2 * IBSS mode implementation
3 * Copyright 2003-2008, Jouni Malinen <j@w1.fi>
4 * Copyright 2004, Instant802 Networks, Inc.
5 * Copyright 2005, Devicescape Software, Inc.
6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
7 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
8 * Copyright 2009, Johannes Berg <johannes@sipsolutions.net>
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License version 2 as
12 * published by the Free Software Foundation.
15 #include <linux/delay.h>
16 #include <linux/slab.h>
17 #include <linux/if_ether.h>
18 #include <linux/skbuff.h>
19 #include <linux/if_arp.h>
20 #include <linux/etherdevice.h>
21 #include <linux/rtnetlink.h>
22 #include <net/mac80211.h>
24 #include "ieee80211_i.h"
25 #include "driver-ops.h"
28 #define IEEE80211_SCAN_INTERVAL (2 * HZ)
29 #define IEEE80211_IBSS_JOIN_TIMEOUT (7 * HZ)
31 #define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
32 #define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
34 #define IEEE80211_IBSS_MAX_STA_ENTRIES 128
37 static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
38 const u8 *bssid, const int beacon_int,
39 struct ieee80211_channel *chan,
40 const u32 basic_rates,
41 const u16 capability, u64 tsf,
44 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
45 struct ieee80211_local *local = sdata->local;
46 int rates_n = 0, i, ri;
47 struct ieee80211_mgmt *mgmt;
49 struct ieee80211_supported_band *sband;
50 struct cfg80211_bss *bss;
51 u32 bss_change, rate_flags, rates = 0, rates_added = 0;
52 u8 supp_rates[IEEE80211_MAX_SUPP_RATES];
53 struct cfg80211_chan_def chandef;
54 enum nl80211_bss_scan_width scan_width;
55 struct beacon_data *presp;
59 sdata_assert_lock(sdata);
61 /* Reset own TSF to allow time synchronization work. */
62 drv_reset_tsf(local, sdata);
64 if (!ether_addr_equal(ifibss->bssid, bssid))
65 sta_info_flush(sdata);
67 /* if merging, indicate to driver that we leave the old IBSS */
68 if (sdata->vif.bss_conf.ibss_joined) {
69 sdata->vif.bss_conf.ibss_joined = false;
70 sdata->vif.bss_conf.ibss_creator = false;
71 sdata->vif.bss_conf.enable_beacon = false;
72 netif_carrier_off(sdata->dev);
73 ieee80211_bss_info_change_notify(sdata,
75 BSS_CHANGED_BEACON_ENABLED);
78 presp = rcu_dereference_protected(ifibss->presp,
79 lockdep_is_held(&sdata->wdev.mtx));
80 rcu_assign_pointer(ifibss->presp, NULL);
82 kfree_rcu(presp, rcu_head);
84 sdata->drop_unencrypted = capability & WLAN_CAPABILITY_PRIVACY ? 1 : 0;
86 chandef = ifibss->chandef;
87 if (!cfg80211_reg_can_beacon(local->hw.wiphy, &chandef)) {
88 chandef.width = NL80211_CHAN_WIDTH_20;
89 chandef.center_freq1 = chan->center_freq;
92 ieee80211_vif_release_channel(sdata);
93 if (ieee80211_vif_use_channel(sdata, &chandef,
94 ifibss->fixed_channel ?
95 IEEE80211_CHANCTX_SHARED :
96 IEEE80211_CHANCTX_EXCLUSIVE)) {
97 sdata_info(sdata, "Failed to join IBSS, no channel context\n");
101 memcpy(ifibss->bssid, bssid, ETH_ALEN);
103 sband = local->hw.wiphy->bands[chan->band];
104 shift = ieee80211_vif_get_shift(&sdata->vif);
106 /* Build IBSS probe response */
107 frame_len = sizeof(struct ieee80211_hdr_3addr) +
108 12 /* struct ieee80211_mgmt.u.beacon */ +
109 2 + IEEE80211_MAX_SSID_LEN /* max SSID */ +
110 2 + 8 /* max Supported Rates */ +
111 3 /* max DS params */ +
112 4 /* IBSS params */ +
113 2 + (IEEE80211_MAX_SUPP_RATES - 8) +
114 2 + sizeof(struct ieee80211_ht_cap) +
115 2 + sizeof(struct ieee80211_ht_operation) +
117 presp = kzalloc(sizeof(*presp) + frame_len, GFP_KERNEL);
121 presp->head = (void *)(presp + 1);
