projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
mac80211: add BSS coex IE to TDLS setup frames
[linux-2.6-block.git] / net / mac80211 / tdls.c
CommitLineData
95224fe8
AN		 1/*
2 * mac80211 TDLS handling code
3 *
4 * Copyright 2006-2010 Johannes Berg <johannes@sipsolutions.net>
5 * Copyright 2014, Intel Corporation
d98ad83e 6 * Copyright 2014 Intel Mobile Communications GmbH
95224fe8
AN		 7 *
8 * This file is GPLv2 as found in COPYING.
9 */
10
11#include <linux/ieee80211.h>
6f7eaa47 12#include <linux/log2.h>
c887f0d3 13#include <net/cfg80211.h>
95224fe8 14#include "ieee80211_i.h"
ee10f2c7 15#include "driver-ops.h"
95224fe8 16
17e6a59a
AN		 17/* give usermode some time for retries in setting up the TDLS session */
18#define TDLS_PEER_SETUP_TIMEOUT (15 * HZ)
19
20void ieee80211_tdls_peer_del_work(struct work_struct *wk)
21{
22 struct ieee80211_sub_if_data *sdata;
23 struct ieee80211_local *local;
24
25 sdata = container_of(wk, struct ieee80211_sub_if_data,
81dd2b88 26 u.mgd.tdls_peer_del_work.work);
17e6a59a
AN		 27 local = sdata->local;
28
29 mutex_lock(&local->mtx);
81dd2b88
AN		 30 if (!is_zero_ether_addr(sdata->u.mgd.tdls_peer)) {
31 tdls_dbg(sdata, "TDLS del peer %pM\n", sdata->u.mgd.tdls_peer);
32 sta_info_destroy_addr(sdata, sdata->u.mgd.tdls_peer);
33 eth_zero_addr(sdata->u.mgd.tdls_peer);
17e6a59a
AN		 34 }
35 mutex_unlock(&local->mtx);
36}
37
95224fe8
AN		 38static void ieee80211_tdls_add_ext_capab(struct sk_buff *skb)
39{
40 u8 *pos = (void *)skb_put(skb, 7);
41
42 *pos++ = WLAN_EID_EXT_CAPABILITY;
43 *pos++ = 5; /* len */
44 *pos++ = 0x0;
45 *pos++ = 0x0;
46 *pos++ = 0x0;
47 *pos++ = 0x0;
48 *pos++ = WLAN_EXT_CAPA5_TDLS_ENABLED;
49}
50
f0d29cb9
AN		 51static u8
52ieee80211_tdls_add_subband(struct ieee80211_sub_if_data *sdata,
53 struct sk_buff *skb, u16 start, u16 end,
54 u16 spacing)
55{
56 u8 subband_cnt = 0, ch_cnt = 0;
57 struct ieee80211_channel *ch;
58 struct cfg80211_chan_def chandef;
59 int i, subband_start;
60
61 for (i = start; i <= end; i += spacing) {
62 if (!ch_cnt)
63 subband_start = i;
64
65 ch = ieee80211_get_channel(sdata->local->hw.wiphy, i);
66 if (ch) {
67 /* we will be active on the channel */
68 u32 flags = IEEE80211_CHAN_DISABLED |
69 IEEE80211_CHAN_NO_IR;
70 cfg80211_chandef_create(&chandef, ch,
71 NL80211_CHAN_HT20);
72 if (cfg80211_chandef_usable(sdata->local->hw.wiphy,
73 &chandef, flags)) {
74 ch_cnt++;
75 continue;
76 }
77 }
78
79 if (ch_cnt) {
80 u8 *pos = skb_put(skb, 2);
81 *pos++ = ieee80211_frequency_to_channel(subband_start);
82 *pos++ = ch_cnt;
83
84 subband_cnt++;
85 ch_cnt = 0;
86 }
87 }
88
89 return subband_cnt;
90}
91
92static void
93ieee80211_tdls_add_supp_channels(struct ieee80211_sub_if_data *sdata,
94 struct sk_buff *skb)
95{
96 /*
97 * Add possible channels for TDLS. These are channels that are allowed
98 * to be active.
99 */
100 u8 subband_cnt;
101 u8 *pos = skb_put(skb, 2);
102
103 *pos++ = WLAN_EID_SUPPORTED_CHANNELS;
104
105 /*
106 * 5GHz and 2GHz channels numbers can overlap. Ignore this for now, as
107 * this doesn't happen in real world scenarios.
