1*4882a593Smuzhiyun // SPDX-License-Identifier: GPL-2.0-only
2*4882a593Smuzhiyun /*
3*4882a593Smuzhiyun * mac80211 TDLS handling code
4*4882a593Smuzhiyun *
5*4882a593Smuzhiyun * Copyright 2006-2010 Johannes Berg <johannes@sipsolutions.net>
6*4882a593Smuzhiyun * Copyright 2014, Intel Corporation
7*4882a593Smuzhiyun * Copyright 2014 Intel Mobile Communications GmbH
8*4882a593Smuzhiyun * Copyright 2015 - 2016 Intel Deutschland GmbH
9*4882a593Smuzhiyun * Copyright (C) 2019 Intel Corporation
10*4882a593Smuzhiyun */
11*4882a593Smuzhiyun
12*4882a593Smuzhiyun #include <linux/ieee80211.h>
13*4882a593Smuzhiyun #include <linux/log2.h>
14*4882a593Smuzhiyun #include <net/cfg80211.h>
15*4882a593Smuzhiyun #include <linux/rtnetlink.h>
16*4882a593Smuzhiyun #include "ieee80211_i.h"
17*4882a593Smuzhiyun #include "driver-ops.h"
18*4882a593Smuzhiyun #include "rate.h"
19*4882a593Smuzhiyun #include "wme.h"
20*4882a593Smuzhiyun
21*4882a593Smuzhiyun /* give usermode some time for retries in setting up the TDLS session */
22*4882a593Smuzhiyun #define TDLS_PEER_SETUP_TIMEOUT (15 * HZ)
23*4882a593Smuzhiyun
ieee80211_tdls_peer_del_work(struct work_struct * wk)24*4882a593Smuzhiyun void ieee80211_tdls_peer_del_work(struct work_struct *wk)
25*4882a593Smuzhiyun {
26*4882a593Smuzhiyun struct ieee80211_sub_if_data *sdata;
27*4882a593Smuzhiyun struct ieee80211_local *local;
28*4882a593Smuzhiyun
29*4882a593Smuzhiyun sdata = container_of(wk, struct ieee80211_sub_if_data,
30*4882a593Smuzhiyun u.mgd.tdls_peer_del_work.work);
31*4882a593Smuzhiyun local = sdata->local;
32*4882a593Smuzhiyun
33*4882a593Smuzhiyun mutex_lock(&local->mtx);
34*4882a593Smuzhiyun if (!is_zero_ether_addr(sdata->u.mgd.tdls_peer)) {
35*4882a593Smuzhiyun tdls_dbg(sdata, "TDLS del peer %pM\n", sdata->u.mgd.tdls_peer);
36*4882a593Smuzhiyun sta_info_destroy_addr(sdata, sdata->u.mgd.tdls_peer);
37*4882a593Smuzhiyun eth_zero_addr(sdata->u.mgd.tdls_peer);
38*4882a593Smuzhiyun }
39*4882a593Smuzhiyun mutex_unlock(&local->mtx);
40*4882a593Smuzhiyun }
41*4882a593Smuzhiyun
ieee80211_tdls_add_ext_capab(struct ieee80211_sub_if_data * sdata,struct sk_buff * skb)42*4882a593Smuzhiyun static void ieee80211_tdls_add_ext_capab(struct ieee80211_sub_if_data *sdata,
43*4882a593Smuzhiyun struct sk_buff *skb)
44*4882a593Smuzhiyun {
45*4882a593Smuzhiyun struct ieee80211_local *local = sdata->local;
46*4882a593Smuzhiyun struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
47*4882a593Smuzhiyun bool chan_switch = local->hw.wiphy->features &
48*4882a593Smuzhiyun NL80211_FEATURE_TDLS_CHANNEL_SWITCH;
49*4882a593Smuzhiyun bool wider_band = ieee80211_hw_check(&local->hw, TDLS_WIDER_BW) &&
50*4882a593Smuzhiyun !ifmgd->tdls_wider_bw_prohibited;
51*4882a593Smuzhiyun bool buffer_sta = ieee80211_hw_check(&local->hw,
52*4882a593Smuzhiyun SUPPORTS_TDLS_BUFFER_STA);
53*4882a593Smuzhiyun struct ieee80211_supported_band *sband = ieee80211_get_sband(sdata);
54*4882a593Smuzhiyun bool vht = sband && sband->vht_cap.vht_supported;
55*4882a593Smuzhiyun u8 *pos = skb_put(skb, 10);
56*4882a593Smuzhiyun
57*4882a593Smuzhiyun *pos++ = WLAN_EID_EXT_CAPABILITY;
58*4882a593Smuzhiyun *pos++ = 8; /* len */
59*4882a593Smuzhiyun *pos++ = 0x0;
60*4882a593Smuzhiyun *pos++ = 0x0;
61*4882a593Smuzhiyun *pos++ = 0x0;
62*4882a593Smuzhiyun *pos++ = (chan_switch ? WLAN_EXT_CAPA4_TDLS_CHAN_SWITCH : 0) |
63*4882a593Smuzhiyun (buffer_sta ? WLAN_EXT_CAPA4_TDLS_BUFFER_STA : 0);
64*4882a593Smuzhiyun *pos++ = WLAN_EXT_CAPA5_TDLS_ENABLED;
65*4882a593Smuzhiyun *pos++ = 0;
66*4882a593Smuzhiyun *pos++ = 0;
67*4882a593Smuzhiyun *pos++ = (vht && wider_band) ? WLAN_EXT_CAPA8_TDLS_WIDE_BW_ENABLED : 0;
68*4882a593Smuzhiyun }
69*4882a593Smuzhiyun
70*4882a593Smuzhiyun static u8
ieee80211_tdls_add_subband(struct ieee80211_sub_if_data * sdata,struct sk_buff * skb,u16 start,u16 end,u16 spacing)71*4882a593Smuzhiyun ieee80211_tdls_add_subband(struct ieee80211_sub_if_data *sdata,
72*4882a593Smuzhiyun struct sk_buff *skb, u16 start, u16 end,
73*4882a593Smuzhiyun u16 spacing)
74*4882a593Smuzhiyun {
75*4882a593Smuzhiyun u8 subband_cnt = 0, ch_cnt = 0;
76*4882a593Smuzhiyun struct ieee80211_channel *ch;
77*4882a593Smuzhiyun struct cfg80211_chan_def chandef;
78*4882a593Smuzhiyun int i, subband_start;
79*4882a593Smuzhiyun struct wiphy *wiphy = sdata->local->hw.wiphy;
80*4882a593Smuzhiyun
81*4882a593Smuzhiyun for (i = start; i <= end; i += spacing) {
82*4882a593Smuzhiyun if (!ch_cnt)
83*4882a593Smuzhiyun subband_start = i;
84*4882a593Smuzhiyun
85*4882a593Smuzhiyun ch = ieee80211_get_channel(sdata->local->hw.wiphy, i);
86*4882a593Smuzhiyun if (ch) {
87*4882a593Smuzhiyun /* we will be active on the channel */
88*4882a593Smuzhiyun cfg80211_chandef_create(&chandef, ch,
89*4882a593Smuzhiyun NL80211_CHAN_NO_HT);
90*4882a593Smuzhiyun if (cfg80211_reg_can_beacon_relax(wiphy, &chandef,
91*4882a593Smuzhiyun sdata->wdev.iftype)) {
92*4882a593Smuzhiyun ch_cnt++;
93*4882a593Smuzhiyun /*
94*4882a593Smuzhiyun * check if the next channel is also part of
95*4882a593Smuzhiyun * this allowed range
96*4882a593Smuzhiyun */
97*4882a593Smuzhiyun continue;
98*4882a593Smuzhiyun }
99*4882a593Smuzhiyun }
100*4882a593Smuzhiyun
101*4882a593Smuzhiyun /*
102*4882a593Smuzhiyun * we've reached the end of a range, with allowed channels
103*4882a593Smuzhiyun * found
104*4882a593Smuzhiyun */
105*4882a593Smuzhiyun if (ch_cnt) {
106*4882a593Smuzhiyun u8 *pos = skb_put(skb, 2);
107*4882a593Smuzhiyun *pos++ = ieee80211_frequency_to_channel(subband_start);
108*4882a593Smuzhiyun *pos++ = ch_cnt;
109*4882a593Smuzhiyun
110*4882a593Smuzhiyun subband_cnt++;
111*4882a593Smuzhiyun ch_cnt = 0;
112*4882a593Smuzhiyun }
113*4882a593Smuzhiyun }
114*4882a593Smuzhiyun
115*4882a593Smuzhiyun /* all channels in the requested range are allowed - add them here */
116*4882a593Smuzhiyun if (ch_cnt) {
117*4882a593Smuzhiyun u8 *pos = skb_put(skb, 2);
118*4882a593Smuzhiyun *pos++ = ieee80211_frequency_to_channel(subband_start);
119*4882a593Smuzhiyun *pos++ = ch_cnt;
120*4882a593Smuzhiyun
121*4882a593Smuzhiyun subband_cnt++;
122*4882a593Smuzhiyun }
123*4882a593Smuzhiyun
124*4882a593Smuzhiyun return subband_cnt;
125*4882a593Smuzhiyun }
126*4882a593Smuzhiyun
127*4882a593Smuzhiyun static void
ieee80211_tdls_add_supp_channels(struct ieee80211_sub_if_data * sdata,struct sk_buff * skb)128*4882a593Smuzhiyun ieee80211_tdls_add_supp_channels(struct ieee80211_sub_if_data *sdata,
129*4882a593Smuzhiyun struct sk_buff *skb)
130*4882a593Smuzhiyun {
131*4882a593Smuzhiyun /*
132*4882a593Smuzhiyun * Add possible channels for TDLS. These are channels that are allowed
133*4882a593Smuzhiyun * to be active.