123 mgmt = (void *) presp->head;
124 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
125 IEEE80211_STYPE_PROBE_RESP);
126 eth_broadcast_addr(mgmt->da);
127 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
128 memcpy(mgmt->bssid, ifibss->bssid, ETH_ALEN);
129 mgmt->u.beacon.beacon_int = cpu_to_le16(beacon_int);
130 mgmt->u.beacon.timestamp = cpu_to_le64(tsf);
131 mgmt->u.beacon.capab_info = cpu_to_le16(capability);
133 pos = (u8 *)mgmt + offsetof(struct ieee80211_mgmt, u.beacon.variable);
135 *pos++ = WLAN_EID_SSID;
136 *pos++ = ifibss->ssid_len;
137 memcpy(pos, ifibss->ssid, ifibss->ssid_len);
138 pos += ifibss->ssid_len;
140 rate_flags = ieee80211_chandef_rate_flags(&chandef);
141 for (i = 0; i < sband->n_bitrates; i++) {
142 if ((rate_flags & sband->bitrates[i].flags) != rate_flags)
149 *pos++ = WLAN_EID_SUPP_RATES;
150 *pos++ = min_t(int, 8, rates_n);
151 for (ri = 0; ri < sband->n_bitrates; ri++) {
152 int rate = DIV_ROUND_UP(sband->bitrates[ri].bitrate,
155 if (!(rates & BIT(ri)))
158 if (basic_rates & BIT(ri))
160 *pos++ = basic | (u8) rate;
161 if (++rates_added == 8)
165 if (sband->band == IEEE80211_BAND_2GHZ) {
166 *pos++ = WLAN_EID_DS_PARAMS;
168 *pos++ = ieee80211_frequency_to_channel(chan->center_freq);
171 *pos++ = WLAN_EID_IBSS_PARAMS;
173 /* FIX: set ATIM window based on scan results */
177 /* put the remaining rates in WLAN_EID_EXT_SUPP_RATES */
179 *pos++ = WLAN_EID_EXT_SUPP_RATES;
180 *pos++ = rates_n - 8;
181 for (; ri < sband->n_bitrates; ri++) {
182 int rate = DIV_ROUND_UP(sband->bitrates[ri].bitrate,
185 if (!(rates & BIT(ri)))
188 if (basic_rates & BIT(ri))
190 *pos++ = basic | (u8) rate;
194 if (ifibss->ie_len) {
195 memcpy(pos, ifibss->ie, ifibss->ie_len);
196 pos += ifibss->ie_len;
199 /* add HT capability and information IEs */
200 if (chandef.width != NL80211_CHAN_WIDTH_20_NOHT &&
201 chandef.width != NL80211_CHAN_WIDTH_5 &&
202 chandef.width != NL80211_CHAN_WIDTH_10 &&
203 sband->ht_cap.ht_supported) {
204 struct ieee80211_sta_ht_cap ht_cap;
206 memcpy(&ht_cap, &sband->ht_cap, sizeof(ht_cap));
207 ieee80211_apply_htcap_overrides(sdata, &ht_cap);
209 pos = ieee80211_ie_build_ht_cap(pos, &ht_cap, ht_cap.cap);
211 * Note: According to 802.11n-2009 9.13.3.1, HT Protection
212 * field and RIFS Mode are reserved in IBSS mode, therefore
215 pos = ieee80211_ie_build_ht_oper(pos, &sband->ht_cap,
219 if (local->hw.queues >= IEEE80211_NUM_ACS) {
220 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
221 *pos++ = 7; /* len */
222 *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */
225 *pos++ = 2; /* WME */
226 *pos++ = 0; /* WME info */
227 *pos++ = 1; /* WME ver */
228 *pos++ = 0; /* U-APSD no in use */
231 presp->head_len = pos - presp->head;
232 if (WARN_ON(presp->head_len > frame_len))
235 rcu_assign_pointer(ifibss->presp, presp);
237 sdata->vif.bss_conf.enable_beacon = true;
238 sdata->vif.bss_conf.beacon_int = beacon_int;
239 sdata->vif.bss_conf.basic_rates = basic_rates;
240 sdata->vif.bss_conf.ssid_len = ifibss->ssid_len;
241 memcpy(sdata->vif.bss_conf.ssid, ifibss->ssid, ifibss->ssid_len);
242 bss_change = BSS_CHANGED_BEACON_INT;
243 bss_change |= ieee80211_reset_erp_info(sdata);
244 bss_change |= BSS_CHANGED_BSSID;
245 bss_change |= BSS_CHANGED_BEACON;
246 bss_change |= BSS_CHANGED_BEACON_ENABLED;
247 bss_change |= BSS_CHANGED_BASIC_RATES;
248 bss_change |= BSS_CHANGED_HT;
249 bss_change |= BSS_CHANGED_IBSS;
250 bss_change |= BSS_CHANGED_SSID;
253 * In 5 GHz/802.11a, we can always use short slot time.