108 */
109
110 /* 2GHz, with 5MHz spacing */
111 subband_cnt = ieee80211_tdls_add_subband(sdata, skb, 2412, 2472, 5);
112
113 /* 5GHz, with 20MHz spacing */
114 subband_cnt += ieee80211_tdls_add_subband(sdata, skb, 5000, 5825, 20);
115
116 /* length */
117 *pos = 2 * subband_cnt;
118}
119
2cedd879
AN		 120static void ieee80211_tdls_add_bss_coex_ie(struct sk_buff *skb)
121{
122 u8 *pos = (void *)skb_put(skb, 3);
123
124 *pos++ = WLAN_EID_BSS_COEX_2040;
125 *pos++ = 1; /* len */
126
127 *pos++ = WLAN_BSS_COEX_INFORMATION_REQUEST;
128}
129
dd8c0b03
AN		 130static u16 ieee80211_get_tdls_sta_capab(struct ieee80211_sub_if_data *sdata,
131 u16 status_code)
95224fe8
AN		 132{
133 struct ieee80211_local *local = sdata->local;
134 u16 capab;
135
dd8c0b03
AN		 136 /* The capability will be 0 when sending a failure code */
137 if (status_code != 0)
138 return 0;
139
95224fe8
AN		 140 capab = 0;
141 if (ieee80211_get_sdata_band(sdata) != IEEE80211_BAND_2GHZ)
142 return capab;
143
144 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
145 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
146 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE))
147 capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
148
149 return capab;
150}
151
1606ef4a
AN		 152static void ieee80211_tdls_add_link_ie(struct ieee80211_sub_if_data *sdata,
153 struct sk_buff *skb, const u8 *peer,
154 bool initiator)
95224fe8
AN		 155{
156 struct ieee80211_tdls_lnkie *lnkid;
1606ef4a
AN		 157 const u8 *init_addr, *rsp_addr;
158
159 if (initiator) {
160 init_addr = sdata->vif.addr;
161 rsp_addr = peer;
162 } else {
163 init_addr = peer;
164 rsp_addr = sdata->vif.addr;
165 }
95224fe8
AN		 166
167 lnkid = (void *)skb_put(skb, sizeof(struct ieee80211_tdls_lnkie));
168
169 lnkid->ie_type = WLAN_EID_LINK_ID;
170 lnkid->ie_len = sizeof(struct ieee80211_tdls_lnkie) - 2;
171
1606ef4a
AN		 172 memcpy(lnkid->bssid, sdata->u.mgd.bssid, ETH_ALEN);
173 memcpy(lnkid->init_sta, init_addr, ETH_ALEN);
174 memcpy(lnkid->resp_sta, rsp_addr, ETH_ALEN);
95224fe8
AN		 175}
176
6f7eaa47
AN		 177/* translate numbering in the WMM parameter IE to the mac80211 notation */
178static enum ieee80211_ac_numbers ieee80211_ac_from_wmm(int ac)
179{
180 switch (ac) {
181 default:
182 WARN_ON_ONCE(1);
183 case 0:
184 return IEEE80211_AC_BE;
185 case 1:
186 return IEEE80211_AC_BK;
187 case 2:
188 return IEEE80211_AC_VI;
189 case 3:
190 return IEEE80211_AC_VO;
191 }
192}
193
194static u8 ieee80211_wmm_aci_aifsn(int aifsn, bool acm, int aci)
195{
196 u8 ret;
197
198 ret = aifsn & 0x0f;
199 if (acm)
200 ret |= 0x10;
201 ret |= (aci << 5) & 0x60;
202 return ret;
203}
204
205static u8 ieee80211_wmm_ecw(u16 cw_min, u16 cw_max)
206{
207 return ((ilog2(cw_min + 1) << 0x0) & 0x0f) |
208 ((ilog2(cw_max + 1) << 0x4) & 0xf0);
209}
210
211static void ieee80211_tdls_add_wmm_param_ie(struct ieee80211_sub_if_data *sdata,
212 struct sk_buff *skb)
213{
214 struct ieee80211_wmm_param_ie *wmm;
215 struct ieee80211_tx_queue_params *txq;
216 int i;
217
218 wmm = (void *)skb_put(skb, sizeof(*wmm));
219 memset(wmm, 0, sizeof(*wmm));
220
221 wmm->element_id = WLAN_EID_VENDOR_SPECIFIC;
222 wmm->len = sizeof(*wmm) - 2;
223
224 wmm->oui[0] = 0x00; /* Microsoft OUI 00:50:F2 */
225 wmm->oui[1] = 0x50;
226 wmm->oui[2] = 0xf2;
227 wmm->oui_type = 2; /* WME */
228 wmm->oui_subtype = 1; /* WME param */
229 wmm->version = 1; /* WME ver */
230 wmm->qos_info = 0; /* U-APSD not in use */
231
232 /*
233 * Use the EDCA parameters defined for the BSS, or default if the AP
234 * doesn't support it, as mandated by 802.11-2012 section 10.22.4
235 */
236 for (i = 0; i < IEEE80211_NUM_ACS; i++) {
237 txq = &sdata->tx_conf[ieee80211_ac_from_wmm(i)];
238 wmm->ac[i].aci_aifsn = ieee80211_wmm_aci_aifsn(txq->aifs,
239 txq->acm, i);
240 wmm->ac[i].cw = ieee80211_wmm_ecw(txq->cw_min, txq->cw_max);
241 wmm->ac[i].txop_limit = cpu_to_le16(txq->txop);
242 }
243}
244
f09a87d2
AN		 245static void
246ieee80211_tdls_add_setup_start_ies(struct ieee80211_sub_if_data *sdata,
247 struct sk_buff *skb, const u8 *peer,
1606ef4a
