2 * mac80211 TDLS handling code
4 * Copyright 2006-2010 Johannes Berg <johannes@sipsolutions.net>
5 * Copyright 2014, Intel Corporation
7 * This file is GPLv2 as found in COPYING.
10 #include <linux/ieee80211.h>
11 #include <net/cfg80211.h>
12 #include "ieee80211_i.h"
13 #include "driver-ops.h"
15 /* give usermode some time for retries in setting up the TDLS session */
16 #define TDLS_PEER_SETUP_TIMEOUT (15 * HZ)
18 void ieee80211_tdls_peer_del_work(struct work_struct *wk)
20 struct ieee80211_sub_if_data *sdata;
21 struct ieee80211_local *local;
23 sdata = container_of(wk, struct ieee80211_sub_if_data,
24 tdls_peer_del_work.work);
27 mutex_lock(&local->mtx);
28 if (!is_zero_ether_addr(sdata->tdls_peer)) {
29 tdls_dbg(sdata, "TDLS del peer %pM\n", sdata->tdls_peer);
30 sta_info_destroy_addr(sdata, sdata->tdls_peer);
31 eth_zero_addr(sdata->tdls_peer);
33 mutex_unlock(&local->mtx);
36 static void ieee80211_tdls_add_ext_capab(struct sk_buff *skb)
38 u8 *pos = (void *)skb_put(skb, 7);
40 *pos++ = WLAN_EID_EXT_CAPABILITY;
46 *pos++ = WLAN_EXT_CAPA5_TDLS_ENABLED;
49 static u16 ieee80211_get_tdls_sta_capab(struct ieee80211_sub_if_data *sdata,
52 struct ieee80211_local *local = sdata->local;
55 /* The capability will be 0 when sending a failure code */
60 if (ieee80211_get_sdata_band(sdata) != IEEE80211_BAND_2GHZ)
63 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
64 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
65 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE))
66 capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
71 static void ieee80211_tdls_add_link_ie(struct ieee80211_sub_if_data *sdata,
72 struct sk_buff *skb, const u8 *peer,
75 struct ieee80211_tdls_lnkie *lnkid;
76 const u8 *init_addr, *rsp_addr;
79 init_addr = sdata->vif.addr;
83 rsp_addr = sdata->vif.addr;
86 lnkid = (void *)skb_put(skb, sizeof(struct ieee80211_tdls_lnkie));
88 lnkid->ie_type = WLAN_EID_LINK_ID;
89 lnkid->ie_len = sizeof(struct ieee80211_tdls_lnkie) - 2;
91 memcpy(lnkid->bssid, sdata->u.mgd.bssid, ETH_ALEN);
92 memcpy(lnkid->init_sta, init_addr, ETH_ALEN);
93 memcpy(lnkid->resp_sta, rsp_addr, ETH_ALEN);
97 ieee80211_tdls_add_setup_start_ies(struct ieee80211_sub_if_data *sdata,
98 struct sk_buff *skb, const u8 *peer,
99 u8 action_code, bool initiator,
100 const u8 *extra_ies, size_t extra_ies_len)
102 enum ieee80211_band band = ieee80211_get_sdata_band(sdata);
103 struct ieee80211_local *local = sdata->local;
104 size_t offset = 0, noffset;
107 ieee80211_add_srates_ie(sdata, skb, false, band);
108 ieee80211_add_ext_srates_ie(sdata, skb, false, band);
110 /* add any custom IEs that go before Extended Capabilities */
112 static const u8 before_ext_cap[] = {
115 WLAN_EID_EXT_SUPP_RATES,
116 WLAN_EID_SUPPORTED_CHANNELS,
119 noffset = ieee80211_ie_split(extra_ies, extra_ies_len,
121 ARRAY_SIZE(before_ext_cap),
123 pos = skb_put(skb, noffset - offset);
124 memcpy(pos, extra_ies + offset, noffset - offset);
128 ieee80211_tdls_add_ext_capab(skb);
130 /* add the QoS element if we support it */