254 * (IEEE 802.11-2012 18.3.8.7)
256 * In 2.4GHz, we must always use long slots in IBSS for compatibility
258 * (IEEE 802.11-2012 19.4.5)
260 * HT follows these specifications (IEEE 802.11-2012 20.3.18)
262 sdata->vif.bss_conf.use_short_slot = chan->band == IEEE80211_BAND_5GHZ;
263 bss_change |= BSS_CHANGED_ERP_SLOT;
265 sdata->vif.bss_conf.ibss_joined = true;
266 sdata->vif.bss_conf.ibss_creator = creator;
267 ieee80211_bss_info_change_notify(sdata, bss_change);
269 ieee80211_sta_def_wmm_params(sdata, rates, supp_rates);
271 ifibss->state = IEEE80211_IBSS_MLME_JOINED;
272 mod_timer(&ifibss->timer,
273 round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL));
275 scan_width = cfg80211_chandef_to_scan_width(&chandef);
276 bss = cfg80211_inform_bss_width_frame(local->hw.wiphy, chan,
278 presp->head_len, 0, GFP_KERNEL);
279 cfg80211_put_bss(local->hw.wiphy, bss);
280 netif_carrier_on(sdata->dev);
281 cfg80211_ibss_joined(sdata->dev, ifibss->bssid, GFP_KERNEL);
284 static void ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
285 struct ieee80211_bss *bss)
287 struct cfg80211_bss *cbss =
288 container_of((void *)bss, struct cfg80211_bss, priv);
289 struct ieee80211_supported_band *sband;
292 u16 beacon_int = cbss->beacon_interval;
293 const struct cfg80211_bss_ies *ies;
298 sdata_assert_lock(sdata);
303 sband = sdata->local->hw.wiphy->bands[cbss->channel->band];
304 rate_flags = ieee80211_chandef_rate_flags(&sdata->u.ibss.chandef);
305 shift = ieee80211_vif_get_shift(&sdata->vif);
309 for (i = 0; i < bss->supp_rates_len; i++) {
310 int rate = bss->supp_rates[i] & 0x7f;
311 bool is_basic = !!(bss->supp_rates[i] & 0x80);
313 for (j = 0; j < sband->n_bitrates; j++) {
315 if ((rate_flags & sband->bitrates[j].flags)
319 brate = DIV_ROUND_UP(sband->bitrates[j].bitrate,
323 basic_rates |= BIT(j);
330 ies = rcu_dereference(cbss->ies);
334 __ieee80211_sta_join_ibss(sdata, cbss->bssid,
342 static struct sta_info *ieee80211_ibss_finish_sta(struct sta_info *sta)
345 struct ieee80211_sub_if_data *sdata = sta->sdata;
348 memcpy(addr, sta->sta.addr, ETH_ALEN);
350 ibss_dbg(sdata, "Adding new IBSS station %pM\n", addr);
352 sta_info_pre_move_state(sta, IEEE80211_STA_AUTH);
353 sta_info_pre_move_state(sta, IEEE80211_STA_ASSOC);
354 /* authorize the station only if the network is not RSN protected. If
355 * not wait for the userspace to authorize it */
356 if (!sta->sdata->u.ibss.control_port)
357 sta_info_pre_move_state(sta, IEEE80211_STA_AUTHORIZED);
359 rate_control_rate_init(sta);
361 /* If it fails, maybe we raced another insertion? */
362 if (sta_info_insert_rcu(sta))
363 return sta_info_get(sdata, addr);
367 static struct sta_info *
368 ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata, const u8 *bssid,
369 const u8 *addr, u32 supp_rates)
372 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
373 struct ieee80211_local *local = sdata->local;
374 struct sta_info *sta;
375 struct ieee80211_chanctx_conf *chanctx_conf;
376 struct ieee80211_supported_band *sband;
377 enum nl80211_bss_scan_width scan_width;
381 * XXX: Consider removing the least recently used entry and
382 * allow new one to be added.
384 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
385 net_info_ratelimited("%s: No room for a new IBSS STA entry %pM\n",
391 if (ifibss->state == IEEE80211_IBSS_MLME_SEARCH) {
396 if (!ether_addr_equal(bssid, sdata->u.ibss.bssid)) {
402 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
403 if (WARN_ON_ONCE(!chanctx_conf))
405 band = chanctx_conf->def.chan->band;
406 scan_width = cfg80211_chandef_to_scan_width(&chanctx_conf->def);
409 sta = sta_info_alloc(sdata, addr, GFP_KERNEL);
415 sta->last_rx = jiffies;
417 /* make sure mandatory rates are always added */
418 sband = local->hw.wiphy->bands[band];
419 sta->sta.supp_rates[band] = supp_rates |
420 ieee80211_mandatory_rates(sband, scan_width);
422 return ieee80211_ibss_finish_sta(sta);
425 static void ieee80211_rx_mgmt_deauth_ibss(struct ieee80211_sub_if_data *sdata,
426 struct ieee80211_mgmt *mgmt,
429 u16 reason = le16_to_cpu(mgmt->u.deauth.reason_code);
431 if (len < IEEE80211_DEAUTH_FRAME_LEN)
434 ibss_dbg(sdata, "RX DeAuth SA=%pM DA=%pM BSSID=%pM (reason: %d)\n",
435 mgmt->sa, mgmt->da, mgmt->bssid, reason);
436 sta_info_destroy_addr(sdata, mgmt->sa);
439 static void ieee80211_rx_mgmt_auth_ibss(struct ieee80211_sub_if_data *sdata,
440 struct ieee80211_mgmt *mgmt,
443 u16 auth_alg, auth_transaction;
445 sdata_assert_lock(sdata);
450 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
451 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
454 "RX Auth SA=%pM DA=%pM BSSID=%pM (auth_transaction=%d)\n",
455 mgmt->sa, mgmt->da, mgmt->bssid, auth_transaction);
457 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1)
461 * IEEE 802.11 standard does not require authentication in IBSS
462 * networks and most implementations do not seem to use it.