134*4882a593Smuzhiyun */
135*4882a593Smuzhiyun u8 subband_cnt;
136*4882a593Smuzhiyun u8 *pos = skb_put(skb, 2);
137*4882a593Smuzhiyun
138*4882a593Smuzhiyun *pos++ = WLAN_EID_SUPPORTED_CHANNELS;
139*4882a593Smuzhiyun
140*4882a593Smuzhiyun /*
141*4882a593Smuzhiyun * 5GHz and 2GHz channels numbers can overlap. Ignore this for now, as
142*4882a593Smuzhiyun * this doesn't happen in real world scenarios.
143*4882a593Smuzhiyun */
144*4882a593Smuzhiyun
145*4882a593Smuzhiyun /* 2GHz, with 5MHz spacing */
146*4882a593Smuzhiyun subband_cnt = ieee80211_tdls_add_subband(sdata, skb, 2412, 2472, 5);
147*4882a593Smuzhiyun
148*4882a593Smuzhiyun /* 5GHz, with 20MHz spacing */
149*4882a593Smuzhiyun subband_cnt += ieee80211_tdls_add_subband(sdata, skb, 5000, 5825, 20);
150*4882a593Smuzhiyun
151*4882a593Smuzhiyun /* length */
152*4882a593Smuzhiyun *pos = 2 * subband_cnt;
153*4882a593Smuzhiyun }
154*4882a593Smuzhiyun
ieee80211_tdls_add_oper_classes(struct ieee80211_sub_if_data * sdata,struct sk_buff * skb)155*4882a593Smuzhiyun static void ieee80211_tdls_add_oper_classes(struct ieee80211_sub_if_data *sdata,
156*4882a593Smuzhiyun struct sk_buff *skb)
157*4882a593Smuzhiyun {
158*4882a593Smuzhiyun u8 *pos;
159*4882a593Smuzhiyun u8 op_class;
160*4882a593Smuzhiyun
161*4882a593Smuzhiyun if (!ieee80211_chandef_to_operating_class(&sdata->vif.bss_conf.chandef,
162*4882a593Smuzhiyun &op_class))
163*4882a593Smuzhiyun return;
164*4882a593Smuzhiyun
165*4882a593Smuzhiyun pos = skb_put(skb, 4);
166*4882a593Smuzhiyun *pos++ = WLAN_EID_SUPPORTED_REGULATORY_CLASSES;
167*4882a593Smuzhiyun *pos++ = 2; /* len */
168*4882a593Smuzhiyun
169*4882a593Smuzhiyun *pos++ = op_class;
170*4882a593Smuzhiyun *pos++ = op_class; /* give current operating class as alternate too */
171*4882a593Smuzhiyun }
172*4882a593Smuzhiyun
ieee80211_tdls_add_bss_coex_ie(struct sk_buff * skb)173*4882a593Smuzhiyun static void ieee80211_tdls_add_bss_coex_ie(struct sk_buff *skb)
174*4882a593Smuzhiyun {
175*4882a593Smuzhiyun u8 *pos = skb_put(skb, 3);
176*4882a593Smuzhiyun
177*4882a593Smuzhiyun *pos++ = WLAN_EID_BSS_COEX_2040;
178*4882a593Smuzhiyun *pos++ = 1; /* len */
179*4882a593Smuzhiyun
180*4882a593Smuzhiyun *pos++ = WLAN_BSS_COEX_INFORMATION_REQUEST;
181*4882a593Smuzhiyun }
182*4882a593Smuzhiyun
ieee80211_get_tdls_sta_capab(struct ieee80211_sub_if_data * sdata,u16 status_code)183*4882a593Smuzhiyun static u16 ieee80211_get_tdls_sta_capab(struct ieee80211_sub_if_data *sdata,
184*4882a593Smuzhiyun u16 status_code)
185*4882a593Smuzhiyun {
186*4882a593Smuzhiyun struct ieee80211_supported_band *sband;
187*4882a593Smuzhiyun
188*4882a593Smuzhiyun /* The capability will be 0 when sending a failure code */
189*4882a593Smuzhiyun if (status_code != 0)
190*4882a593Smuzhiyun return 0;
191*4882a593Smuzhiyun
192*4882a593Smuzhiyun sband = ieee80211_get_sband(sdata);
193*4882a593Smuzhiyun if (sband && sband->band == NL80211_BAND_2GHZ) {
194*4882a593Smuzhiyun return WLAN_CAPABILITY_SHORT_SLOT_TIME |
195*4882a593Smuzhiyun WLAN_CAPABILITY_SHORT_PREAMBLE;
196*4882a593Smuzhiyun }
197*4882a593Smuzhiyun
198*4882a593Smuzhiyun return 0;
199*4882a593Smuzhiyun }
200*4882a593Smuzhiyun
ieee80211_tdls_add_link_ie(struct ieee80211_sub_if_data * sdata,struct sk_buff * skb,const u8 * peer,bool initiator)201*4882a593Smuzhiyun static void ieee80211_tdls_add_link_ie(struct ieee80211_sub_if_data *sdata,
202*4882a593Smuzhiyun struct sk_buff *skb, const u8 *peer,
203*4882a593Smuzhiyun bool initiator)
204*4882a593Smuzhiyun {
205*4882a593Smuzhiyun struct ieee80211_tdls_lnkie *lnkid;
206*4882a593Smuzhiyun const u8 *init_addr, *rsp_addr;
207*4882a593Smuzhiyun
208*4882a593Smuzhiyun if (initiator) {
209*4882a593Smuzhiyun init_addr = sdata->vif.addr;
210*4882a593Smuzhiyun rsp_addr = peer;
211*4882a593Smuzhiyun } else {
212*4882a593Smuzhiyun init_addr = peer;
213*4882a593Smuzhiyun rsp_addr = sdata->vif.addr;
214*4882a593Smuzhiyun }
215*4882a593Smuzhiyun
216*4882a593Smuzhiyun lnkid = skb_put(skb, sizeof(struct ieee80211_tdls_lnkie));
217*4882a593Smuzhiyun
218*4882a593Smuzhiyun lnkid->ie_type = WLAN_EID_LINK_ID;
219*4882a593Smuzhiyun lnkid->ie_len = sizeof(struct ieee80211_tdls_lnkie) - 2;
220*4882a593Smuzhiyun
221*4882a593Smuzhiyun memcpy(lnkid->bssid, sdata->u.mgd.bssid, ETH_ALEN);
222*4882a593Smuzhiyun memcpy(lnkid->init_sta, init_addr, ETH_ALEN);
223*4882a593Smuzhiyun memcpy(lnkid->resp_sta, rsp_addr, ETH_ALEN);
224*4882a593Smuzhiyun }
225*4882a593Smuzhiyun
226*4882a593Smuzhiyun static void
ieee80211_tdls_add_aid(struct ieee80211_sub_if_data * sdata,struct sk_buff * skb)227*4882a593Smuzhiyun ieee80211_tdls_add_aid(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb)
228*4882a593Smuzhiyun {
229*4882a593Smuzhiyun u8 *pos = skb_put(skb, 4);
230*4882a593Smuzhiyun
231*4882a593Smuzhiyun *pos++ = WLAN_EID_AID;
232*4882a593Smuzhiyun *pos++ = 2; /* len */
233*4882a593Smuzhiyun put_unaligned_le16(sdata->vif.bss_conf.aid, pos);
234*4882a593Smuzhiyun }
235*4882a593Smuzhiyun
236*4882a593Smuzhiyun /* translate numbering in the WMM parameter IE to the mac80211 notation */
ieee80211_ac_from_wmm(int ac)237*4882a593Smuzhiyun static enum ieee80211_ac_numbers ieee80211_ac_from_wmm(int ac)
238*4882a593Smuzhiyun {
239*4882a593Smuzhiyun switch (ac) {
240*4882a593Smuzhiyun default:
241*4882a593Smuzhiyun WARN_ON_ONCE(1);
242*4882a593Smuzhiyun fallthrough;
243*4882a593Smuzhiyun case 0:
244*4882a593Smuzhiyun return IEEE80211_AC_BE;
245*4882a593Smuzhiyun case 1:
246*4882a593Smuzhiyun return IEEE80211_AC_BK;
247*4882a593Smuzhiyun case 2:
248*4882a593Smuzhiyun return IEEE80211_AC_VI;
249*4882a593Smuzhiyun case 3:
250*4882a593Smuzhiyun return IEEE80211_AC_VO;
251*4882a593Smuzhiyun }
252*4882a593Smuzhiyun }
253*4882a593Smuzhiyun
ieee80211_wmm_aci_aifsn(int aifsn,bool acm,int aci)254*4882a593Smuzhiyun static u8 ieee80211_wmm_aci_aifsn(int aifsn, bool acm, int aci)
255*4882a593Smuzhiyun {
256*4882a593Smuzhiyun u8 ret;
257*4882a593Smuzhiyun
258*4882a593Smuzhiyun ret = aifsn & 0x0f;
259*4882a593Smuzhiyun if (acm)
260*4882a593Smuzhiyun ret |= 0x10;
261*4882a593Smuzhiyun ret |= (aci << 5) & 0x60;
262*4882a593Smuzhiyun return ret;
263*4882a593Smuzhiyun }
264*4882a593Smuzhiyun
ieee80211_wmm_ecw(u16 cw_min,u16 cw_max)265*4882a593Smuzhiyun static u8 ieee80211_wmm_ecw(u16 cw_min, u16 cw_max)
266*4882a593Smuzhiyun {
267*4882a593Smuzhiyun return ((ilog2(cw_min + 1) << 0x0) & 0x0f) |
268*4882a593Smuzhiyun ((ilog2(cw_max + 1) << 0x4) & 0xf0);
269*4882a593Smuzhiyun }
270*4882a593Smuzhiyun
ieee80211_tdls_add_wmm_param_ie(struct ieee80211_sub_if_data * sdata,struct sk_buff * skb)271*4882a593Smuzhiyun static void ieee80211_tdls_add_wmm_param_ie(struct ieee80211_sub_if_data *sdata,
272*4882a593Smuzhiyun struct sk_buff *skb)
273*4882a593Smuzhiyun {
274*4882a593Smuzhiyun struct ieee80211_wmm_param_ie *wmm;
275*4882a593Smuzhiyun struct ieee80211_tx_queue_params *txq;
276*4882a593Smuzhiyun int i;
277*4882a593Smuzhiyun
278*4882a593Smuzhiyun wmm = skb_put_zero(skb, sizeof(*wmm));
279*4882a593Smuzhiyun
280*4882a593Smuzhiyun wmm->element_id = WLAN_EID_VENDOR_SPECIFIC;
281*4882a593Smuzhiyun wmm->len = sizeof(*wmm) - 2;
282*4882a593Smuzhiyun
283*4882a593Smuzhiyun wmm->oui[0] = 0x00; /* Microsoft OUI 00:50:F2 */
284*4882a593Smuzhiyun wmm->oui[1] = 0x50;
285*4882a593Smuzhiyun wmm->oui[2] = 0xf2;
286*4882a593Smuzhiyun wmm->oui_type = 2; /* WME */
287*4882a593Smuzhiyun wmm->oui_subtype = 1; /* WME param */
288*4882a593Smuzhiyun wmm->version = 1; /* WME ver */
289*4882a593Smuzhiyun wmm->qos_info = 0; /* U-APSD not in use */
290*4882a593Smuzhiyun
291*4882a593Smuzhiyun /*
292*4882a593Smuzhiyun * Use the EDCA parameters defined for the BSS, or default if the AP
293*4882a593Smuzhiyun * doesn't support it, as mandated by 802.11-2012 section 10.22.4
294*4882a593Smuzhiyun */
295*4882a593Smuzhiyun for (i = 0; i < IEEE80211_NUM_ACS; i++) {