AN		 248 u8 action_code, bool initiator,
249 const u8 *extra_ies, size_t extra_ies_len)
f09a87d2
AN		 250{
251 enum ieee80211_band band = ieee80211_get_sdata_band(sdata);
40b861a0 252 struct ieee80211_local *local = sdata->local;
13cc8a4a
AN		 253 struct ieee80211_supported_band *sband;
254 struct ieee80211_sta_ht_cap ht_cap;
255 struct sta_info *sta = NULL;
f09a87d2
AN		 256 size_t offset = 0, noffset;
257 u8 *pos;
258
13cc8a4a
AN		 259 rcu_read_lock();
260
261 /* we should have the peer STA if we're already responding */
262 if (action_code == WLAN_TDLS_SETUP_RESPONSE) {
263 sta = sta_info_get(sdata, peer);
264 if (WARN_ON_ONCE(!sta)) {
265 rcu_read_unlock();
266 return;
267 }
268 }
269
f09a87d2
AN		 270 ieee80211_add_srates_ie(sdata, skb, false, band);
271 ieee80211_add_ext_srates_ie(sdata, skb, false, band);
f0d29cb9 272 ieee80211_tdls_add_supp_channels(sdata, skb);
f09a87d2
AN		 273
274 /* add any custom IEs that go before Extended Capabilities */
275 if (extra_ies_len) {
276 static const u8 before_ext_cap[] = {
277 WLAN_EID_SUPP_RATES,
278 WLAN_EID_COUNTRY,
279 WLAN_EID_EXT_SUPP_RATES,
280 WLAN_EID_SUPPORTED_CHANNELS,
281 WLAN_EID_RSN,
282 };
283 noffset = ieee80211_ie_split(extra_ies, extra_ies_len,
284 before_ext_cap,
285 ARRAY_SIZE(before_ext_cap),
286 offset);
287 pos = skb_put(skb, noffset - offset);
288 memcpy(pos, extra_ies + offset, noffset - offset);
289 offset = noffset;
290 }
291
292 ieee80211_tdls_add_ext_capab(skb);
293
40b861a0
AN		 294 /* add the QoS element if we support it */
295 if (local->hw.queues >= IEEE80211_NUM_ACS &&
296 action_code != WLAN_PUB_ACTION_TDLS_DISCOVER_RES)
297 ieee80211_add_wmm_info_ie(skb_put(skb, 9), 0); /* no U-APSD */
298
f09a87d2
AN		 299 /* add any custom IEs that go before HT capabilities */
300 if (extra_ies_len) {
301 static const u8 before_ht_cap[] = {
302 WLAN_EID_SUPP_RATES,
303 WLAN_EID_COUNTRY,
304 WLAN_EID_EXT_SUPP_RATES,
305 WLAN_EID_SUPPORTED_CHANNELS,
306 WLAN_EID_RSN,
307 WLAN_EID_EXT_CAPABILITY,
308 WLAN_EID_QOS_CAPA,
309 WLAN_EID_FAST_BSS_TRANSITION,
310 WLAN_EID_TIMEOUT_INTERVAL,
311 WLAN_EID_SUPPORTED_REGULATORY_CLASSES,
312 };
313 noffset = ieee80211_ie_split(extra_ies, extra_ies_len,
314 before_ht_cap,
315 ARRAY_SIZE(before_ht_cap),
316 offset);
317 pos = skb_put(skb, noffset - offset);
318 memcpy(pos, extra_ies + offset, noffset - offset);
319 offset = noffset;
320 }
321
13cc8a4a
AN		 322 /*
323 * with TDLS we can switch channels, and HT-caps are not necessarily
324 * the same on all bands. The specification limits the setup to a
325 * single HT-cap, so use the current band for now.
326 */
327 sband = local->hw.wiphy->bands[band];
328 memcpy(&ht_cap, &sband->ht_cap, sizeof(ht_cap));
329 if ((action_code == WLAN_TDLS_SETUP_REQUEST ||
330 action_code == WLAN_TDLS_SETUP_RESPONSE) &&
331 ht_cap.ht_supported && (!sta || sta->sta.ht_cap.ht_supported)) {
332 if (action_code == WLAN_TDLS_SETUP_REQUEST) {
333 ieee80211_apply_htcap_overrides(sdata, &ht_cap);
334
335 /* disable SMPS in TDLS initiator */
336 ht_cap.cap |= (WLAN_HT_CAP_SM_PS_DISABLED
337 << IEEE80211_HT_CAP_SM_PS_SHIFT);
338 } else {
339 /* disable SMPS in TDLS responder */
340 sta->sta.ht_cap.cap |=
341 (WLAN_HT_CAP_SM_PS_DISABLED
342 << IEEE80211_HT_CAP_SM_PS_SHIFT);
343
344 /* the peer caps are already intersected with our own */
345 memcpy(&ht_cap, &sta->sta.ht_cap, sizeof(ht_cap));
346 }
347
348 pos = skb_put(skb, sizeof(struct ieee80211_ht_cap) + 2);
349 ieee80211_ie_build_ht_cap(pos, &ht_cap, ht_cap.cap);
350 }
351
352 rcu_read_unlock();
353
2cedd879
AN		 354 if (ht_cap.ht_supported &&
355 (ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40))
356 ieee80211_tdls_add_bss_coex_ie(skb);
357
f09a87d2
AN		 358 /* add any remaining IEs */
359 if (extra_ies_len) {
360 noffset = extra_ies_len;
361 pos = skb_put(skb, noffset - offset);
362 memcpy(pos, extra_ies + offset, noffset - offset);
363 }
1606ef4a
AN		 364
365 ieee80211_tdls_add_link_ie(sdata, skb, peer, initiator);
f09a87d2
AN		 366}
367
6f7eaa47
AN		 368static void
369ieee80211_tdls_add_setup_cfm_ies(struct ieee80211_sub_if_data *sdata,