463 * However, try to reply to authentication attempts if someone
464 * has actually implemented this.
466 ieee80211_send_auth(sdata, 2, WLAN_AUTH_OPEN, 0, NULL, 0,
467 mgmt->sa, sdata->u.ibss.bssid, NULL, 0, 0, 0);
470 static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
471 struct ieee80211_mgmt *mgmt, size_t len,
472 struct ieee80211_rx_status *rx_status,
473 struct ieee802_11_elems *elems)
475 struct ieee80211_local *local = sdata->local;
477 struct cfg80211_bss *cbss;
478 struct ieee80211_bss *bss;
479 struct sta_info *sta;
480 struct ieee80211_channel *channel;
481 u64 beacon_timestamp, rx_timestamp;
483 enum ieee80211_band band = rx_status->band;
484 enum nl80211_bss_scan_width scan_width;
485 struct ieee80211_supported_band *sband = local->hw.wiphy->bands[band];
486 bool rates_updated = false;
488 if (elems->ds_params)
489 freq = ieee80211_channel_to_frequency(elems->ds_params[0],
492 freq = rx_status->freq;
494 channel = ieee80211_get_channel(local->hw.wiphy, freq);
496 if (!channel || channel->flags & IEEE80211_CHAN_DISABLED)
499 if (sdata->vif.type == NL80211_IFTYPE_ADHOC &&
500 ether_addr_equal(mgmt->bssid, sdata->u.ibss.bssid)) {
503 sta = sta_info_get(sdata, mgmt->sa);
505 if (elems->supp_rates) {
506 supp_rates = ieee80211_sta_get_rates(sdata, elems,
511 prev_rates = sta->sta.supp_rates[band];
512 /* make sure mandatory rates are always added */
513 scan_width = NL80211_BSS_CHAN_WIDTH_20;
514 if (rx_status->flag & RX_FLAG_5MHZ)
515 scan_width = NL80211_BSS_CHAN_WIDTH_5;
516 if (rx_status->flag & RX_FLAG_10MHZ)
517 scan_width = NL80211_BSS_CHAN_WIDTH_10;
519 sta->sta.supp_rates[band] = supp_rates |
520 ieee80211_mandatory_rates(sband,
522 if (sta->sta.supp_rates[band] != prev_rates) {
524 "updated supp_rates set for %pM based on beacon/probe_resp (0x%x -> 0x%x)\n",
525 sta->sta.addr, prev_rates,
526 sta->sta.supp_rates[band]);
527 rates_updated = true;
531 sta = ieee80211_ibss_add_sta(sdata, mgmt->bssid,
532 mgmt->sa, supp_rates);
536 if (sta && elems->wmm_info)
537 set_sta_flag(sta, WLAN_STA_WME);
539 if (sta && elems->ht_operation && elems->ht_cap_elem &&
540 sdata->u.ibss.chandef.width != NL80211_CHAN_WIDTH_20_NOHT &&
541 sdata->u.ibss.chandef.width != NL80211_CHAN_WIDTH_5 &&
542 sdata->u.ibss.chandef.width != NL80211_CHAN_WIDTH_10) {
544 struct ieee80211_ht_cap htcap_ie;
545 struct cfg80211_chan_def chandef;
547 ieee80211_ht_oper_to_chandef(channel,
551 memcpy(&htcap_ie, elems->ht_cap_elem, sizeof(htcap_ie));
554 * fall back to HT20 if we don't use or use
555 * the other extension channel
557 if (chandef.center_freq1 !=
558 sdata->u.ibss.chandef.center_freq1)
560 cpu_to_le16(~IEEE80211_HT_CAP_SUP_WIDTH_20_40);
562 rates_updated |= ieee80211_ht_cap_ie_to_sta_ht_cap(
563 sdata, sband, &htcap_ie, sta);
566 if (sta && rates_updated) {
567 drv_sta_rc_update(local, sdata, &sta->sta,
568 IEEE80211_RC_SUPP_RATES_CHANGED);
569 rate_control_rate_init(sta);
575 bss = ieee80211_bss_info_update(local, rx_status, mgmt, len, elems,
580 cbss = container_of((void *)bss, struct cfg80211_bss, priv);
582 /* same for beacon and probe response */
583 beacon_timestamp = le64_to_cpu(mgmt->u.beacon.timestamp);
585 /* check if we need to merge IBSS */
587 /* we use a fixed BSSID */
588 if (sdata->u.ibss.fixed_bssid)
592 if (!(cbss->capability & WLAN_CAPABILITY_IBSS))
595 /* different channel */
596 if (sdata->u.ibss.fixed_channel &&
597 sdata->u.ibss.chandef.chan != cbss->channel)
601 if (elems->ssid_len != sdata->u.ibss.ssid_len ||
602 memcmp(elems->ssid, sdata->u.ibss.ssid,
603 sdata->u.ibss.ssid_len))
607 if (ether_addr_equal(cbss->bssid, sdata->u.ibss.bssid))
610 if (ieee80211_have_rx_timestamp(rx_status)) {
611 /* time when timestamp field was received */
613 ieee80211_calculate_rx_timestamp(local, rx_status,
617 * second best option: get current TSF
618 * (will return -1 if not supported)
620 rx_timestamp = drv_get_tsf(local, sdata);
624 "RX beacon SA=%pM BSSID=%pM TSF=0x%llx BCN=0x%llx diff=%lld @%lu\n",
625 mgmt->sa, mgmt->bssid,
626 (unsigned long long)rx_timestamp,
627 (unsigned long long)beacon_timestamp,
628 (unsigned long long)(rx_timestamp - beacon_timestamp),