296*4882a593Smuzhiyun txq = &sdata->tx_conf[ieee80211_ac_from_wmm(i)];
297*4882a593Smuzhiyun wmm->ac[i].aci_aifsn = ieee80211_wmm_aci_aifsn(txq->aifs,
298*4882a593Smuzhiyun txq->acm, i);
299*4882a593Smuzhiyun wmm->ac[i].cw = ieee80211_wmm_ecw(txq->cw_min, txq->cw_max);
300*4882a593Smuzhiyun wmm->ac[i].txop_limit = cpu_to_le16(txq->txop);
301*4882a593Smuzhiyun }
302*4882a593Smuzhiyun }
303*4882a593Smuzhiyun
304*4882a593Smuzhiyun static void
ieee80211_tdls_chandef_vht_upgrade(struct ieee80211_sub_if_data * sdata,struct sta_info * sta)305*4882a593Smuzhiyun ieee80211_tdls_chandef_vht_upgrade(struct ieee80211_sub_if_data *sdata,
306*4882a593Smuzhiyun struct sta_info *sta)
307*4882a593Smuzhiyun {
308*4882a593Smuzhiyun /* IEEE802.11ac-2013 Table E-4 */
309*4882a593Smuzhiyun u16 centers_80mhz[] = { 5210, 5290, 5530, 5610, 5690, 5775 };
310*4882a593Smuzhiyun struct cfg80211_chan_def uc = sta->tdls_chandef;
311*4882a593Smuzhiyun enum nl80211_chan_width max_width = ieee80211_sta_cap_chan_bw(sta);
312*4882a593Smuzhiyun int i;
313*4882a593Smuzhiyun
314*4882a593Smuzhiyun /* only support upgrading non-narrow channels up to 80Mhz */
315*4882a593Smuzhiyun if (max_width == NL80211_CHAN_WIDTH_5 ||
316*4882a593Smuzhiyun max_width == NL80211_CHAN_WIDTH_10)
317*4882a593Smuzhiyun return;
318*4882a593Smuzhiyun
319*4882a593Smuzhiyun if (max_width > NL80211_CHAN_WIDTH_80)
320*4882a593Smuzhiyun max_width = NL80211_CHAN_WIDTH_80;
321*4882a593Smuzhiyun
322*4882a593Smuzhiyun if (uc.width >= max_width)
323*4882a593Smuzhiyun return;
324*4882a593Smuzhiyun /*
325*4882a593Smuzhiyun * Channel usage constrains in the IEEE802.11ac-2013 specification only
326*4882a593Smuzhiyun * allow expanding a 20MHz channel to 80MHz in a single way. In
327*4882a593Smuzhiyun * addition, there are no 40MHz allowed channels that are not part of
328*4882a593Smuzhiyun * the allowed 80MHz range in the 5GHz spectrum (the relevant one here).
329*4882a593Smuzhiyun */
330*4882a593Smuzhiyun for (i = 0; i < ARRAY_SIZE(centers_80mhz); i++)
331*4882a593Smuzhiyun if (abs(uc.chan->center_freq - centers_80mhz[i]) <= 30) {
332*4882a593Smuzhiyun uc.center_freq1 = centers_80mhz[i];
333*4882a593Smuzhiyun uc.center_freq2 = 0;
334*4882a593Smuzhiyun uc.width = NL80211_CHAN_WIDTH_80;
335*4882a593Smuzhiyun break;
336*4882a593Smuzhiyun }
337*4882a593Smuzhiyun
338*4882a593Smuzhiyun if (!uc.center_freq1)
339*4882a593Smuzhiyun return;
340*4882a593Smuzhiyun
341*4882a593Smuzhiyun /* proceed to downgrade the chandef until usable or the same as AP BW */
342*4882a593Smuzhiyun while (uc.width > max_width ||
343*4882a593Smuzhiyun (uc.width > sta->tdls_chandef.width &&
344*4882a593Smuzhiyun !cfg80211_reg_can_beacon_relax(sdata->local->hw.wiphy, &uc,
345*4882a593Smuzhiyun sdata->wdev.iftype)))
346*4882a593Smuzhiyun ieee80211_chandef_downgrade(&uc);
347*4882a593Smuzhiyun
348*4882a593Smuzhiyun if (!cfg80211_chandef_identical(&uc, &sta->tdls_chandef)) {
349*4882a593Smuzhiyun tdls_dbg(sdata, "TDLS ch width upgraded %d -> %d\n",
350*4882a593Smuzhiyun sta->tdls_chandef.width, uc.width);
351*4882a593Smuzhiyun
352*4882a593Smuzhiyun /*
353*4882a593Smuzhiyun * the station is not yet authorized when BW upgrade is done,
354*4882a593Smuzhiyun * locking is not required
355*4882a593Smuzhiyun */
356*4882a593Smuzhiyun sta->tdls_chandef = uc;
357*4882a593Smuzhiyun }
358*4882a593Smuzhiyun }
359*4882a593Smuzhiyun
360*4882a593Smuzhiyun static void
ieee80211_tdls_add_setup_start_ies(struct ieee80211_sub_if_data * sdata,struct sk_buff * skb,const u8 * peer,u8 action_code,bool initiator,const u8 * extra_ies,size_t extra_ies_len)361*4882a593Smuzhiyun ieee80211_tdls_add_setup_start_ies(struct ieee80211_sub_if_data *sdata,
362*4882a593Smuzhiyun struct sk_buff *skb, const u8 *peer,
363*4882a593Smuzhiyun u8 action_code, bool initiator,
364*4882a593Smuzhiyun const u8 *extra_ies, size_t extra_ies_len)
365*4882a593Smuzhiyun {
366*4882a593Smuzhiyun struct ieee80211_supported_band *sband;
367*4882a593Smuzhiyun struct ieee80211_local *local = sdata->local;
368*4882a593Smuzhiyun struct ieee80211_sta_ht_cap ht_cap;
369*4882a593Smuzhiyun struct ieee80211_sta_vht_cap vht_cap;
370*4882a593Smuzhiyun struct sta_info *sta = NULL;
371*4882a593Smuzhiyun size_t offset = 0, noffset;
372*4882a593Smuzhiyun u8 *pos;
373*4882a593Smuzhiyun
374*4882a593Smuzhiyun sband = ieee80211_get_sband(sdata);
375*4882a593Smuzhiyun if (!sband)
376*4882a593Smuzhiyun return;
377*4882a593Smuzhiyun
378*4882a593Smuzhiyun ieee80211_add_srates_ie(sdata, skb, false, sband->band);
379*4882a593Smuzhiyun ieee80211_add_ext_srates_ie(sdata, skb, false, sband->band);
380*4882a593Smuzhiyun ieee80211_tdls_add_supp_channels(sdata, skb);
381*4882a593Smuzhiyun
382*4882a593Smuzhiyun /* add any custom IEs that go before Extended Capabilities */
383*4882a593Smuzhiyun if (extra_ies_len) {
384*4882a593Smuzhiyun static const u8 before_ext_cap[] = {
385*4882a593Smuzhiyun WLAN_EID_SUPP_RATES,
386*4882a593Smuzhiyun WLAN_EID_COUNTRY,
387*4882a593Smuzhiyun WLAN_EID_EXT_SUPP_RATES,
388*4882a593Smuzhiyun WLAN_EID_SUPPORTED_CHANNELS,
389*4882a593Smuzhiyun WLAN_EID_RSN,
390*4882a593Smuzhiyun };
391*4882a593Smuzhiyun noffset = ieee80211_ie_split(extra_ies, extra_ies_len,
392*4882a593Smuzhiyun before_ext_cap,
393*4882a593Smuzhiyun ARRAY_SIZE(before_ext_cap),
394*4882a593Smuzhiyun offset);
395*4882a593Smuzhiyun skb_put_data(skb, extra_ies + offset, noffset - offset);
396*4882a593Smuzhiyun offset = noffset;
397*4882a593Smuzhiyun }
398*4882a593Smuzhiyun
399*4882a593Smuzhiyun ieee80211_tdls_add_ext_capab(sdata, skb);
400*4882a593Smuzhiyun
401*4882a593Smuzhiyun /* add the QoS element if we support it */
402*4882a593Smuzhiyun if (local->hw.queues >= IEEE80211_NUM_ACS &&
403*4882a593Smuzhiyun action_code != WLAN_PUB_ACTION_TDLS_DISCOVER_RES)
404*4882a593Smuzhiyun ieee80211_add_wmm_info_ie(skb_put(skb, 9), 0); /* no U-APSD */
405*4882a593Smuzhiyun
406*4882a593Smuzhiyun /* add any custom IEs that go before HT capabilities */
407*4882a593Smuzhiyun if (extra_ies_len) {
408*4882a593Smuzhiyun static const u8 before_ht_cap[] = {
409*4882a593Smuzhiyun WLAN_EID_SUPP_RATES,
410*4882a593Smuzhiyun WLAN_EID_COUNTRY,
411*4882a593Smuzhiyun WLAN_EID_EXT_SUPP_RATES,
412*4882a593Smuzhiyun WLAN_EID_SUPPORTED_CHANNELS,
413*4882a593Smuzhiyun WLAN_EID_RSN,
414*4882a593Smuzhiyun WLAN_EID_EXT_CAPABILITY,
415*4882a593Smuzhiyun WLAN_EID_QOS_CAPA,
416*4882a593Smuzhiyun WLAN_EID_FAST_BSS_TRANSITION,
417*4882a593Smuzhiyun WLAN_EID_TIMEOUT_INTERVAL,
418*4882a593Smuzhiyun WLAN_EID_SUPPORTED_REGULATORY_CLASSES,
419*4882a593Smuzhiyun };
420*4882a593Smuzhiyun noffset = ieee80211_ie_split(extra_ies, extra_ies_len,
421*4882a593Smuzhiyun before_ht_cap,
422*4882a593Smuzhiyun ARRAY_SIZE(before_ht_cap),
423*4882a593Smuzhiyun offset);
424*4882a593Smuzhiyun skb_put_data(skb, extra_ies + offset, noffset - offset);
425*4882a593Smuzhiyun offset = noffset;
426*4882a593Smuzhiyun }
427*4882a593Smuzhiyun
428*4882a593Smuzhiyun mutex_lock(&local->sta_mtx);
429*4882a593Smuzhiyun
430*4882a593Smuzhiyun /* we should have the peer STA if we're already responding */
431*4882a593Smuzhiyun if (action_code == WLAN_TDLS_SETUP_RESPONSE) {
432*4882a593Smuzhiyun sta = sta_info_get(sdata, peer);
433*4882a593Smuzhiyun if (WARN_ON_ONCE(!sta)) {
434*4882a593Smuzhiyun mutex_unlock(&local->sta_mtx);
435*4882a593Smuzhiyun return;
436*4882a593Smuzhiyun }
437*4882a593Smuzhiyun
438*4882a593Smuzhiyun sta->tdls_chandef = sdata->vif.bss_conf.chandef;
439*4882a593Smuzhiyun }
440*4882a593Smuzhiyun
441*4882a593Smuzhiyun ieee80211_tdls_add_oper_classes(sdata, skb);
442*4882a593Smuzhiyun
443*4882a593Smuzhiyun /*
444*4882a593Smuzhiyun * with TDLS we can switch channels, and HT-caps are not necessarily
445*4882a593Smuzhiyun * the same on all bands. The specification limits the setup to a
446*4882a593Smuzhiyun * single HT-cap, so use the current band for now.