370 struct sk_buff *skb, const u8 *peer,
371 bool initiator, const u8 *extra_ies,
372 size_t extra_ies_len)
373{
374 struct ieee80211_local *local = sdata->local;
13cc8a4a 375 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
6f7eaa47 376 size_t offset = 0, noffset;
13cc8a4a 377 struct sta_info *sta, *ap_sta;
6f7eaa47
AN		 378 u8 *pos;
379
380 rcu_read_lock();
381
382 sta = sta_info_get(sdata, peer);
13cc8a4a
AN		 383 ap_sta = sta_info_get(sdata, ifmgd->bssid);
384 if (WARN_ON_ONCE(!sta || !ap_sta)) {
6f7eaa47
AN		 385 rcu_read_unlock();
386 return;
387 }
388
389 /* add any custom IEs that go before the QoS IE */
390 if (extra_ies_len) {
391 static const u8 before_qos[] = {
392 WLAN_EID_RSN,
393 };
394 noffset = ieee80211_ie_split(extra_ies, extra_ies_len,
395 before_qos,
396 ARRAY_SIZE(before_qos),
397 offset);
398 pos = skb_put(skb, noffset - offset);
399 memcpy(pos, extra_ies + offset, noffset - offset);
400 offset = noffset;
401 }
402
403 /* add the QoS param IE if both the peer and we support it */
a74a8c84 404 if (local->hw.queues >= IEEE80211_NUM_ACS && sta->sta.wme)
6f7eaa47
AN		 405 ieee80211_tdls_add_wmm_param_ie(sdata, skb);
406
13cc8a4a
AN		 407 /* add any custom IEs that go before HT operation */
408 if (extra_ies_len) {
409 static const u8 before_ht_op[] = {
410 WLAN_EID_RSN,
411 WLAN_EID_QOS_CAPA,
412 WLAN_EID_FAST_BSS_TRANSITION,
413 WLAN_EID_TIMEOUT_INTERVAL,
414 };
415 noffset = ieee80211_ie_split(extra_ies, extra_ies_len,
416 before_ht_op,
417 ARRAY_SIZE(before_ht_op),
418 offset);
419 pos = skb_put(skb, noffset - offset);
420 memcpy(pos, extra_ies + offset, noffset - offset);
421 offset = noffset;
422 }
423
424 /* if HT support is only added in TDLS, we need an HT-operation IE */
425 if (!ap_sta->sta.ht_cap.ht_supported && sta->sta.ht_cap.ht_supported) {
426 struct ieee80211_chanctx_conf *chanctx_conf =
427 rcu_dereference(sdata->vif.chanctx_conf);
428 if (!WARN_ON(!chanctx_conf)) {
429 pos = skb_put(skb, 2 +
430 sizeof(struct ieee80211_ht_operation));
431 /* send an empty HT operation IE */
432 ieee80211_ie_build_ht_oper(pos, &sta->sta.ht_cap,
433 &chanctx_conf->def, 0);
434 }
435 }
436
437 rcu_read_unlock();
438
6f7eaa47
AN		 439 /* add any remaining IEs */
440 if (extra_ies_len) {
441 noffset = extra_ies_len;
442 pos = skb_put(skb, noffset - offset);
443 memcpy(pos, extra_ies + offset, noffset - offset);
444 }
445
446 ieee80211_tdls_add_link_ie(sdata, skb, peer, initiator);
6f7eaa47
AN		 447}
448
46792a2d
AN		 449static void ieee80211_tdls_add_ies(struct ieee80211_sub_if_data *sdata,
450 struct sk_buff *skb, const u8 *peer,
1606ef4a
AN		 451 u8 action_code, u16 status_code,
452 bool initiator, const u8 *extra_ies,
453 size_t extra_ies_len)
46792a2d 454{
46792a2d
AN		 455 switch (action_code) {
456 case WLAN_TDLS_SETUP_REQUEST:
457 case WLAN_TDLS_SETUP_RESPONSE:
458 case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
1606ef4a
AN		 459 if (status_code == 0)
460 ieee80211_tdls_add_setup_start_ies(sdata, skb, peer,
461 action_code,
462 initiator,
463 extra_ies,
464 extra_ies_len);
46792a2d
AN		 465 break;
466 case WLAN_TDLS_SETUP_CONFIRM:
6f7eaa47
AN		 467 if (status_code == 0)
468 ieee80211_tdls_add_setup_cfm_ies(sdata, skb, peer,
469 initiator, extra_ies,
470 extra_ies_len);
471 break;
46792a2d
AN		 472 case WLAN_TDLS_TEARDOWN:
473 case WLAN_TDLS_DISCOVERY_REQUEST:
f09a87d2
AN		 474 if (extra_ies_len)
475 memcpy(skb_put(skb, extra_ies_len), extra_ies,
476 extra_ies_len);
1606ef4a
AN		 477 if (status_code == 0 || action_code == WLAN_TDLS_TEARDOWN)
478 ieee80211_tdls_add_link_ie(sdata, skb, peer, initiator);
46792a2d
AN		 479 break;
480 }
481
46792a2d
AN		 482}
483
95224fe8
AN		 484static int
485ieee80211_prep_tdls_encap_data(struct wiphy *wiphy, struct net_device *dev,
3b3a0162 486 const u8 *peer, u8 action_code, u8 dialog_token,
95224fe8
AN		 487 u16 status_code, struct sk_buff *skb)
488{
489 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
95224fe8
AN		 490 struct ieee80211_tdls_data *tf;
491
492 tf = (void *)skb_put(skb, offsetof(struct ieee80211_tdls_data, u));
