNF_RJCT:
54ef656b 735 reason = cpu_to_le16(WLAN_REASON_MESH_CONFIG);
c3896d2c
LCC		 736 case CLS_ACPT:
737 if (!reason)
54ef656b 738 reason = cpu_to_le16(WLAN_REASON_MESH_CLOSE);
c3896d2c 739 sta->reason = reason;
57cf8043 740 sta->plink_state = NL80211_PLINK_HOLDING;
c3896d2c
LCC		 741 if (!mod_plink_timer(sta,
742 dot11MeshHoldingTimeout(sdata)))
743 sta->ignore_plink_timer = true;
744
745 llid = sta->llid;
07346f81 746 spin_unlock_bh(&sta->lock);
54ef656b
TP		 747 mesh_plink_frame_tx(sdata, WLAN_SP_MESH_PEERING_CLOSE,
748 sta->sta.addr, llid, plid, reason);
c3896d2c
LCC		 749 break;
750 case OPN_ACPT:
751 llid = sta->llid;
07346f81 752 spin_unlock_bh(&sta->lock);
54ef656b
TP		 753 mesh_plink_frame_tx(sdata,
754 WLAN_SP_MESH_PEERING_CONFIRM,
755 sta->sta.addr, llid, plid, 0);
c3896d2c
LCC		 756 break;
757 case CNF_ACPT:
d0709a65 758 del_timer(&sta->plink_timer);
57cf8043 759 sta->plink_state = NL80211_PLINK_ESTAB;
07346f81 760 spin_unlock_bh(&sta->lock);
c9370197
JL		 761 mesh_plink_inc_estab_count(sdata);
762 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON);
0c68ae26
JB		 763 mpl_dbg("Mesh plink with %pM ESTABLISHED\n",
764 sta->sta.addr);
c3896d2c
LCC		 765 break;
766 default:
07346f81 767 spin_unlock_bh(&sta->lock);
c3896d2c
LCC		 768 break;
769 }
770 break;
771
57cf8043 772 case NL80211_PLINK_CNF_RCVD:
c3896d2c
LCC		 773 switch (event) {
774 case OPN_RJCT:
775 case CNF_RJCT:
54ef656b 776 reason = cpu_to_le16(WLAN_REASON_MESH_CONFIG);
c3896d2c
LCC		 777 case CLS_ACPT:
778 if (!reason)
54ef656b 779 reason = cpu_to_le16(WLAN_REASON_MESH_CLOSE);
c3896d2c 780 sta->reason = reason;
57cf8043 781 sta->plink_state = NL80211_PLINK_HOLDING;
c3896d2c
LCC		 782 if (!mod_plink_timer(sta,
783 dot11MeshHoldingTimeout(sdata)))
784 sta->ignore_plink_timer = true;
785
786 llid = sta->llid;
07346f81 787 spin_unlock_bh(&sta->lock);
54ef656b
TP		 788 mesh_plink_frame_tx(sdata,
789 WLAN_SP_MESH_PEERING_CLOSE,
790 sta->sta.addr, llid, plid, reason);
ff59dc76 791 break;
c3896d2c 792 case OPN_ACPT:
d0709a65 793 del_timer(&sta->plink_timer);
57cf8043 794 sta->plink_state = NL80211_PLINK_ESTAB;
07346f81 795 spin_unlock_bh(&sta->lock);
c9370197
JL		 796 mesh_plink_inc_estab_count(sdata);
797 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON);
0c68ae26
JB		 798 mpl_dbg("Mesh plink with %pM ESTABLISHED\n",
799 sta->sta.addr);
54ef656b
TP		 800 mesh_plink_frame_tx(sdata,
801 WLAN_SP_MESH_PEERING_CONFIRM,
802 sta->sta.addr, llid, plid, 0);
c3896d2c
LCC		 803 break;
804 default:
07346f81 805 spin_unlock_bh(&sta->lock);
c3896d2c
LCC		 806 break;
807 }
808 break;
809
57cf8043 810 case NL80211_PLINK_ESTAB:
c3896d2c
LCC		 811 switch (event) {
812 case CLS_ACPT:
54ef656b 813 reason = cpu_to_le16(WLAN_REASON_MESH_CLOSE);
c3896d2c 814 sta->reason = reason;
c9370197 815 deactivated = __mesh_plink_deactivate(sta);
57cf8043 816 sta->plink_state = NL80211_PLINK_HOLDING;
c3896d2c 817 llid = sta->llid;
d0709a65 818 mod_plink_timer(sta, dot11MeshHoldingTimeout(sdata));
07346f81 819 spin_unlock_bh(&sta->lock);
c9370197
JL		 820 if (deactivated)
821 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON);
54ef656b
TP		 822 mesh_plink_frame_tx(sdata, WLAN_SP_MESH_PEERING_CLOSE,
823 sta->sta.addr, llid, plid, reason);
c3896d2c
LCC		 824 break;
825 case OPN_ACPT:
826 llid = sta->llid;
07346f81 827 spin_unlock_bh(&sta->lock);
54ef656b
TP		 828 mesh_plink_frame_tx(sdata,
829 WLAN_SP_MESH_PEERING_CONFIRM,
830 sta->sta.addr, llid, plid, 0);
c3896d2c
LCC		 831 break;
832 default:
07346f81 833 spin_unlock_bh(&sta->lock);
c3896d2c
LCC		 834 break;
835 }
836 break;
57cf8043 837 case NL80211_PLINK_HOLDING:
c3896d2c
LCC		 838 switch (event) {
839 case CLS_ACPT:
d0709a65 840 if (del_timer(&sta->plink_timer))
c3896d2c 841 sta->ignore_plink_timer = 1;
c3896d2c 842 mesh_plink_fsm_restart(sta);
07346f81 843 spin_unlock_bh(&sta->lock);
c3896d2c
LCC		 844 break;
845 case OPN_ACPT:
846 case CNF_ACPT:
847 case OPN_RJCT:
848 case CNF_RJCT:
849 llid = sta->llid;
850 reason = sta->reason;
07346f81 851 spin_unlock_bh(&sta->lock);
54ef656b
TP		 852 mesh_plink_frame_tx(sdata, WLAN_SP_MESH_PEERING_CLOSE,
853 sta->sta.addr, llid, plid, reason);
c3896d2c
LCC		 854 break;
855 default:
07346f81 856 spin_unlock_bh(&sta->lock);
c3896d2c
LCC		 857 }
858 break;
859 default:
b4e08ea1 860 /* should not get here, PLINK_BLOCKED is dealt with at the
3ad2f3fb 861 * beginning of the function
c3896d2c 862 */
07346f81 863 spin_unlock_bh(&sta->lock);
c3896d2c
LCC		 864 break;
865 }
d0709a65
JB		 866
867 rcu_read_unlock();
c3896d2c 868}
Linux 6.x block layer and io_uring tree(s)