447*4882a593Smuzhiyun */
448*4882a593Smuzhiyun memcpy(&ht_cap, &sband->ht_cap, sizeof(ht_cap));
449*4882a593Smuzhiyun
450*4882a593Smuzhiyun if ((action_code == WLAN_TDLS_SETUP_REQUEST ||
451*4882a593Smuzhiyun action_code == WLAN_PUB_ACTION_TDLS_DISCOVER_RES) &&
452*4882a593Smuzhiyun ht_cap.ht_supported) {
453*4882a593Smuzhiyun ieee80211_apply_htcap_overrides(sdata, &ht_cap);
454*4882a593Smuzhiyun
455*4882a593Smuzhiyun /* disable SMPS in TDLS initiator */
456*4882a593Smuzhiyun ht_cap.cap |= WLAN_HT_CAP_SM_PS_DISABLED
457*4882a593Smuzhiyun << IEEE80211_HT_CAP_SM_PS_SHIFT;
458*4882a593Smuzhiyun
459*4882a593Smuzhiyun pos = skb_put(skb, sizeof(struct ieee80211_ht_cap) + 2);
460*4882a593Smuzhiyun ieee80211_ie_build_ht_cap(pos, &ht_cap, ht_cap.cap);
461*4882a593Smuzhiyun } else if (action_code == WLAN_TDLS_SETUP_RESPONSE &&
462*4882a593Smuzhiyun ht_cap.ht_supported && sta->sta.ht_cap.ht_supported) {
463*4882a593Smuzhiyun /* the peer caps are already intersected with our own */
464*4882a593Smuzhiyun memcpy(&ht_cap, &sta->sta.ht_cap, sizeof(ht_cap));
465*4882a593Smuzhiyun
466*4882a593Smuzhiyun pos = skb_put(skb, sizeof(struct ieee80211_ht_cap) + 2);
467*4882a593Smuzhiyun ieee80211_ie_build_ht_cap(pos, &ht_cap, ht_cap.cap);
468*4882a593Smuzhiyun }
469*4882a593Smuzhiyun
470*4882a593Smuzhiyun if (ht_cap.ht_supported &&
471*4882a593Smuzhiyun (ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40))
472*4882a593Smuzhiyun ieee80211_tdls_add_bss_coex_ie(skb);
473*4882a593Smuzhiyun
474*4882a593Smuzhiyun ieee80211_tdls_add_link_ie(sdata, skb, peer, initiator);
475*4882a593Smuzhiyun
476*4882a593Smuzhiyun /* add any custom IEs that go before VHT capabilities */
477*4882a593Smuzhiyun if (extra_ies_len) {
478*4882a593Smuzhiyun static const u8 before_vht_cap[] = {
479*4882a593Smuzhiyun WLAN_EID_SUPP_RATES,
480*4882a593Smuzhiyun WLAN_EID_COUNTRY,
481*4882a593Smuzhiyun WLAN_EID_EXT_SUPP_RATES,
482*4882a593Smuzhiyun WLAN_EID_SUPPORTED_CHANNELS,
483*4882a593Smuzhiyun WLAN_EID_RSN,
484*4882a593Smuzhiyun WLAN_EID_EXT_CAPABILITY,
485*4882a593Smuzhiyun WLAN_EID_QOS_CAPA,
486*4882a593Smuzhiyun WLAN_EID_FAST_BSS_TRANSITION,
487*4882a593Smuzhiyun WLAN_EID_TIMEOUT_INTERVAL,
488*4882a593Smuzhiyun WLAN_EID_SUPPORTED_REGULATORY_CLASSES,
489*4882a593Smuzhiyun WLAN_EID_MULTI_BAND,
490*4882a593Smuzhiyun };
491*4882a593Smuzhiyun noffset = ieee80211_ie_split(extra_ies, extra_ies_len,
492*4882a593Smuzhiyun before_vht_cap,
493*4882a593Smuzhiyun ARRAY_SIZE(before_vht_cap),
494*4882a593Smuzhiyun offset);
495*4882a593Smuzhiyun skb_put_data(skb, extra_ies + offset, noffset - offset);
496*4882a593Smuzhiyun offset = noffset;
497*4882a593Smuzhiyun }
498*4882a593Smuzhiyun
499*4882a593Smuzhiyun /* build the VHT-cap similarly to the HT-cap */
500*4882a593Smuzhiyun memcpy(&vht_cap, &sband->vht_cap, sizeof(vht_cap));
501*4882a593Smuzhiyun if ((action_code == WLAN_TDLS_SETUP_REQUEST ||
502*4882a593Smuzhiyun action_code == WLAN_PUB_ACTION_TDLS_DISCOVER_RES) &&
503*4882a593Smuzhiyun vht_cap.vht_supported) {
504*4882a593Smuzhiyun ieee80211_apply_vhtcap_overrides(sdata, &vht_cap);
505*4882a593Smuzhiyun
506*4882a593Smuzhiyun /* the AID is present only when VHT is implemented */
507*4882a593Smuzhiyun if (action_code == WLAN_TDLS_SETUP_REQUEST)
508*4882a593Smuzhiyun ieee80211_tdls_add_aid(sdata, skb);
509*4882a593Smuzhiyun
510*4882a593Smuzhiyun pos = skb_put(skb, sizeof(struct ieee80211_vht_cap) + 2);
511*4882a593Smuzhiyun ieee80211_ie_build_vht_cap(pos, &vht_cap, vht_cap.cap);
512*4882a593Smuzhiyun } else if (action_code == WLAN_TDLS_SETUP_RESPONSE &&
513*4882a593Smuzhiyun vht_cap.vht_supported && sta->sta.vht_cap.vht_supported) {
514*4882a593Smuzhiyun /* the peer caps are already intersected with our own */
515*4882a593Smuzhiyun memcpy(&vht_cap, &sta->sta.vht_cap, sizeof(vht_cap));
516*4882a593Smuzhiyun
517*4882a593Smuzhiyun /* the AID is present only when VHT is implemented */
518*4882a593Smuzhiyun ieee80211_tdls_add_aid(sdata, skb);
519*4882a593Smuzhiyun
520*4882a593Smuzhiyun pos = skb_put(skb, sizeof(struct ieee80211_vht_cap) + 2);
521*4882a593Smuzhiyun ieee80211_ie_build_vht_cap(pos, &vht_cap, vht_cap.cap);
522*4882a593Smuzhiyun
523*4882a593Smuzhiyun /*
524*4882a593Smuzhiyun * if both peers support WIDER_BW, we can expand the chandef to
525*4882a593Smuzhiyun * a wider compatible one, up to 80MHz
526*4882a593Smuzhiyun */
527*4882a593Smuzhiyun if (test_sta_flag(sta, WLAN_STA_TDLS_WIDER_BW))
528*4882a593Smuzhiyun ieee80211_tdls_chandef_vht_upgrade(sdata, sta);
529*4882a593Smuzhiyun }
530*4882a593Smuzhiyun
531*4882a593Smuzhiyun mutex_unlock(&local->sta_mtx);
532*4882a593Smuzhiyun
533*4882a593Smuzhiyun /* add any remaining IEs */
534*4882a593Smuzhiyun if (extra_ies_len) {
535*4882a593Smuzhiyun noffset = extra_ies_len;
536*4882a593Smuzhiyun skb_put_data(skb, extra_ies + offset, noffset - offset);
537*4882a593Smuzhiyun }
538*4882a593Smuzhiyun
539*4882a593Smuzhiyun }
540*4882a593Smuzhiyun
541*4882a593Smuzhiyun static void
ieee80211_tdls_add_setup_cfm_ies(struct ieee80211_sub_if_data * sdata,struct sk_buff * skb,const u8 * peer,bool initiator,const u8 * extra_ies,size_t extra_ies_len)542*4882a593Smuzhiyun ieee80211_tdls_add_setup_cfm_ies(struct ieee80211_sub_if_data *sdata,
543*4882a593Smuzhiyun struct sk_buff *skb, const u8 *peer,
544*4882a593Smuzhiyun bool initiator, const u8 *extra_ies,
545*4882a593Smuzhiyun size_t extra_ies_len)
546*4882a593Smuzhiyun {
547*4882a593Smuzhiyun struct ieee80211_local *local = sdata->local;
548*4882a593Smuzhiyun struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
549*4882a593Smuzhiyun size_t offset = 0, noffset;
550*4882a593Smuzhiyun struct sta_info *sta, *ap_sta;
551*4882a593Smuzhiyun struct ieee80211_supported_band *sband;
552*4882a593Smuzhiyun u8 *pos;
553*4882a593Smuzhiyun
554*4882a593Smuzhiyun sband = ieee80211_get_sband(sdata);
555*4882a593Smuzhiyun if (!sband)
556*4882a593Smuzhiyun return;
557*4882a593Smuzhiyun
558*4882a593Smuzhiyun mutex_lock(&local->sta_mtx);
559*4882a593Smuzhiyun
560*4882a593Smuzhiyun sta = sta_info_get(sdata, peer);
561*4882a593Smuzhiyun ap_sta = sta_info_get(sdata, ifmgd->bssid);
562*4882a593Smuzhiyun if (WARN_ON_ONCE(!sta || !ap_sta)) {
563*4882a593Smuzhiyun mutex_unlock(&local->sta_mtx);
564*4882a593Smuzhiyun return;
565*4882a593Smuzhiyun }
566*4882a593Smuzhiyun
567*4882a593Smuzhiyun sta->tdls_chandef = sdata->vif.bss_conf.chandef;
568*4882a593Smuzhiyun
569*4882a593Smuzhiyun /* add any custom IEs that go before the QoS IE */
570*4882a593Smuzhiyun if (extra_ies_len) {
571*4882a593Smuzhiyun static const u8 before_qos[] = {
572*4882a593Smuzhiyun WLAN_EID_RSN,
573*4882a593Smuzhiyun };
574*4882a593Smuzhiyun noffset = ieee80211_ie_split(extra_ies, extra_ies_len,
575*4882a593Smuzhiyun before_qos,
576*4882a593Smuzhiyun ARRAY_SIZE(before_qos),
577*4882a593Smuzhiyun offset);