493
494 memcpy(tf->da, peer, ETH_ALEN);
495 memcpy(tf->sa, sdata->vif.addr, ETH_ALEN);
496 tf->ether_type = cpu_to_be16(ETH_P_TDLS);
497 tf->payload_type = WLAN_TDLS_SNAP_RFTYPE;
498
59cd85cb
AN		 499 /* network header is after the ethernet header */
500 skb_set_network_header(skb, ETH_HLEN);
501
95224fe8
AN		 502 switch (action_code) {
503 case WLAN_TDLS_SETUP_REQUEST:
504 tf->category = WLAN_CATEGORY_TDLS;
505 tf->action_code = WLAN_TDLS_SETUP_REQUEST;
506
507 skb_put(skb, sizeof(tf->u.setup_req));
508 tf->u.setup_req.dialog_token = dialog_token;
509 tf->u.setup_req.capability =
dd8c0b03
AN		 510 cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata,
511 status_code));
95224fe8
AN		 512 break;
513 case WLAN_TDLS_SETUP_RESPONSE:
514 tf->category = WLAN_CATEGORY_TDLS;
515 tf->action_code = WLAN_TDLS_SETUP_RESPONSE;
516
517 skb_put(skb, sizeof(tf->u.setup_resp));
518 tf->u.setup_resp.status_code = cpu_to_le16(status_code);
519 tf->u.setup_resp.dialog_token = dialog_token;
520 tf->u.setup_resp.capability =
dd8c0b03
AN		 521 cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata,
522 status_code));
95224fe8
AN		 523 break;
524 case WLAN_TDLS_SETUP_CONFIRM:
525 tf->category = WLAN_CATEGORY_TDLS;
526 tf->action_code = WLAN_TDLS_SETUP_CONFIRM;
527
528 skb_put(skb, sizeof(tf->u.setup_cfm));
529 tf->u.setup_cfm.status_code = cpu_to_le16(status_code);
530 tf->u.setup_cfm.dialog_token = dialog_token;
531 break;
532 case WLAN_TDLS_TEARDOWN:
533 tf->category = WLAN_CATEGORY_TDLS;
534 tf->action_code = WLAN_TDLS_TEARDOWN;
535
536 skb_put(skb, sizeof(tf->u.teardown));
537 tf->u.teardown.reason_code = cpu_to_le16(status_code);
538 break;
539 case WLAN_TDLS_DISCOVERY_REQUEST:
540 tf->category = WLAN_CATEGORY_TDLS;
541 tf->action_code = WLAN_TDLS_DISCOVERY_REQUEST;
542
543 skb_put(skb, sizeof(tf->u.discover_req));
544 tf->u.discover_req.dialog_token = dialog_token;
545 break;
546 default:
547 return -EINVAL;
548 }
549
550 return 0;
551}
552
553static int
554ieee80211_prep_tdls_direct(struct wiphy *wiphy, struct net_device *dev,
3b3a0162 555 const u8 *peer, u8 action_code, u8 dialog_token,
95224fe8
AN		 556 u16 status_code, struct sk_buff *skb)
557{
558 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
95224fe8
AN		 559 struct ieee80211_mgmt *mgmt;
560
561 mgmt = (void *)skb_put(skb, 24);
562 memset(mgmt, 0, 24);
563 memcpy(mgmt->da, peer, ETH_ALEN);
564 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
565 memcpy(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN);
566
567 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
568 IEEE80211_STYPE_ACTION);
569
570 switch (action_code) {
571 case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
572 skb_put(skb, 1 + sizeof(mgmt->u.action.u.tdls_discover_resp));
573 mgmt->u.action.category = WLAN_CATEGORY_PUBLIC;
574 mgmt->u.action.u.tdls_discover_resp.action_code =
575 WLAN_PUB_ACTION_TDLS_DISCOVER_RES;
576 mgmt->u.action.u.tdls_discover_resp.dialog_token =
577 dialog_token;
578 mgmt->u.action.u.tdls_discover_resp.capability =
dd8c0b03
AN		 579 cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata,
580 status_code));
95224fe8
AN		 581 break;
582 default:
583 return -EINVAL;
584 }
585
586 return 0;
587}
588
17e6a59a
AN		 589static int
590ieee80211_tdls_prep_mgmt_packet(struct wiphy *wiphy, struct net_device *dev,
591 const u8 *peer, u8 action_code,
592 u8 dialog_token, u16 status_code,
2fb6b9b8
AN		 593 u32 peer_capability, bool initiator,
594 const u8 *extra_ies, size_t extra_ies_len)
95224fe8
AN		 595{
596 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
597 struct ieee80211_local *local = sdata->local;
598 struct sk_buff *skb = NULL;
1277b4a9 599 u32 flags = 0;
95224fe8 600 bool send_direct;
626911cc 601 struct sta_info *sta;
95224fe8
AN		 602 int ret;
603
1277b4a9
LK		 604 skb = netdev_alloc_skb(dev,
605 local->hw.extra_tx_headroom +
606 max(sizeof(struct ieee80211_mgmt),
607 sizeof(struct ieee80211_tdls_data)) +
608 50 + /* supported rates */
609 7 + /* ext capab */
610 26 + /* max(WMM-info, WMM-param) */
611 2 + max(sizeof(struct ieee80211_ht_cap),