131 if (local->hw.queues >= IEEE80211_NUM_ACS &&
132 action_code != WLAN_PUB_ACTION_TDLS_DISCOVER_RES)
133 ieee80211_add_wmm_info_ie(skb_put(skb, 9), 0); /* no U-APSD */
135 /* add any custom IEs that go before HT capabilities */
137 static const u8 before_ht_cap[] = {
140 WLAN_EID_EXT_SUPP_RATES,
141 WLAN_EID_SUPPORTED_CHANNELS,
143 WLAN_EID_EXT_CAPABILITY,
145 WLAN_EID_FAST_BSS_TRANSITION,
146 WLAN_EID_TIMEOUT_INTERVAL,
147 WLAN_EID_SUPPORTED_REGULATORY_CLASSES,
149 noffset = ieee80211_ie_split(extra_ies, extra_ies_len,
151 ARRAY_SIZE(before_ht_cap),
153 pos = skb_put(skb, noffset - offset);
154 memcpy(pos, extra_ies + offset, noffset - offset);
158 /* add any remaining IEs */
160 noffset = extra_ies_len;
161 pos = skb_put(skb, noffset - offset);
162 memcpy(pos, extra_ies + offset, noffset - offset);
165 ieee80211_tdls_add_link_ie(sdata, skb, peer, initiator);
168 static void ieee80211_tdls_add_ies(struct ieee80211_sub_if_data *sdata,
169 struct sk_buff *skb, const u8 *peer,
170 u8 action_code, u16 status_code,
171 bool initiator, const u8 *extra_ies,
172 size_t extra_ies_len)
174 switch (action_code) {
175 case WLAN_TDLS_SETUP_REQUEST:
176 case WLAN_TDLS_SETUP_RESPONSE:
177 case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
178 if (status_code == 0)
179 ieee80211_tdls_add_setup_start_ies(sdata, skb, peer,
185 case WLAN_TDLS_SETUP_CONFIRM:
186 case WLAN_TDLS_TEARDOWN:
187 case WLAN_TDLS_DISCOVERY_REQUEST:
189 memcpy(skb_put(skb, extra_ies_len), extra_ies,
191 if (status_code == 0 || action_code == WLAN_TDLS_TEARDOWN)
192 ieee80211_tdls_add_link_ie(sdata, skb, peer, initiator);
199 ieee80211_prep_tdls_encap_data(struct wiphy *wiphy, struct net_device *dev,
200 const u8 *peer, u8 action_code, u8 dialog_token,
201 u16 status_code, struct sk_buff *skb)
203 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
204 struct ieee80211_tdls_data *tf;
206 tf = (void *)skb_put(skb, offsetof(struct ieee80211_tdls_data, u));
208 memcpy(tf->da, peer, ETH_ALEN);
209 memcpy(tf->sa, sdata->vif.addr, ETH_ALEN);
210 tf->ether_type = cpu_to_be16(ETH_P_TDLS);
211 tf->payload_type = WLAN_TDLS_SNAP_RFTYPE;
213 switch (action_code) {
214 case WLAN_TDLS_SETUP_REQUEST:
215 tf->category = WLAN_CATEGORY_TDLS;
216 tf->action_code = WLAN_TDLS_SETUP_REQUEST;
218 skb_put(skb, sizeof(tf->u.setup_req));
219 tf->u.setup_req.dialog_token = dialog_token;
220 tf->u.setup_req.capability =
221 cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata,
224 case WLAN_TDLS_SETUP_RESPONSE:
225 tf->category = WLAN_CATEGORY_TDLS;
226 tf->action_code = WLAN_TDLS_SETUP_RESPONSE;
228 skb_put(skb, sizeof(tf->u.setup_resp));
229 tf->u.setup_resp.status_code = cpu_to_le16(status_code);
230 tf->u.setup_resp.dialog_token = dialog_token;
231 tf->u.setup_resp.capability =
232 cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata,
235 case WLAN_TDLS_SETUP_CONFIRM:
236 tf->category = WLAN_CATEGORY_TDLS;
237 tf->action_code = WLAN_TDLS_SETUP_CONFIRM;
239 skb_put(skb, sizeof(tf->u.setup_cfm));
240 tf->u.setup_cfm.status_code = cpu_to_le16(status_code);