578*4882a593Smuzhiyun skb_put_data(skb, extra_ies + offset, noffset - offset);
579*4882a593Smuzhiyun offset = noffset;
580*4882a593Smuzhiyun }
581*4882a593Smuzhiyun
582*4882a593Smuzhiyun /* add the QoS param IE if both the peer and we support it */
583*4882a593Smuzhiyun if (local->hw.queues >= IEEE80211_NUM_ACS && sta->sta.wme)
584*4882a593Smuzhiyun ieee80211_tdls_add_wmm_param_ie(sdata, skb);
585*4882a593Smuzhiyun
586*4882a593Smuzhiyun /* add any custom IEs that go before HT operation */
587*4882a593Smuzhiyun if (extra_ies_len) {
588*4882a593Smuzhiyun static const u8 before_ht_op[] = {
589*4882a593Smuzhiyun WLAN_EID_RSN,
590*4882a593Smuzhiyun WLAN_EID_QOS_CAPA,
591*4882a593Smuzhiyun WLAN_EID_FAST_BSS_TRANSITION,
592*4882a593Smuzhiyun WLAN_EID_TIMEOUT_INTERVAL,
593*4882a593Smuzhiyun };
594*4882a593Smuzhiyun noffset = ieee80211_ie_split(extra_ies, extra_ies_len,
595*4882a593Smuzhiyun before_ht_op,
596*4882a593Smuzhiyun ARRAY_SIZE(before_ht_op),
597*4882a593Smuzhiyun offset);
598*4882a593Smuzhiyun skb_put_data(skb, extra_ies + offset, noffset - offset);
599*4882a593Smuzhiyun offset = noffset;
600*4882a593Smuzhiyun }
601*4882a593Smuzhiyun
602*4882a593Smuzhiyun /*
603*4882a593Smuzhiyun * if HT support is only added in TDLS, we need an HT-operation IE.
604*4882a593Smuzhiyun * add the IE as required by IEEE802.11-2012 9.23.3.2.
605*4882a593Smuzhiyun */
606*4882a593Smuzhiyun if (!ap_sta->sta.ht_cap.ht_supported && sta->sta.ht_cap.ht_supported) {
607*4882a593Smuzhiyun u16 prot = IEEE80211_HT_OP_MODE_PROTECTION_NONHT_MIXED |
608*4882a593Smuzhiyun IEEE80211_HT_OP_MODE_NON_GF_STA_PRSNT |
609*4882a593Smuzhiyun IEEE80211_HT_OP_MODE_NON_HT_STA_PRSNT;
610*4882a593Smuzhiyun
611*4882a593Smuzhiyun pos = skb_put(skb, 2 + sizeof(struct ieee80211_ht_operation));
612*4882a593Smuzhiyun ieee80211_ie_build_ht_oper(pos, &sta->sta.ht_cap,
613*4882a593Smuzhiyun &sdata->vif.bss_conf.chandef, prot,
614*4882a593Smuzhiyun true);
615*4882a593Smuzhiyun }
616*4882a593Smuzhiyun
617*4882a593Smuzhiyun ieee80211_tdls_add_link_ie(sdata, skb, peer, initiator);
618*4882a593Smuzhiyun
619*4882a593Smuzhiyun /* only include VHT-operation if not on the 2.4GHz band */
620*4882a593Smuzhiyun if (sband->band != NL80211_BAND_2GHZ &&
621*4882a593Smuzhiyun sta->sta.vht_cap.vht_supported) {
622*4882a593Smuzhiyun /*
623*4882a593Smuzhiyun * if both peers support WIDER_BW, we can expand the chandef to
624*4882a593Smuzhiyun * a wider compatible one, up to 80MHz
625*4882a593Smuzhiyun */
626*4882a593Smuzhiyun if (test_sta_flag(sta, WLAN_STA_TDLS_WIDER_BW))
627*4882a593Smuzhiyun ieee80211_tdls_chandef_vht_upgrade(sdata, sta);
628*4882a593Smuzhiyun
629*4882a593Smuzhiyun pos = skb_put(skb, 2 + sizeof(struct ieee80211_vht_operation));
630*4882a593Smuzhiyun ieee80211_ie_build_vht_oper(pos, &sta->sta.vht_cap,
631*4882a593Smuzhiyun &sta->tdls_chandef);
632*4882a593Smuzhiyun }
633*4882a593Smuzhiyun
634*4882a593Smuzhiyun mutex_unlock(&local->sta_mtx);
635*4882a593Smuzhiyun
636*4882a593Smuzhiyun /* add any remaining IEs */
637*4882a593Smuzhiyun if (extra_ies_len) {
638*4882a593Smuzhiyun noffset = extra_ies_len;
639*4882a593Smuzhiyun skb_put_data(skb, extra_ies + offset, noffset - offset);
640*4882a593Smuzhiyun }
641*4882a593Smuzhiyun }
642*4882a593Smuzhiyun
643*4882a593Smuzhiyun static void
ieee80211_tdls_add_chan_switch_req_ies(struct ieee80211_sub_if_data * sdata,struct sk_buff * skb,const u8 * peer,bool initiator,const u8 * extra_ies,size_t extra_ies_len,u8 oper_class,struct cfg80211_chan_def * chandef)644*4882a593Smuzhiyun ieee80211_tdls_add_chan_switch_req_ies(struct ieee80211_sub_if_data *sdata,
645*4882a593Smuzhiyun struct sk_buff *skb, const u8 *peer,
646*4882a593Smuzhiyun bool initiator, const u8 *extra_ies,
647*4882a593Smuzhiyun size_t extra_ies_len, u8 oper_class,
648*4882a593Smuzhiyun struct cfg80211_chan_def *chandef)
649*4882a593Smuzhiyun {
650*4882a593Smuzhiyun struct ieee80211_tdls_data *tf;
651*4882a593Smuzhiyun size_t offset = 0, noffset;
652*4882a593Smuzhiyun
653*4882a593Smuzhiyun if (WARN_ON_ONCE(!chandef))
654*4882a593Smuzhiyun return;
655*4882a593Smuzhiyun
656*4882a593Smuzhiyun tf = (void *)skb->data;
657*4882a593Smuzhiyun tf->u.chan_switch_req.target_channel =
658*4882a593Smuzhiyun ieee80211_frequency_to_channel(chandef->chan->center_freq);
659*4882a593Smuzhiyun tf->u.chan_switch_req.oper_class = oper_class;
660*4882a593Smuzhiyun
661*4882a593Smuzhiyun if (extra_ies_len) {
662*4882a593Smuzhiyun static const u8 before_lnkie[] = {
663*4882a593Smuzhiyun WLAN_EID_SECONDARY_CHANNEL_OFFSET,
664*4882a593Smuzhiyun };
665*4882a593Smuzhiyun noffset = ieee80211_ie_split(extra_ies, extra_ies_len,
666*4882a593Smuzhiyun before_lnkie,
667*4882a593Smuzhiyun ARRAY_SIZE(before_lnkie),
668*4882a593Smuzhiyun offset);
669*4882a593Smuzhiyun skb_put_data(skb, extra_ies + offset, noffset - offset);
670*4882a593Smuzhiyun offset = noffset;
671*4882a593Smuzhiyun }
672*4882a593Smuzhiyun
673*4882a593Smuzhiyun ieee80211_tdls_add_link_ie(sdata, skb, peer, initiator);
674*4882a593Smuzhiyun
675*4882a593Smuzhiyun /* add any remaining IEs */
676*4882a593Smuzhiyun if (extra_ies_len) {
677*4882a593Smuzhiyun noffset = extra_ies_len;
678*4882a593Smuzhiyun skb_put_data(skb, extra_ies + offset, noffset - offset);
679*4882a593Smuzhiyun }
680*4882a593Smuzhiyun }
681*4882a593Smuzhiyun
682*4882a593Smuzhiyun static void
ieee80211_tdls_add_chan_switch_resp_ies(struct ieee80211_sub_if_data * sdata,struct sk_buff * skb,const u8 * peer,u16 status_code,bool initiator,const u8 * extra_ies,size_t extra_ies_len)683*4882a593Smuzhiyun ieee80211_tdls_add_chan_switch_resp_ies(struct ieee80211_sub_if_data *sdata,
684*4882a593Smuzhiyun struct sk_buff *skb, const u8 *peer,
685*4882a593Smuzhiyun u16 status_code, bool initiator,
686*4882a593Smuzhiyun const u8 *extra_ies,
687*4882a593Smuzhiyun size_t extra_ies_len)
688*4882a593Smuzhiyun {
689*4882a593Smuzhiyun if (status_code == 0)
690*4882a593Smuzhiyun ieee80211_tdls_add_link_ie(sdata, skb, peer, initiator);
691*4882a593Smuzhiyun
692*4882a593Smuzhiyun if (extra_ies_len)
693*4882a593Smuzhiyun skb_put_data(skb, extra_ies, extra_ies_len);
694*4882a593Smuzhiyun }
695*4882a593Smuzhiyun
ieee80211_tdls_add_ies(struct ieee80211_sub_if_data * sdata,struct sk_buff * skb,const u8 * peer,u8 action_code,u16 status_code,bool initiator,const u8 * extra_ies,size_t extra_ies_len,u8 oper_class,struct cfg80211_chan_def * chandef)696*4882a593Smuzhiyun static void ieee80211_tdls_add_ies(struct ieee80211_sub_if_data *sdata,
697*4882a593Smuzhiyun struct sk_buff *skb, const u8 *peer,
698*4882a593Smuzhiyun u8 action_code, u16 status_code,
699*4882a593Smuzhiyun bool initiator, const u8 *extra_ies,
700*4882a593Smuzhiyun size_t extra_ies_len, u8 oper_class,
701*4882a593Smuzhiyun struct cfg80211_chan_def *chandef)
702*4882a593Smuzhiyun {