631 if (beacon_timestamp > rx_timestamp) {
633 "beacon TSF higher than local TSF - IBSS merge with BSSID %pM\n",
635 ieee80211_sta_join_ibss(sdata, bss);
636 supp_rates = ieee80211_sta_get_rates(sdata, elems, band, NULL);
637 ieee80211_ibss_add_sta(sdata, mgmt->bssid, mgmt->sa,
643 ieee80211_rx_bss_put(local, bss);
646 void ieee80211_ibss_rx_no_sta(struct ieee80211_sub_if_data *sdata,
647 const u8 *bssid, const u8 *addr,
650 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
651 struct ieee80211_local *local = sdata->local;
652 struct sta_info *sta;
653 struct ieee80211_chanctx_conf *chanctx_conf;
654 struct ieee80211_supported_band *sband;
655 enum nl80211_bss_scan_width scan_width;
659 * XXX: Consider removing the least recently used entry and
660 * allow new one to be added.
662 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
663 net_info_ratelimited("%s: No room for a new IBSS STA entry %pM\n",
668 if (ifibss->state == IEEE80211_IBSS_MLME_SEARCH)
671 if (!ether_addr_equal(bssid, sdata->u.ibss.bssid))
675 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
676 if (WARN_ON_ONCE(!chanctx_conf)) {
680 band = chanctx_conf->def.chan->band;
681 scan_width = cfg80211_chandef_to_scan_width(&chanctx_conf->def);
684 sta = sta_info_alloc(sdata, addr, GFP_ATOMIC);
688 sta->last_rx = jiffies;
690 /* make sure mandatory rates are always added */
691 sband = local->hw.wiphy->bands[band];
692 sta->sta.supp_rates[band] = supp_rates |
693 ieee80211_mandatory_rates(sband, scan_width);
695 spin_lock(&ifibss->incomplete_lock);
696 list_add(&sta->list, &ifibss->incomplete_stations);
697 spin_unlock(&ifibss->incomplete_lock);
698 ieee80211_queue_work(&local->hw, &sdata->work);
701 static int ieee80211_sta_active_ibss(struct ieee80211_sub_if_data *sdata)
703 struct ieee80211_local *local = sdata->local;
705 struct sta_info *sta;
707 sdata_assert_lock(sdata);
711 list_for_each_entry_rcu(sta, &local->sta_list, list) {
712 if (sta->sdata == sdata &&
713 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL,
726 * This function is called with state == IEEE80211_IBSS_MLME_JOINED
729 static void ieee80211_sta_merge_ibss(struct ieee80211_sub_if_data *sdata)
731 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
732 enum nl80211_bss_scan_width scan_width;
734 sdata_assert_lock(sdata);
736 mod_timer(&ifibss->timer,
737 round_jiffies(jiffies + IEEE80211_IBSS_MERGE_INTERVAL));
739 ieee80211_sta_expire(sdata, IEEE80211_IBSS_INACTIVITY_LIMIT);
741 if (time_before(jiffies, ifibss->last_scan_completed +
742 IEEE80211_IBSS_MERGE_INTERVAL))
745 if (ieee80211_sta_active_ibss(sdata))
748 if (ifibss->fixed_channel)
752 "No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)\n");
754 scan_width = cfg80211_chandef_to_scan_width(&ifibss->chandef);
755 ieee80211_request_ibss_scan(sdata, ifibss->ssid, ifibss->ssid_len,
759 static void ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata)
761 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
766 sdata_assert_lock(sdata);
768 if (ifibss->fixed_bssid) {
769 memcpy(bssid, ifibss->bssid, ETH_ALEN);
771 /* Generate random, not broadcast, locally administered BSSID. Mix in
772 * own MAC address to make sure that devices that do not have proper
773 * random number generator get different BSSID. */
774 get_random_bytes(bssid, ETH_ALEN);
775 for (i = 0; i < ETH_ALEN; i++)
776 bssid[i] ^= sdata->vif.addr[i];
781 sdata_info(sdata, "Creating new IBSS network, BSSID %pM\n", bssid);
783 capability = WLAN_CAPABILITY_IBSS;
786 capability |= WLAN_CAPABILITY_PRIVACY;
788 sdata->drop_unencrypted = 0;
790 __ieee80211_sta_join_ibss(sdata, bssid, sdata->vif.bss_conf.beacon_int,
791 ifibss->chandef.chan, ifibss->basic_rates,
792 capability, 0, true);
796 * This function is called with state == IEEE80211_IBSS_MLME_SEARCH
799 static void ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata)
801 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
802 struct ieee80211_local *local = sdata->local;
803 struct cfg80211_bss *cbss;
804 struct ieee80211_channel *chan = NULL;
805 const u8 *bssid = NULL;
806 enum nl80211_bss_scan_width scan_width;