241 tf->u.setup_cfm.dialog_token = dialog_token;
243 case WLAN_TDLS_TEARDOWN:
244 tf->category = WLAN_CATEGORY_TDLS;
245 tf->action_code = WLAN_TDLS_TEARDOWN;
247 skb_put(skb, sizeof(tf->u.teardown));
248 tf->u.teardown.reason_code = cpu_to_le16(status_code);
250 case WLAN_TDLS_DISCOVERY_REQUEST:
251 tf->category = WLAN_CATEGORY_TDLS;
252 tf->action_code = WLAN_TDLS_DISCOVERY_REQUEST;
254 skb_put(skb, sizeof(tf->u.discover_req));
255 tf->u.discover_req.dialog_token = dialog_token;
265 ieee80211_prep_tdls_direct(struct wiphy *wiphy, struct net_device *dev,
266 const u8 *peer, u8 action_code, u8 dialog_token,
267 u16 status_code, struct sk_buff *skb)
269 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
270 struct ieee80211_mgmt *mgmt;
272 mgmt = (void *)skb_put(skb, 24);
274 memcpy(mgmt->da, peer, ETH_ALEN);
275 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
276 memcpy(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN);
278 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
279 IEEE80211_STYPE_ACTION);
281 switch (action_code) {
282 case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
283 skb_put(skb, 1 + sizeof(mgmt->u.action.u.tdls_discover_resp));
284 mgmt->u.action.category = WLAN_CATEGORY_PUBLIC;
285 mgmt->u.action.u.tdls_discover_resp.action_code =
286 WLAN_PUB_ACTION_TDLS_DISCOVER_RES;
287 mgmt->u.action.u.tdls_discover_resp.dialog_token =
289 mgmt->u.action.u.tdls_discover_resp.capability =
290 cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata,
301 ieee80211_tdls_prep_mgmt_packet(struct wiphy *wiphy, struct net_device *dev,
302 const u8 *peer, u8 action_code,
303 u8 dialog_token, u16 status_code,
304 u32 peer_capability, bool initiator,
305 const u8 *extra_ies, size_t extra_ies_len)
307 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
308 struct ieee80211_local *local = sdata->local;
309 struct sk_buff *skb = NULL;
311 struct sta_info *sta;
314 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
315 max(sizeof(struct ieee80211_mgmt),
316 sizeof(struct ieee80211_tdls_data)) +
317 50 + /* supported rates */
319 26 + /* max(WMM-info, WMM-param) */
321 sizeof(struct ieee80211_tdls_lnkie));
325 skb_reserve(skb, local->hw.extra_tx_headroom);
327 switch (action_code) {
328 case WLAN_TDLS_SETUP_REQUEST:
329 case WLAN_TDLS_SETUP_RESPONSE:
330 case WLAN_TDLS_SETUP_CONFIRM:
331 case WLAN_TDLS_TEARDOWN:
332 case WLAN_TDLS_DISCOVERY_REQUEST:
333 ret = ieee80211_prep_tdls_encap_data(wiphy, dev, peer,
334 action_code, dialog_token,
338 case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
339 ret = ieee80211_prep_tdls_direct(wiphy, dev, peer, action_code,
340 dialog_token, status_code,
353 sta = sta_info_get(sdata, peer);
355 /* infer the initiator if we can, to support old userspace */
356 switch (action_code) {
357 case WLAN_TDLS_SETUP_REQUEST:
359 set_sta_flag(sta, WLAN_STA_TDLS_INITIATOR);
361 case WLAN_TDLS_SETUP_CONFIRM:
362 case WLAN_TDLS_DISCOVERY_REQUEST:
365 case WLAN_TDLS_SETUP_RESPONSE:
367 * In some testing scenarios, we send a request and response.