703*4882a593Smuzhiyun switch (action_code) {
704*4882a593Smuzhiyun case WLAN_TDLS_SETUP_REQUEST:
705*4882a593Smuzhiyun case WLAN_TDLS_SETUP_RESPONSE:
706*4882a593Smuzhiyun case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
707*4882a593Smuzhiyun if (status_code == 0)
708*4882a593Smuzhiyun ieee80211_tdls_add_setup_start_ies(sdata, skb, peer,
709*4882a593Smuzhiyun action_code,
710*4882a593Smuzhiyun initiator,
711*4882a593Smuzhiyun extra_ies,
712*4882a593Smuzhiyun extra_ies_len);
713*4882a593Smuzhiyun break;
714*4882a593Smuzhiyun case WLAN_TDLS_SETUP_CONFIRM:
715*4882a593Smuzhiyun if (status_code == 0)
716*4882a593Smuzhiyun ieee80211_tdls_add_setup_cfm_ies(sdata, skb, peer,
717*4882a593Smuzhiyun initiator, extra_ies,
718*4882a593Smuzhiyun extra_ies_len);
719*4882a593Smuzhiyun break;
720*4882a593Smuzhiyun case WLAN_TDLS_TEARDOWN:
721*4882a593Smuzhiyun case WLAN_TDLS_DISCOVERY_REQUEST:
722*4882a593Smuzhiyun if (extra_ies_len)
723*4882a593Smuzhiyun skb_put_data(skb, extra_ies, extra_ies_len);
724*4882a593Smuzhiyun if (status_code == 0 || action_code == WLAN_TDLS_TEARDOWN)
725*4882a593Smuzhiyun ieee80211_tdls_add_link_ie(sdata, skb, peer, initiator);
726*4882a593Smuzhiyun break;
727*4882a593Smuzhiyun case WLAN_TDLS_CHANNEL_SWITCH_REQUEST:
728*4882a593Smuzhiyun ieee80211_tdls_add_chan_switch_req_ies(sdata, skb, peer,
729*4882a593Smuzhiyun initiator, extra_ies,
730*4882a593Smuzhiyun extra_ies_len,
731*4882a593Smuzhiyun oper_class, chandef);
732*4882a593Smuzhiyun break;
733*4882a593Smuzhiyun case WLAN_TDLS_CHANNEL_SWITCH_RESPONSE:
734*4882a593Smuzhiyun ieee80211_tdls_add_chan_switch_resp_ies(sdata, skb, peer,
735*4882a593Smuzhiyun status_code,
736*4882a593Smuzhiyun initiator, extra_ies,
737*4882a593Smuzhiyun extra_ies_len);
738*4882a593Smuzhiyun break;
739*4882a593Smuzhiyun }
740*4882a593Smuzhiyun
741*4882a593Smuzhiyun }
742*4882a593Smuzhiyun
743*4882a593Smuzhiyun static int
ieee80211_prep_tdls_encap_data(struct wiphy * wiphy,struct net_device * dev,const u8 * peer,u8 action_code,u8 dialog_token,u16 status_code,struct sk_buff * skb)744*4882a593Smuzhiyun ieee80211_prep_tdls_encap_data(struct wiphy *wiphy, struct net_device *dev,
745*4882a593Smuzhiyun const u8 *peer, u8 action_code, u8 dialog_token,
746*4882a593Smuzhiyun u16 status_code, struct sk_buff *skb)
747*4882a593Smuzhiyun {
748*4882a593Smuzhiyun struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
749*4882a593Smuzhiyun struct ieee80211_tdls_data *tf;
750*4882a593Smuzhiyun
751*4882a593Smuzhiyun tf = skb_put(skb, offsetof(struct ieee80211_tdls_data, u));
752*4882a593Smuzhiyun
753*4882a593Smuzhiyun memcpy(tf->da, peer, ETH_ALEN);
754*4882a593Smuzhiyun memcpy(tf->sa, sdata->vif.addr, ETH_ALEN);
755*4882a593Smuzhiyun tf->ether_type = cpu_to_be16(ETH_P_TDLS);
756*4882a593Smuzhiyun tf->payload_type = WLAN_TDLS_SNAP_RFTYPE;
757*4882a593Smuzhiyun
758*4882a593Smuzhiyun /* network header is after the ethernet header */
759*4882a593Smuzhiyun skb_set_network_header(skb, ETH_HLEN);
760*4882a593Smuzhiyun
761*4882a593Smuzhiyun switch (action_code) {
762*4882a593Smuzhiyun case WLAN_TDLS_SETUP_REQUEST:
763*4882a593Smuzhiyun tf->category = WLAN_CATEGORY_TDLS;
764*4882a593Smuzhiyun tf->action_code = WLAN_TDLS_SETUP_REQUEST;
765*4882a593Smuzhiyun
766*4882a593Smuzhiyun skb_put(skb, sizeof(tf->u.setup_req));
767*4882a593Smuzhiyun tf->u.setup_req.dialog_token = dialog_token;
768*4882a593Smuzhiyun tf->u.setup_req.capability =
769*4882a593Smuzhiyun cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata,
770*4882a593Smuzhiyun status_code));
771*4882a593Smuzhiyun break;
772*4882a593Smuzhiyun case WLAN_TDLS_SETUP_RESPONSE:
773*4882a593Smuzhiyun tf->category = WLAN_CATEGORY_TDLS;
774*4882a593Smuzhiyun tf->action_code = WLAN_TDLS_SETUP_RESPONSE;
775*4882a593Smuzhiyun
776*4882a593Smuzhiyun skb_put(skb, sizeof(tf->u.setup_resp));
777*4882a593Smuzhiyun tf->u.setup_resp.status_code = cpu_to_le16(status_code);
778*4882a593Smuzhiyun tf->u.setup_resp.dialog_token = dialog_token;
779*4882a593Smuzhiyun tf->u.setup_resp.capability =
780*4882a593Smuzhiyun cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata,
781*4882a593Smuzhiyun status_code));
782*4882a593Smuzhiyun break;
783*4882a593Smuzhiyun case WLAN_TDLS_SETUP_CONFIRM:
784*4882a593Smuzhiyun tf->category = WLAN_CATEGORY_TDLS;
785*4882a593Smuzhiyun tf->action_code = WLAN_TDLS_SETUP_CONFIRM;
786*4882a593Smuzhiyun
787*4882a593Smuzhiyun skb_put(skb, sizeof(tf->u.setup_cfm));
788*4882a593Smuzhiyun tf->u.setup_cfm.status_code = cpu_to_le16(status_code);
789*4882a593Smuzhiyun tf->u.setup_cfm.dialog_token = dialog_token;
790*4882a593Smuzhiyun break;
791*4882a593Smuzhiyun case WLAN_TDLS_TEARDOWN:
792*4882a593Smuzhiyun tf->category = WLAN_CATEGORY_TDLS;
793*4882a593Smuzhiyun tf->action_code = WLAN_TDLS_TEARDOWN;
794*4882a593Smuzhiyun
795*4882a593Smuzhiyun skb_put(skb, sizeof(tf->u.teardown));
796*4882a593Smuzhiyun tf->u.teardown.reason_code = cpu_to_le16(status_code);
797*4882a593Smuzhiyun break;
798*4882a593Smuzhiyun case WLAN_TDLS_DISCOVERY_REQUEST:
799*4882a593Smuzhiyun tf->category = WLAN_CATEGORY_TDLS;
800*4882a593Smuzhiyun tf->action_code = WLAN_TDLS_DISCOVERY_REQUEST;
801*4882a593Smuzhiyun
802*4882a593Smuzhiyun skb_put(skb, sizeof(tf->u.discover_req));
803*4882a593Smuzhiyun tf->u.discover_req.dialog_token = dialog_token;
804*4882a593Smuzhiyun break;
805*4882a593Smuzhiyun case WLAN_TDLS_CHANNEL_SWITCH_REQUEST:
806*4882a593Smuzhiyun tf->category = WLAN_CATEGORY_TDLS;
807*4882a593Smuzhiyun tf->action_code = WLAN_TDLS_CHANNEL_SWITCH_REQUEST;
808*4882a593Smuzhiyun
809*4882a593Smuzhiyun skb_put(skb, sizeof(tf->u.chan_switch_req));
810*4882a593Smuzhiyun break;
811*4882a593Smuzhiyun case WLAN_TDLS_CHANNEL_SWITCH_RESPONSE:
812*4882a593Smuzhiyun tf->category = WLAN_CATEGORY_TDLS;
813*4882a593Smuzhiyun tf->action_code = WLAN_TDLS_CHANNEL_SWITCH_RESPONSE;
814*4882a593Smuzhiyun
815*4882a593Smuzhiyun skb_put(skb, sizeof(tf->u.chan_switch_resp));
816*4882a593Smuzhiyun tf->u.chan_switch_resp.status_code = cpu_to_le16(status_code);
817*4882a593Smuzhiyun break;
818*4882a593Smuzhiyun default:
819*4882a593Smuzhiyun return -EINVAL;
820*4882a593Smuzhiyun }
821*4882a593Smuzhiyun
822*4882a593Smuzhiyun return 0;
823*4882a593Smuzhiyun }
824*4882a593Smuzhiyun
825*4882a593Smuzhiyun static int
ieee80211_prep_tdls_direct(struct wiphy * wiphy,struct net_device * dev,const u8 * peer,u8 action_code,u8 dialog_token,u16 status_code,struct sk_buff * skb)826*4882a593Smuzhiyun ieee80211_prep_tdls_direct(struct wiphy *wiphy, struct net_device *dev,
827*4882a593Smuzhiyun const u8 *peer, u8 action_code, u8 dialog_token,
828*4882a593Smuzhiyun u16 status_code, struct sk_buff *skb)
829*4882a593Smuzhiyun {
830*4882a593Smuzhiyun struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
831*4882a593Smuzhiyun struct ieee80211_mgmt *mgmt;