810 sdata_assert_lock(sdata);
812 active_ibss = ieee80211_sta_active_ibss(sdata);
813 ibss_dbg(sdata, "sta_find_ibss (active_ibss=%d)\n", active_ibss);
818 capability = WLAN_CAPABILITY_IBSS;
820 capability |= WLAN_CAPABILITY_PRIVACY;
821 if (ifibss->fixed_bssid)
822 bssid = ifibss->bssid;
823 if (ifibss->fixed_channel)
824 chan = ifibss->chandef.chan;
825 if (!is_zero_ether_addr(ifibss->bssid))
826 bssid = ifibss->bssid;
827 cbss = cfg80211_get_bss(local->hw.wiphy, chan, bssid,
828 ifibss->ssid, ifibss->ssid_len,
829 WLAN_CAPABILITY_IBSS | WLAN_CAPABILITY_PRIVACY,
833 struct ieee80211_bss *bss;
835 bss = (void *)cbss->priv;
837 "sta_find_ibss: selected %pM current %pM\n",
838 cbss->bssid, ifibss->bssid);
840 "Selected IBSS BSSID %pM based on configured SSID\n",
843 ieee80211_sta_join_ibss(sdata, bss);
844 ieee80211_rx_bss_put(local, bss);
848 ibss_dbg(sdata, "sta_find_ibss: did not try to join ibss\n");
850 /* Selected IBSS not found in current scan results - try to scan */
851 if (time_after(jiffies, ifibss->last_scan_completed +
852 IEEE80211_SCAN_INTERVAL)) {
853 sdata_info(sdata, "Trigger new scan to find an IBSS to join\n");
855 scan_width = cfg80211_chandef_to_scan_width(&ifibss->chandef);
856 ieee80211_request_ibss_scan(sdata, ifibss->ssid,
857 ifibss->ssid_len, chan,
860 int interval = IEEE80211_SCAN_INTERVAL;
862 if (time_after(jiffies, ifibss->ibss_join_req +
863 IEEE80211_IBSS_JOIN_TIMEOUT))
864 ieee80211_sta_create_ibss(sdata);
866 mod_timer(&ifibss->timer,
867 round_jiffies(jiffies + interval));
871 static void ieee80211_rx_mgmt_probe_req(struct ieee80211_sub_if_data *sdata,
874 struct ieee80211_mgmt *mgmt = (void *)req->data;
875 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
876 struct ieee80211_local *local = sdata->local;
877 int tx_last_beacon, len = req->len;
879 struct beacon_data *presp;
882 sdata_assert_lock(sdata);
884 presp = rcu_dereference_protected(ifibss->presp,
885 lockdep_is_held(&sdata->wdev.mtx));
887 if (ifibss->state != IEEE80211_IBSS_MLME_JOINED ||
888 len < 24 + 2 || !presp)
891 tx_last_beacon = drv_tx_last_beacon(local);
894 "RX ProbeReq SA=%pM DA=%pM BSSID=%pM (tx_last_beacon=%d)\n",
895 mgmt->sa, mgmt->da, mgmt->bssid, tx_last_beacon);
897 if (!tx_last_beacon && is_multicast_ether_addr(mgmt->da))
900 if (!ether_addr_equal(mgmt->bssid, ifibss->bssid) &&
901 !is_broadcast_ether_addr(mgmt->bssid))
904 end = ((u8 *) mgmt) + len;
905 pos = mgmt->u.probe_req.variable;
906 if (pos[0] != WLAN_EID_SSID ||
907 pos + 2 + pos[1] > end) {
908 ibss_dbg(sdata, "Invalid SSID IE in ProbeReq from %pM\n",
913 (pos[1] != ifibss->ssid_len ||
914 memcmp(pos + 2, ifibss->ssid, ifibss->ssid_len))) {
915 /* Ignore ProbeReq for foreign SSID */
919 /* Reply with ProbeResp */
920 skb = dev_alloc_skb(local->tx_headroom + presp->head_len);
924 skb_reserve(skb, local->tx_headroom);
925 memcpy(skb_put(skb, presp->head_len), presp->head, presp->head_len);
927 memcpy(((struct ieee80211_mgmt *) skb->data)->da, mgmt->sa, ETH_ALEN);
928 ibss_dbg(sdata, "Sending ProbeResp to %pM\n", mgmt->sa);
929 IEEE80211_SKB_CB(skb)->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
930 ieee80211_tx_skb(sdata, skb);
934 void ieee80211_rx_mgmt_probe_beacon(struct ieee80211_sub_if_data *sdata,
935 struct ieee80211_mgmt *mgmt, size_t len,
936 struct ieee80211_rx_status *rx_status)
939 struct ieee802_11_elems elems;
941 BUILD_BUG_ON(offsetof(typeof(mgmt->u.probe_resp), variable) !=
942 offsetof(typeof(mgmt->u.beacon), variable));
945 * either beacon or probe_resp but the variable field is at the
948 baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt;
952 ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen,
955 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems);
958 void ieee80211_ibss_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
961 struct ieee80211_rx_status *rx_status;
962 struct ieee80211_mgmt *mgmt;
965 rx_status = IEEE80211_SKB_RXCB(skb);
966 mgmt = (struct ieee80211_mgmt *) skb->data;
967 fc = le16_to_cpu(mgmt->frame_control);
971 if (!sdata->u.ibss.ssid_len)
972 goto mgmt_out; /* not ready to merge yet */