612 sizeof(struct ieee80211_ht_operation)) +
f0d29cb9 613 50 + /* supported channels */
2cedd879 614 3 + /* 40/20 BSS coex */
1277b4a9
LK		 615 extra_ies_len +
616 sizeof(struct ieee80211_tdls_lnkie));
95224fe8
AN		 617 if (!skb)
618 return -ENOMEM;
619
620 skb_reserve(skb, local->hw.extra_tx_headroom);
621
622 switch (action_code) {
623 case WLAN_TDLS_SETUP_REQUEST:
624 case WLAN_TDLS_SETUP_RESPONSE:
625 case WLAN_TDLS_SETUP_CONFIRM:
626 case WLAN_TDLS_TEARDOWN:
627 case WLAN_TDLS_DISCOVERY_REQUEST:
628 ret = ieee80211_prep_tdls_encap_data(wiphy, dev, peer,
629 action_code, dialog_token,
630 status_code, skb);
631 send_direct = false;
632 break;
633 case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
634 ret = ieee80211_prep_tdls_direct(wiphy, dev, peer, action_code,
635 dialog_token, status_code,
636 skb);
637 send_direct = true;
638 break;
639 default:
640 ret = -ENOTSUPP;
641 break;
642 }
643
644 if (ret < 0)
645 goto fail;
646
626911cc
AN		 647 rcu_read_lock();
648 sta = sta_info_get(sdata, peer);
649
650 /* infer the initiator if we can, to support old userspace */
95224fe8
AN		 651 switch (action_code) {
652 case WLAN_TDLS_SETUP_REQUEST:
8b94148c 653 if (sta) {
626911cc 654 set_sta_flag(sta, WLAN_STA_TDLS_INITIATOR);
8b94148c
AN		 655 sta->sta.tdls_initiator = false;
656 }
626911cc 657 /* fall-through */
95224fe8 658 case WLAN_TDLS_SETUP_CONFIRM:
95224fe8 659 case WLAN_TDLS_DISCOVERY_REQUEST:
626911cc 660 initiator = true;
95224fe8
AN		 661 break;
662 case WLAN_TDLS_SETUP_RESPONSE:
626911cc
AN		 663 /*
664 * In some testing scenarios, we send a request and response.
665 * Make the last packet sent take effect for the initiator
666 * value.
667 */
8b94148c 668 if (sta) {
626911cc 669 clear_sta_flag(sta, WLAN_STA_TDLS_INITIATOR);
8b94148c
AN		 670 sta->sta.tdls_initiator = true;
671 }
626911cc 672 /* fall-through */
95224fe8 673 case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
626911cc 674 initiator = false;
2fb6b9b8
AN		 675 break;
676 case WLAN_TDLS_TEARDOWN:
677 /* any value is ok */
95224fe8
AN		 678 break;
679 default:
680 ret = -ENOTSUPP;
626911cc 681 break;
95224fe8
AN		 682 }
683
46792a2d
AN		 684 if (sta && test_sta_flag(sta, WLAN_STA_TDLS_INITIATOR))
685 initiator = true;
2fb6b9b8 686
626911cc
AN		 687 rcu_read_unlock();
688 if (ret < 0)
689 goto fail;
690
1606ef4a
AN		 691 ieee80211_tdls_add_ies(sdata, skb, peer, action_code, status_code,
692 initiator, extra_ies, extra_ies_len);
95224fe8
AN		 693 if (send_direct) {
694 ieee80211_tx_skb(sdata, skb);
695 return 0;
696 }
697
698 /*
699 * According to 802.11z: Setup req/resp are sent in AC_BK, otherwise
700 * we should default to AC_VI.
701 */
702 switch (action_code) {
703 case WLAN_TDLS_SETUP_REQUEST:
704 case WLAN_TDLS_SETUP_RESPONSE:
705 skb_set_queue_mapping(skb, IEEE80211_AC_BK);
706 skb->priority = 2;
707 break;
708 default:
709 skb_set_queue_mapping(skb, IEEE80211_AC_VI);
710 skb->priority = 5;
711 break;
712 }
713
1277b4a9
LK		 714 /*
715 * Set the WLAN_TDLS_TEARDOWN flag to indicate a teardown in progress.
716 * Later, if no ACK is returned from peer, we will re-send the teardown
717 * packet through the AP.
718 */
719 if ((action_code == WLAN_TDLS_TEARDOWN) &&
720 (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)) {
721 struct sta_info *sta = NULL;
722 bool try_resend; /* Should we keep skb for possible resend */
723
724 /* If not sending directly to peer - no point in keeping skb */
725 rcu_read_lock();
726 sta = sta_info_get(sdata, peer);
727 try_resend = sta && test_sta_flag(sta, WLAN_STA_TDLS_PEER_AUTH);
728 rcu_read_unlock();
729
730 spin_lock_bh(&sdata->u.mgd.teardown_lock);
731 if (try_resend && !sdata->u.mgd.teardown_skb) {
732 /* Mark it as requiring TX status callback */
733 flags |= IEEE80211_TX_CTL_REQ_TX_STATUS |
734 IEEE80211_TX_INTFL_MLME_CONN_TX;
735
736 /*
737 * skb is copied since mac80211 will later set
738 * properties that might not be the same as the AP,
739 * such as encryption, QoS, addresses, etc.
740 *
741 * No problem if skb_copy() fails, so no need to check.