832*4882a593Smuzhiyun
833*4882a593Smuzhiyun mgmt = skb_put_zero(skb, 24);
834*4882a593Smuzhiyun memcpy(mgmt->da, peer, ETH_ALEN);
835*4882a593Smuzhiyun memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
836*4882a593Smuzhiyun memcpy(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN);
837*4882a593Smuzhiyun
838*4882a593Smuzhiyun mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
839*4882a593Smuzhiyun IEEE80211_STYPE_ACTION);
840*4882a593Smuzhiyun
841*4882a593Smuzhiyun switch (action_code) {
842*4882a593Smuzhiyun case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
843*4882a593Smuzhiyun skb_put(skb, 1 + sizeof(mgmt->u.action.u.tdls_discover_resp));
844*4882a593Smuzhiyun mgmt->u.action.category = WLAN_CATEGORY_PUBLIC;
845*4882a593Smuzhiyun mgmt->u.action.u.tdls_discover_resp.action_code =
846*4882a593Smuzhiyun WLAN_PUB_ACTION_TDLS_DISCOVER_RES;
847*4882a593Smuzhiyun mgmt->u.action.u.tdls_discover_resp.dialog_token =
848*4882a593Smuzhiyun dialog_token;
849*4882a593Smuzhiyun mgmt->u.action.u.tdls_discover_resp.capability =
850*4882a593Smuzhiyun cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata,
851*4882a593Smuzhiyun status_code));
852*4882a593Smuzhiyun break;
853*4882a593Smuzhiyun default:
854*4882a593Smuzhiyun return -EINVAL;
855*4882a593Smuzhiyun }
856*4882a593Smuzhiyun
857*4882a593Smuzhiyun return 0;
858*4882a593Smuzhiyun }
859*4882a593Smuzhiyun
860*4882a593Smuzhiyun static struct sk_buff *
ieee80211_tdls_build_mgmt_packet_data(struct ieee80211_sub_if_data * sdata,const u8 * peer,u8 action_code,u8 dialog_token,u16 status_code,bool initiator,const u8 * extra_ies,size_t extra_ies_len,u8 oper_class,struct cfg80211_chan_def * chandef)861*4882a593Smuzhiyun ieee80211_tdls_build_mgmt_packet_data(struct ieee80211_sub_if_data *sdata,
862*4882a593Smuzhiyun const u8 *peer, u8 action_code,
863*4882a593Smuzhiyun u8 dialog_token, u16 status_code,
864*4882a593Smuzhiyun bool initiator, const u8 *extra_ies,
865*4882a593Smuzhiyun size_t extra_ies_len, u8 oper_class,
866*4882a593Smuzhiyun struct cfg80211_chan_def *chandef)
867*4882a593Smuzhiyun {
868*4882a593Smuzhiyun struct ieee80211_local *local = sdata->local;
869*4882a593Smuzhiyun struct sk_buff *skb;
870*4882a593Smuzhiyun int ret;
871*4882a593Smuzhiyun
872*4882a593Smuzhiyun skb = netdev_alloc_skb(sdata->dev,
873*4882a593Smuzhiyun local->hw.extra_tx_headroom +
874*4882a593Smuzhiyun max(sizeof(struct ieee80211_mgmt),
875*4882a593Smuzhiyun sizeof(struct ieee80211_tdls_data)) +
876*4882a593Smuzhiyun 50 + /* supported rates */
877*4882a593Smuzhiyun 10 + /* ext capab */
878*4882a593Smuzhiyun 26 + /* max(WMM-info, WMM-param) */
879*4882a593Smuzhiyun 2 + max(sizeof(struct ieee80211_ht_cap),
880*4882a593Smuzhiyun sizeof(struct ieee80211_ht_operation)) +
881*4882a593Smuzhiyun 2 + max(sizeof(struct ieee80211_vht_cap),
882*4882a593Smuzhiyun sizeof(struct ieee80211_vht_operation)) +
883*4882a593Smuzhiyun 50 + /* supported channels */
884*4882a593Smuzhiyun 3 + /* 40/20 BSS coex */
885*4882a593Smuzhiyun 4 + /* AID */
886*4882a593Smuzhiyun 4 + /* oper classes */
887*4882a593Smuzhiyun extra_ies_len +
888*4882a593Smuzhiyun sizeof(struct ieee80211_tdls_lnkie));
889*4882a593Smuzhiyun if (!skb)
890*4882a593Smuzhiyun return NULL;
891*4882a593Smuzhiyun
892*4882a593Smuzhiyun skb_reserve(skb, local->hw.extra_tx_headroom);
893*4882a593Smuzhiyun
894*4882a593Smuzhiyun switch (action_code) {
895*4882a593Smuzhiyun case WLAN_TDLS_SETUP_REQUEST:
896*4882a593Smuzhiyun case WLAN_TDLS_SETUP_RESPONSE:
897*4882a593Smuzhiyun case WLAN_TDLS_SETUP_CONFIRM:
898*4882a593Smuzhiyun case WLAN_TDLS_TEARDOWN:
899*4882a593Smuzhiyun case WLAN_TDLS_DISCOVERY_REQUEST:
900*4882a593Smuzhiyun case WLAN_TDLS_CHANNEL_SWITCH_REQUEST:
901*4882a593Smuzhiyun case WLAN_TDLS_CHANNEL_SWITCH_RESPONSE:
902*4882a593Smuzhiyun ret = ieee80211_prep_tdls_encap_data(local->hw.wiphy,
903*4882a593Smuzhiyun sdata->dev, peer,
904*4882a593Smuzhiyun action_code, dialog_token,
905*4882a593Smuzhiyun status_code, skb);
906*4882a593Smuzhiyun break;
907*4882a593Smuzhiyun case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
908*4882a593Smuzhiyun ret = ieee80211_prep_tdls_direct(local->hw.wiphy, sdata->dev,
909*4882a593Smuzhiyun peer, action_code,
910*4882a593Smuzhiyun dialog_token, status_code,
911*4882a593Smuzhiyun skb);
912*4882a593Smuzhiyun break;
913*4882a593Smuzhiyun default:
914*4882a593Smuzhiyun ret = -ENOTSUPP;
915*4882a593Smuzhiyun break;
916*4882a593Smuzhiyun }
917*4882a593Smuzhiyun
918*4882a593Smuzhiyun if (ret < 0)
919*4882a593Smuzhiyun goto fail;
920*4882a593Smuzhiyun
921*4882a593Smuzhiyun ieee80211_tdls_add_ies(sdata, skb, peer, action_code, status_code,
922*4882a593Smuzhiyun initiator, extra_ies, extra_ies_len, oper_class,
923*4882a593Smuzhiyun chandef);
924*4882a593Smuzhiyun return skb;
925*4882a593Smuzhiyun
926*4882a593Smuzhiyun fail:
927*4882a593Smuzhiyun dev_kfree_skb(skb);
928*4882a593Smuzhiyun return NULL;
929*4882a593Smuzhiyun }
930*4882a593Smuzhiyun
931*4882a593Smuzhiyun static int
ieee80211_tdls_prep_mgmt_packet(struct wiphy * wiphy,struct net_device * dev,const u8 * peer,u8 action_code,u8 dialog_token,u16 status_code,u32 peer_capability,bool initiator,const u8 * extra_ies,size_t extra_ies_len,u8 oper_class,struct cfg80211_chan_def * chandef)932*4882a593Smuzhiyun ieee80211_tdls_prep_mgmt_packet(struct wiphy *wiphy, struct net_device *dev,
933*4882a593Smuzhiyun const u8 *peer, u8 action_code, u8 dialog_token,
934*4882a593Smuzhiyun u16 status_code, u32 peer_capability,
935*4882a593Smuzhiyun bool initiator, const u8 *extra_ies,
936*4882a593Smuzhiyun size_t extra_ies_len, u8 oper_class,
937*4882a593Smuzhiyun struct cfg80211_chan_def *chandef)
938*4882a593Smuzhiyun {
939*4882a593Smuzhiyun struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
940*4882a593Smuzhiyun struct sk_buff *skb = NULL;
941*4882a593Smuzhiyun struct sta_info *sta;
942*4882a593Smuzhiyun u32 flags = 0;
943*4882a593Smuzhiyun int ret = 0;
944*4882a593Smuzhiyun
945*4882a593Smuzhiyun rcu_read_lock();
946*4882a593Smuzhiyun sta = sta_info_get(sdata, peer);
947*4882a593Smuzhiyun
948*4882a593Smuzhiyun /* infer the initiator if we can, to support old userspace */
949*4882a593Smuzhiyun switch (action_code) {
950*4882a593Smuzhiyun case WLAN_TDLS_SETUP_REQUEST:
951*4882a593Smuzhiyun if (sta) {
952*4882a593Smuzhiyun set_sta_flag(sta, WLAN_STA_TDLS_INITIATOR);
953*4882a593Smuzhiyun sta->sta.tdls_initiator = false;
954*4882a593Smuzhiyun }
955*4882a593Smuzhiyun fallthrough;
956*4882a593Smuzhiyun case WLAN_TDLS_SETUP_CONFIRM:
957*4882a593Smuzhiyun case WLAN_TDLS_DISCOVERY_REQUEST:
958*4882a593Smuzhiyun initiator = true;
959*4882a593Smuzhiyun break;
960*4882a593Smuzhiyun case WLAN_TDLS_SETUP_RESPONSE:
961*4882a593Smuzhiyun /*
962*4882a593Smuzhiyun * In some testing scenarios, we send a request and response.