974 switch (fc & IEEE80211_FCTL_STYPE) {
975 case IEEE80211_STYPE_PROBE_REQ:
976 ieee80211_rx_mgmt_probe_req(sdata, skb);
978 case IEEE80211_STYPE_PROBE_RESP:
979 case IEEE80211_STYPE_BEACON:
980 ieee80211_rx_mgmt_probe_beacon(sdata, mgmt, skb->len,
983 case IEEE80211_STYPE_AUTH:
984 ieee80211_rx_mgmt_auth_ibss(sdata, mgmt, skb->len);
986 case IEEE80211_STYPE_DEAUTH:
987 ieee80211_rx_mgmt_deauth_ibss(sdata, mgmt, skb->len);
995 void ieee80211_ibss_work(struct ieee80211_sub_if_data *sdata)
997 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
998 struct sta_info *sta;
1003 * Work could be scheduled after scan or similar
1004 * when we aren't even joined (or trying) with a
1007 if (!ifibss->ssid_len)
1010 spin_lock_bh(&ifibss->incomplete_lock);
1011 while (!list_empty(&ifibss->incomplete_stations)) {
1012 sta = list_first_entry(&ifibss->incomplete_stations,
1013 struct sta_info, list);
1014 list_del(&sta->list);
1015 spin_unlock_bh(&ifibss->incomplete_lock);
1017 ieee80211_ibss_finish_sta(sta);
1019 spin_lock_bh(&ifibss->incomplete_lock);
1021 spin_unlock_bh(&ifibss->incomplete_lock);
1023 switch (ifibss->state) {
1024 case IEEE80211_IBSS_MLME_SEARCH:
1025 ieee80211_sta_find_ibss(sdata);
1027 case IEEE80211_IBSS_MLME_JOINED:
1028 ieee80211_sta_merge_ibss(sdata);
1036 sdata_unlock(sdata);
1039 static void ieee80211_ibss_timer(unsigned long data)
1041 struct ieee80211_sub_if_data *sdata =
1042 (struct ieee80211_sub_if_data *) data;
1044 ieee80211_queue_work(&sdata->local->hw, &sdata->work);
1047 void ieee80211_ibss_setup_sdata(struct ieee80211_sub_if_data *sdata)
1049 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1051 setup_timer(&ifibss->timer, ieee80211_ibss_timer,
1052 (unsigned long) sdata);
1053 INIT_LIST_HEAD(&ifibss->incomplete_stations);
1054 spin_lock_init(&ifibss->incomplete_lock);
1057 /* scan finished notification */
1058 void ieee80211_ibss_notify_scan_completed(struct ieee80211_local *local)
1060 struct ieee80211_sub_if_data *sdata;
1062 mutex_lock(&local->iflist_mtx);
1063 list_for_each_entry(sdata, &local->interfaces, list) {
1064 if (!ieee80211_sdata_running(sdata))
1066 if (sdata->vif.type != NL80211_IFTYPE_ADHOC)
1068 sdata->u.ibss.last_scan_completed = jiffies;
1069 ieee80211_queue_work(&local->hw, &sdata->work);
1071 mutex_unlock(&local->iflist_mtx);
1074 int ieee80211_ibss_join(struct ieee80211_sub_if_data *sdata,
1075 struct cfg80211_ibss_params *params)
1079 struct ieee80211_supported_band *sband;
1082 if (params->bssid) {
1083 memcpy(sdata->u.ibss.bssid, params->bssid, ETH_ALEN);
1084 sdata->u.ibss.fixed_bssid = true;
1086 sdata->u.ibss.fixed_bssid = false;
1088 sdata->u.ibss.privacy = params->privacy;
1089 sdata->u.ibss.control_port = params->control_port;
1090 sdata->u.ibss.basic_rates = params->basic_rates;
1092 /* fix basic_rates if channel does not support these rates */
1093 rate_flags = ieee80211_chandef_rate_flags(¶ms->chandef);
1094 sband = sdata->local->hw.wiphy->bands[params->chandef.chan->band];
1095 for (i = 0; i < sband->n_bitrates; i++) {
1096 if ((rate_flags & sband->bitrates[i].flags) != rate_flags)
1097 sdata->u.ibss.basic_rates &= ~BIT(i);
1099 memcpy(sdata->vif.bss_conf.mcast_rate, params->mcast_rate,
1100 sizeof(params->mcast_rate));
1102 sdata->vif.bss_conf.beacon_int = params->beacon_interval;
1104 sdata->u.ibss.chandef = params->chandef;
1105 sdata->u.ibss.fixed_channel = params->channel_fixed;
1108 sdata->u.ibss.ie = kmemdup(params->ie, params->ie_len,
1110 if (sdata->u.ibss.ie)
1111 sdata->u.ibss.ie_len = params->ie_len;
1114 sdata->u.ibss.state = IEEE80211_IBSS_MLME_SEARCH;
1115 sdata->u.ibss.ibss_join_req = jiffies;
1117 memcpy(sdata->u.ibss.ssid, params->ssid, params->ssid_len);
1118 sdata->u.ibss.ssid_len = params->ssid_len;
1120 memcpy(&sdata->u.ibss.ht_capa, ¶ms->ht_capa,
1121 sizeof(sdata->u.ibss.ht_capa));
1122 memcpy(&sdata->u.ibss.ht_capa_mask, ¶ms->ht_capa_mask,
1123 sizeof(sdata->u.ibss.ht_capa_mask));
1126 * 802.11n-2009 9.13.3.1: In an IBSS, the HT Protection field is
1127 * reserved, but an HT STA shall protect HT transmissions as though
1128 * the HT Protection field were set to non-HT mixed mode.