742 */
743 sdata->u.mgd.teardown_skb = skb_copy(skb, GFP_ATOMIC);
744 sdata->u.mgd.orig_teardown_skb = skb;
745 }
746 spin_unlock_bh(&sdata->u.mgd.teardown_lock);
747 }
748
95224fe8
AN		 749 /* disable bottom halves when entering the Tx path */
750 local_bh_disable();
1277b4a9 751 __ieee80211_subif_start_xmit(skb, dev, flags);
95224fe8
AN		 752 local_bh_enable();
753
754 return ret;
755
756fail:
757 dev_kfree_skb(skb);
758 return ret;
759}
760
191dd469
AN		 761static int
762ieee80211_tdls_mgmt_setup(struct wiphy *wiphy, struct net_device *dev,
763 const u8 *peer, u8 action_code, u8 dialog_token,
764 u16 status_code, u32 peer_capability, bool initiator,
765 const u8 *extra_ies, size_t extra_ies_len)
17e6a59a
AN		 766{
767 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
768 struct ieee80211_local *local = sdata->local;
769 int ret;
770
17e6a59a
AN		 771 mutex_lock(&local->mtx);
772
773 /* we don't support concurrent TDLS peer setups */
81dd2b88
AN		 774 if (!is_zero_ether_addr(sdata->u.mgd.tdls_peer) &&
775 !ether_addr_equal(sdata->u.mgd.tdls_peer, peer)) {
17e6a59a
AN		 776 ret = -EBUSY;
777 goto exit;
778 }
779
7adc3e46
AN		 780 /*
781 * make sure we have a STA representing the peer so we drop or buffer
782 * non-TDLS-setup frames to the peer. We can't send other packets
6ae32e5d
AN		 783 * during setup through the AP path.
784 * Allow error packets to be sent - sometimes we don't even add a STA
785 * before failing the setup.
7adc3e46 786 */
6ae32e5d
AN		 787 if (status_code == 0) {
788 rcu_read_lock();
789 if (!sta_info_get(sdata, peer)) {
790 rcu_read_unlock();
791 ret = -ENOLINK;
792 goto exit;
793 }
7adc3e46 794 rcu_read_unlock();
7adc3e46 795 }
7adc3e46 796
db67d661
AN		 797 ieee80211_flush_queues(local, sdata);
798
17e6a59a
AN		 799 ret = ieee80211_tdls_prep_mgmt_packet(wiphy, dev, peer, action_code,
800 dialog_token, status_code,
2fb6b9b8
AN		 801 peer_capability, initiator,
802 extra_ies, extra_ies_len);
17e6a59a
AN		 803 if (ret < 0)
804 goto exit;
805
81dd2b88 806 memcpy(sdata->u.mgd.tdls_peer, peer, ETH_ALEN);
191dd469 807 ieee80211_queue_delayed_work(&sdata->local->hw,
81dd2b88 808 &sdata->u.mgd.tdls_peer_del_work,
191dd469 809 TDLS_PEER_SETUP_TIMEOUT);
17e6a59a
AN		 810
811exit:
812 mutex_unlock(&local->mtx);
191dd469
AN		 813 return ret;
814}
815
db67d661
AN		 816static int
817ieee80211_tdls_mgmt_teardown(struct wiphy *wiphy, struct net_device *dev,
818 const u8 *peer, u8 action_code, u8 dialog_token,
819 u16 status_code, u32 peer_capability,
820 bool initiator, const u8 *extra_ies,
821 size_t extra_ies_len)
822{
823 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
824 struct ieee80211_local *local = sdata->local;
825 struct sta_info *sta;
826 int ret;
827
828 /*
829 * No packets can be transmitted to the peer via the AP during setup -
830 * the STA is set as a TDLS peer, but is not authorized.
831 * During teardown, we prevent direct transmissions by stopping the
832 * queues and flushing all direct packets.
833 */
834 ieee80211_stop_vif_queues(local, sdata,
835 IEEE80211_QUEUE_STOP_REASON_TDLS_TEARDOWN);
836 ieee80211_flush_queues(local, sdata);
837
838 ret = ieee80211_tdls_prep_mgmt_packet(wiphy, dev, peer, action_code,
839 dialog_token, status_code,
840 peer_capability, initiator,
841 extra_ies, extra_ies_len);
842 if (ret < 0)
843 sdata_err(sdata, "Failed sending TDLS teardown packet %d\n",
844 ret);
845
846 /*
847 * Remove the STA AUTH flag to force further traffic through the AP. If
848 * the STA was unreachable, it was already removed.
849 */
850 rcu_read_lock();
851 sta = sta_info_get(sdata, peer);
852 if (sta)
853 clear_sta_flag(sta, WLAN_STA_TDLS_PEER_AUTH);
854 rcu_read_unlock();
855
856 ieee80211_wake_vif_queues(local, sdata,
857 IEEE80211_QUEUE_STOP_REASON_TDLS_TEARDOWN);
858
859 return 0;
860}
861
191dd469
AN		 862int ieee80211_tdls_mgmt(struct wiphy *wiphy, struct net_device *dev,
863 const u8 *peer, u8 action_code, u8 dialog_token,
864 u16 status_code, u32 peer_capability,
865 bool initiator, const u8 *extra_ies,
866 size_t extra_ies_len)
867{
868 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
869 int ret;
870
871 if (!(wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS))
872 return -ENOTSUPP;
873
874 /* make sure we are in managed mode, and associated */
875 if (sdata->vif.type != NL80211_IFTYPE_STATION ||
876 !sdata->u.mgd.associated)
877 return -EINVAL;
878
879 switch (action_code) {
880 case WLAN_TDLS_SETUP_REQUEST:
881 case WLAN_TDLS_SETUP_RESPONSE:
882 ret = ieee80211_tdls_mgmt_setup(wiphy, dev, peer, action_code,
883 dialog_token, status_code,
884 peer_capability, initiator,
885 extra_ies, extra_ies_len);
886 break;
887 case WLAN_TDLS_TEARDOWN:
db67d661
AN		 888 ret = ieee80211_tdls_mgmt_teardown(wiphy, dev, peer,
889 action_code, dialog_token,
890 status_code,
891 peer_capability, initiator,
892 extra_ies, extra_ies_len);
893 break;
191dd469 894 case WLAN_TDLS_DISCOVERY_REQUEST:
ee10f2c7
AN		 895 /*
896 * Protect the discovery so we can hear the TDLS discovery
897 * response frame. It is transmitted directly and not buffered
898 * by the AP.