368 * Make the last packet sent take effect for the initiator
372 clear_sta_flag(sta, WLAN_STA_TDLS_INITIATOR);
374 case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
377 case WLAN_TDLS_TEARDOWN:
378 /* any value is ok */
385 if (sta && test_sta_flag(sta, WLAN_STA_TDLS_INITIATOR))
392 ieee80211_tdls_add_ies(sdata, skb, peer, action_code, status_code,
393 initiator, extra_ies, extra_ies_len);
395 ieee80211_tx_skb(sdata, skb);
400 * According to 802.11z: Setup req/resp are sent in AC_BK, otherwise
401 * we should default to AC_VI.
403 switch (action_code) {
404 case WLAN_TDLS_SETUP_REQUEST:
405 case WLAN_TDLS_SETUP_RESPONSE:
406 skb_set_queue_mapping(skb, IEEE80211_AC_BK);
410 skb_set_queue_mapping(skb, IEEE80211_AC_VI);
415 /* disable bottom halves when entering the Tx path */
417 ret = ieee80211_subif_start_xmit(skb, dev);
428 ieee80211_tdls_mgmt_setup(struct wiphy *wiphy, struct net_device *dev,
429 const u8 *peer, u8 action_code, u8 dialog_token,
430 u16 status_code, u32 peer_capability, bool initiator,
431 const u8 *extra_ies, size_t extra_ies_len)
433 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
434 struct ieee80211_local *local = sdata->local;
437 mutex_lock(&local->mtx);
439 /* we don't support concurrent TDLS peer setups */
440 if (!is_zero_ether_addr(sdata->tdls_peer) &&
441 !ether_addr_equal(sdata->tdls_peer, peer)) {
447 * make sure we have a STA representing the peer so we drop or buffer
448 * non-TDLS-setup frames to the peer. We can't send other packets
449 * during setup through the AP path.
450 * Allow error packets to be sent - sometimes we don't even add a STA
451 * before failing the setup.
453 if (status_code == 0) {
455 if (!sta_info_get(sdata, peer)) {
463 ieee80211_flush_queues(local, sdata);
465 ret = ieee80211_tdls_prep_mgmt_packet(wiphy, dev, peer, action_code,
466 dialog_token, status_code,
467 peer_capability, initiator,
468 extra_ies, extra_ies_len);
472 memcpy(sdata->tdls_peer, peer, ETH_ALEN);
473 ieee80211_queue_delayed_work(&sdata->local->hw,
474 &sdata->tdls_peer_del_work,
475 TDLS_PEER_SETUP_TIMEOUT);
478 mutex_unlock(&local->mtx);
483 ieee80211_tdls_mgmt_teardown(struct wiphy *wiphy, struct net_device *dev,
484 const u8 *peer, u8 action_code, u8 dialog_token,
485 u16 status_code, u32 peer_capability,
486 bool initiator, const u8 *extra_ies,
487 size_t extra_ies_len)
489 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
490 struct ieee80211_local *local = sdata->local;
491 struct sta_info *sta;
495 * No packets can be transmitted to the peer via the AP during setup -
496 * the STA is set as a TDLS peer, but is not authorized.
497 * During teardown, we prevent direct transmissions by stopping the
498 * queues and flushing all direct packets.
500 ieee80211_stop_vif_queues(local, sdata,
501 IEEE80211_QUEUE_STOP_REASON_TDLS_TEARDOWN);
502 ieee80211_flush_queues(local, sdata);
504 ret = ieee80211_tdls_prep_mgmt_packet(wiphy, dev, peer, action_code,
505 dialog_token, status_code,
506 peer_capability, initiator,
507 extra_ies, extra_ies_len);
509 sdata_err(sdata, "Failed sending TDLS teardown packet %d\n",
513 * Remove the STA AUTH flag to force further traffic through the AP. If
514 * the STA was unreachable, it was already removed.