1130 * In an IBSS, the RIFS Mode field of the HT Operation element is
1131 * also reserved, but an HT STA shall operate as though this field
1135 sdata->vif.bss_conf.ht_operation_mode |=
1136 IEEE80211_HT_OP_MODE_PROTECTION_NONHT_MIXED
1137 | IEEE80211_HT_PARAM_RIFS_MODE;
1139 changed |= BSS_CHANGED_HT;
1140 ieee80211_bss_info_change_notify(sdata, changed);
1142 sdata->smps_mode = IEEE80211_SMPS_OFF;
1143 sdata->needed_rx_chains = sdata->local->rx_chains;
1145 ieee80211_queue_work(&sdata->local->hw, &sdata->work);
1150 int ieee80211_ibss_leave(struct ieee80211_sub_if_data *sdata)
1152 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
1153 struct ieee80211_local *local = sdata->local;
1154 struct cfg80211_bss *cbss;
1157 struct sta_info *sta;
1158 struct beacon_data *presp;
1160 active_ibss = ieee80211_sta_active_ibss(sdata);
1162 if (!active_ibss && !is_zero_ether_addr(ifibss->bssid)) {
1163 capability = WLAN_CAPABILITY_IBSS;
1165 if (ifibss->privacy)
1166 capability |= WLAN_CAPABILITY_PRIVACY;
1168 cbss = cfg80211_get_bss(local->hw.wiphy, ifibss->chandef.chan,
1169 ifibss->bssid, ifibss->ssid,
1170 ifibss->ssid_len, WLAN_CAPABILITY_IBSS |
1171 WLAN_CAPABILITY_PRIVACY,
1175 cfg80211_unlink_bss(local->hw.wiphy, cbss);
1176 cfg80211_put_bss(local->hw.wiphy, cbss);
1180 ifibss->state = IEEE80211_IBSS_MLME_SEARCH;
1181 memset(ifibss->bssid, 0, ETH_ALEN);
1182 ifibss->ssid_len = 0;
1184 sta_info_flush(sdata);
1186 spin_lock_bh(&ifibss->incomplete_lock);
1187 while (!list_empty(&ifibss->incomplete_stations)) {
1188 sta = list_first_entry(&ifibss->incomplete_stations,
1189 struct sta_info, list);
1190 list_del(&sta->list);
1191 spin_unlock_bh(&ifibss->incomplete_lock);
1193 sta_info_free(local, sta);
1194 spin_lock_bh(&ifibss->incomplete_lock);
1196 spin_unlock_bh(&ifibss->incomplete_lock);
1198 netif_carrier_off(sdata->dev);
1201 kfree(sdata->u.ibss.ie);
1202 presp = rcu_dereference_protected(ifibss->presp,
1203 lockdep_is_held(&sdata->wdev.mtx));
1204 RCU_INIT_POINTER(sdata->u.ibss.presp, NULL);
1206 /* on the next join, re-program HT parameters */
1207 memset(&ifibss->ht_capa, 0, sizeof(ifibss->ht_capa));
1208 memset(&ifibss->ht_capa_mask, 0, sizeof(ifibss->ht_capa_mask));
1210 sdata->vif.bss_conf.ibss_joined = false;
1211 sdata->vif.bss_conf.ibss_creator = false;
1212 sdata->vif.bss_conf.enable_beacon = false;
1213 sdata->vif.bss_conf.ssid_len = 0;
1214 clear_bit(SDATA_STATE_OFFCHANNEL_BEACON_STOPPED, &sdata->state);
1215 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED |
1220 skb_queue_purge(&sdata->skb_queue);
1222 del_timer_sync(&sdata->u.ibss.timer);