899 */
900 drv_mgd_protect_tdls_discover(sdata->local, sdata);
901 /* fall-through */
902 case WLAN_TDLS_SETUP_CONFIRM:
191dd469
AN		 903 case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
904 /* no special handling */
905 ret = ieee80211_tdls_prep_mgmt_packet(wiphy, dev, peer,
906 action_code,
907 dialog_token,
908 status_code,
909 peer_capability,
910 initiator, extra_ies,
911 extra_ies_len);
912 break;
913 default:
914 ret = -EOPNOTSUPP;
915 break;
916 }
17e6a59a
AN		 917
918 tdls_dbg(sdata, "TDLS mgmt action %d peer %pM status %d\n",
919 action_code, peer, ret);
920 return ret;
921}
922
95224fe8 923int ieee80211_tdls_oper(struct wiphy *wiphy, struct net_device *dev,
3b3a0162 924 const u8 *peer, enum nl80211_tdls_operation oper)
95224fe8
AN		 925{
926 struct sta_info *sta;
927 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
17e6a59a
AN		 928 struct ieee80211_local *local = sdata->local;
929 int ret;
95224fe8
AN		 930
931 if (!(wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS))
932 return -ENOTSUPP;
933
934 if (sdata->vif.type != NL80211_IFTYPE_STATION)
935 return -EINVAL;
936
17e6a59a
AN		 937 switch (oper) {
938 case NL80211_TDLS_ENABLE_LINK:
939 case NL80211_TDLS_DISABLE_LINK:
940 break;
941 case NL80211_TDLS_TEARDOWN:
942 case NL80211_TDLS_SETUP:
943 case NL80211_TDLS_DISCOVERY_REQ:
944 /* We don't support in-driver setup/teardown/discovery */
945 return -ENOTSUPP;
946 }
947
948 mutex_lock(&local->mtx);
95224fe8
AN		 949 tdls_dbg(sdata, "TDLS oper %d peer %pM\n", oper, peer);
950
951 switch (oper) {
952 case NL80211_TDLS_ENABLE_LINK:
953 rcu_read_lock();
954 sta = sta_info_get(sdata, peer);
955 if (!sta) {
956 rcu_read_unlock();
17e6a59a
AN		 957 ret = -ENOLINK;
958 break;
95224fe8
AN		 959 }
960
961 set_sta_flag(sta, WLAN_STA_TDLS_PEER_AUTH);
962 rcu_read_unlock();
17e6a59a 963
81dd2b88
AN		 964 WARN_ON_ONCE(is_zero_ether_addr(sdata->u.mgd.tdls_peer) ||
965 !ether_addr_equal(sdata->u.mgd.tdls_peer, peer));
17e6a59a 966 ret = 0;
95224fe8
AN		 967 break;
968 case NL80211_TDLS_DISABLE_LINK:
bb3f8486
LK		 969 /*
970 * The teardown message in ieee80211_tdls_mgmt_teardown() was
971 * created while the queues were stopped, so it might still be
972 * pending. Before flushing the queues we need to be sure the
973 * message is handled by the tasklet handling pending messages,
974 * otherwise we might start destroying the station before
975 * sending the teardown packet.
976 * Note that this only forces the tasklet to flush pendings -
977 * not to stop the tasklet from rescheduling itself.
978 */
979 tasklet_kill(&local->tx_pending_tasklet);
db67d661
AN		 980 /* flush a potentially queued teardown packet */
981 ieee80211_flush_queues(local, sdata);
982
17e6a59a
AN		 983 ret = sta_info_destroy_addr(sdata, peer);
984 break;
95224fe8 985 default:
17e6a59a
AN		 986 ret = -ENOTSUPP;
987 break;
95224fe8
AN		 988 }
989
81dd2b88
AN		 990 if (ret == 0 && ether_addr_equal(sdata->u.mgd.tdls_peer, peer)) {
991 cancel_delayed_work(&sdata->u.mgd.tdls_peer_del_work);
992 eth_zero_addr(sdata->u.mgd.tdls_peer);
17e6a59a
AN		 993 }
994
995 mutex_unlock(&local->mtx);
996 return ret;
95224fe8 997}
c887f0d3
AN		 998
999void ieee80211_tdls_oper_request(struct ieee80211_vif *vif, const u8 *peer,
1000 enum nl80211_tdls_operation oper,
1001 u16 reason_code, gfp_t gfp)
1002{
1003 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
1004
1005 if (vif->type != NL80211_IFTYPE_STATION || !vif->bss_conf.assoc) {
1006 sdata_err(sdata, "Discarding TDLS oper %d - not STA or disconnected\n",
1007 oper);
1008 return;
1009 }
1010
1011 cfg80211_tdls_oper_request(sdata->dev, peer, oper, reason_code, gfp);
1012}
1013EXPORT_SYMBOL(ieee80211_tdls_oper_request);
Linux 6.x block layer and io_uring tree(s)