517 sta = sta_info_get(sdata, peer);
519 clear_sta_flag(sta, WLAN_STA_TDLS_PEER_AUTH);
522 ieee80211_wake_vif_queues(local, sdata,
523 IEEE80211_QUEUE_STOP_REASON_TDLS_TEARDOWN);
528 int ieee80211_tdls_mgmt(struct wiphy *wiphy, struct net_device *dev,
529 const u8 *peer, u8 action_code, u8 dialog_token,
530 u16 status_code, u32 peer_capability,
531 bool initiator, const u8 *extra_ies,
532 size_t extra_ies_len)
534 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
537 if (!(wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS))
540 /* make sure we are in managed mode, and associated */
541 if (sdata->vif.type != NL80211_IFTYPE_STATION ||
542 !sdata->u.mgd.associated)
545 switch (action_code) {
546 case WLAN_TDLS_SETUP_REQUEST:
547 case WLAN_TDLS_SETUP_RESPONSE:
548 ret = ieee80211_tdls_mgmt_setup(wiphy, dev, peer, action_code,
549 dialog_token, status_code,
550 peer_capability, initiator,
551 extra_ies, extra_ies_len);
553 case WLAN_TDLS_TEARDOWN:
554 ret = ieee80211_tdls_mgmt_teardown(wiphy, dev, peer,
555 action_code, dialog_token,
557 peer_capability, initiator,
558 extra_ies, extra_ies_len);
560 case WLAN_TDLS_DISCOVERY_REQUEST:
562 * Protect the discovery so we can hear the TDLS discovery
563 * response frame. It is transmitted directly and not buffered
566 drv_mgd_protect_tdls_discover(sdata->local, sdata);
568 case WLAN_TDLS_SETUP_CONFIRM:
569 case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
570 /* no special handling */
571 ret = ieee80211_tdls_prep_mgmt_packet(wiphy, dev, peer,
576 initiator, extra_ies,
584 tdls_dbg(sdata, "TDLS mgmt action %d peer %pM status %d\n",
585 action_code, peer, ret);
589 int ieee80211_tdls_oper(struct wiphy *wiphy, struct net_device *dev,
590 const u8 *peer, enum nl80211_tdls_operation oper)
592 struct sta_info *sta;
593 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
594 struct ieee80211_local *local = sdata->local;
597 if (!(wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS))
600 if (sdata->vif.type != NL80211_IFTYPE_STATION)
604 case NL80211_TDLS_ENABLE_LINK:
605 case NL80211_TDLS_DISABLE_LINK:
607 case NL80211_TDLS_TEARDOWN:
608 case NL80211_TDLS_SETUP:
609 case NL80211_TDLS_DISCOVERY_REQ:
610 /* We don't support in-driver setup/teardown/discovery */
614 mutex_lock(&local->mtx);
615 tdls_dbg(sdata, "TDLS oper %d peer %pM\n", oper, peer);
618 case NL80211_TDLS_ENABLE_LINK:
620 sta = sta_info_get(sdata, peer);
627 set_sta_flag(sta, WLAN_STA_TDLS_PEER_AUTH);
630 WARN_ON_ONCE(is_zero_ether_addr(sdata->tdls_peer) ||
631 !ether_addr_equal(sdata->tdls_peer, peer));
634 case NL80211_TDLS_DISABLE_LINK:
635 /* flush a potentially queued teardown packet */
636 ieee80211_flush_queues(local, sdata);
638 ret = sta_info_destroy_addr(sdata, peer);
645 if (ret == 0 && ether_addr_equal(sdata->tdls_peer, peer)) {
646 cancel_delayed_work(&sdata->tdls_peer_del_work);
647 eth_zero_addr(sdata->tdls_peer);
650 mutex_unlock(&local->mtx);
654 void ieee80211_tdls_oper_request(struct ieee80211_vif *vif, const u8 *peer,
655 enum nl80211_tdls_operation oper,
656 u16 reason_code, gfp_t gfp)
658 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
660 if (vif->type != NL80211_IFTYPE_STATION || !vif->bss_conf.assoc) {
661 sdata_err(sdata, "Discarding TDLS oper %d - not STA or disconnected\n",
666 cfg80211_tdls_oper_request(sdata->dev, peer, oper, reason_code, gfp);
668 EXPORT_SYMBOL(ieee80211_tdls_oper_request);