963*4882a593Smuzhiyun * Make the last packet sent take effect for the initiator
964*4882a593Smuzhiyun * value.
965*4882a593Smuzhiyun */
966*4882a593Smuzhiyun if (sta) {
967*4882a593Smuzhiyun clear_sta_flag(sta, WLAN_STA_TDLS_INITIATOR);
968*4882a593Smuzhiyun sta->sta.tdls_initiator = true;
969*4882a593Smuzhiyun }
970*4882a593Smuzhiyun fallthrough;
971*4882a593Smuzhiyun case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
972*4882a593Smuzhiyun initiator = false;
973*4882a593Smuzhiyun break;
974*4882a593Smuzhiyun case WLAN_TDLS_TEARDOWN:
975*4882a593Smuzhiyun case WLAN_TDLS_CHANNEL_SWITCH_REQUEST:
976*4882a593Smuzhiyun case WLAN_TDLS_CHANNEL_SWITCH_RESPONSE:
977*4882a593Smuzhiyun /* any value is ok */
978*4882a593Smuzhiyun break;
979*4882a593Smuzhiyun default:
980*4882a593Smuzhiyun ret = -ENOTSUPP;
981*4882a593Smuzhiyun break;
982*4882a593Smuzhiyun }
983*4882a593Smuzhiyun
984*4882a593Smuzhiyun if (sta && test_sta_flag(sta, WLAN_STA_TDLS_INITIATOR))
985*4882a593Smuzhiyun initiator = true;
986*4882a593Smuzhiyun
987*4882a593Smuzhiyun rcu_read_unlock();
988*4882a593Smuzhiyun if (ret < 0)
989*4882a593Smuzhiyun goto fail;
990*4882a593Smuzhiyun
991*4882a593Smuzhiyun skb = ieee80211_tdls_build_mgmt_packet_data(sdata, peer, action_code,
992*4882a593Smuzhiyun dialog_token, status_code,
993*4882a593Smuzhiyun initiator, extra_ies,
994*4882a593Smuzhiyun extra_ies_len, oper_class,
995*4882a593Smuzhiyun chandef);
996*4882a593Smuzhiyun if (!skb) {
997*4882a593Smuzhiyun ret = -EINVAL;
998*4882a593Smuzhiyun goto fail;
999*4882a593Smuzhiyun }
1000*4882a593Smuzhiyun
1001*4882a593Smuzhiyun if (action_code == WLAN_PUB_ACTION_TDLS_DISCOVER_RES) {
1002*4882a593Smuzhiyun ieee80211_tx_skb(sdata, skb);
1003*4882a593Smuzhiyun return 0;
1004*4882a593Smuzhiyun }
1005*4882a593Smuzhiyun
1006*4882a593Smuzhiyun /*
1007*4882a593Smuzhiyun * According to 802.11z: Setup req/resp are sent in AC_BK, otherwise
1008*4882a593Smuzhiyun * we should default to AC_VI.
1009*4882a593Smuzhiyun */
1010*4882a593Smuzhiyun switch (action_code) {
1011*4882a593Smuzhiyun case WLAN_TDLS_SETUP_REQUEST:
1012*4882a593Smuzhiyun case WLAN_TDLS_SETUP_RESPONSE:
1013*4882a593Smuzhiyun skb->priority = 256 + 2;
1014*4882a593Smuzhiyun break;
1015*4882a593Smuzhiyun default:
1016*4882a593Smuzhiyun skb->priority = 256 + 5;
1017*4882a593Smuzhiyun break;
1018*4882a593Smuzhiyun }
1019*4882a593Smuzhiyun skb_set_queue_mapping(skb, ieee80211_select_queue(sdata, skb));
1020*4882a593Smuzhiyun
1021*4882a593Smuzhiyun /*
1022*4882a593Smuzhiyun * Set the WLAN_TDLS_TEARDOWN flag to indicate a teardown in progress.
1023*4882a593Smuzhiyun * Later, if no ACK is returned from peer, we will re-send the teardown
1024*4882a593Smuzhiyun * packet through the AP.
1025*4882a593Smuzhiyun */
1026*4882a593Smuzhiyun if ((action_code == WLAN_TDLS_TEARDOWN) &&
1027*4882a593Smuzhiyun ieee80211_hw_check(&sdata->local->hw, REPORTS_TX_ACK_STATUS)) {
1028*4882a593Smuzhiyun bool try_resend; /* Should we keep skb for possible resend */
1029*4882a593Smuzhiyun
1030*4882a593Smuzhiyun /* If not sending directly to peer - no point in keeping skb */
1031*4882a593Smuzhiyun rcu_read_lock();
1032*4882a593Smuzhiyun sta = sta_info_get(sdata, peer);
1033*4882a593Smuzhiyun try_resend = sta && test_sta_flag(sta, WLAN_STA_TDLS_PEER_AUTH);
1034*4882a593Smuzhiyun rcu_read_unlock();
1035*4882a593Smuzhiyun
1036*4882a593Smuzhiyun spin_lock_bh(&sdata->u.mgd.teardown_lock);
1037*4882a593Smuzhiyun if (try_resend && !sdata->u.mgd.teardown_skb) {
1038*4882a593Smuzhiyun /* Mark it as requiring TX status callback */
1039*4882a593Smuzhiyun flags |= IEEE80211_TX_CTL_REQ_TX_STATUS |
1040*4882a593Smuzhiyun IEEE80211_TX_INTFL_MLME_CONN_TX;
1041*4882a593Smuzhiyun
1042*4882a593Smuzhiyun /*
1043*4882a593Smuzhiyun * skb is copied since mac80211 will later set
1044*4882a593Smuzhiyun * properties that might not be the same as the AP,
1045*4882a593Smuzhiyun * such as encryption, QoS, addresses, etc.
1046*4882a593Smuzhiyun *
1047*4882a593Smuzhiyun * No problem if skb_copy() fails, so no need to check.
1048*4882a593Smuzhiyun */
1049*4882a593Smuzhiyun sdata->u.mgd.teardown_skb = skb_copy(skb, GFP_ATOMIC);
1050*4882a593Smuzhiyun sdata->u.mgd.orig_teardown_skb = skb;
1051*4882a593Smuzhiyun }
1052*4882a593Smuzhiyun spin_unlock_bh(&sdata->u.mgd.teardown_lock);
1053*4882a593Smuzhiyun }
1054*4882a593Smuzhiyun
1055*4882a593Smuzhiyun /* disable bottom halves when entering the Tx path */
1056*4882a593Smuzhiyun local_bh_disable();
1057*4882a593Smuzhiyun __ieee80211_subif_start_xmit(skb, dev, flags, 0, NULL);
1058*4882a593Smuzhiyun local_bh_enable();
1059*4882a593Smuzhiyun
1060*4882a593Smuzhiyun return ret;
1061*4882a593Smuzhiyun
1062*4882a593Smuzhiyun fail:
1063*4882a593Smuzhiyun dev_kfree_skb(skb);
1064*4882a593Smuzhiyun return ret;
1065*4882a593Smuzhiyun }
1066*4882a593Smuzhiyun
1067*4882a593Smuzhiyun static int
ieee80211_tdls_mgmt_setup(struct wiphy * wiphy,struct net_device * dev,const u8 * peer,u8 action_code,u8 dialog_token,u16 status_code,u32 peer_capability,bool initiator,const u8 * extra_ies,size_t extra_ies_len)1068*4882a593Smuzhiyun ieee80211_tdls_mgmt_setup(struct wiphy *wiphy, struct net_device *dev,
1069*4882a593Smuzhiyun const u8 *peer, u8 action_code, u8 dialog_token,
1070*4882a593Smuzhiyun u16 status_code, u32 peer_capability, bool initiator,
1071*4882a593Smuzhiyun const u8 *extra_ies, size_t extra_ies_len)
1072*4882a593Smuzhiyun {
1073*4882a593Smuzhiyun struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1074*4882a593Smuzhiyun struct ieee80211_local *local = sdata->local;
1075*4882a593Smuzhiyun enum ieee80211_smps_mode smps_mode = sdata->u.mgd.driver_smps_mode;
1076*4882a593Smuzhiyun int ret;
1077*4882a593Smuzhiyun
1078*4882a593Smuzhiyun /* don't support setup with forced SMPS mode that's not off */
1079*4882a593Smuzhiyun if (smps_mode != IEEE80211_SMPS_AUTOMATIC &&
1080*4882a593Smuzhiyun smps_mode != IEEE80211_SMPS_OFF) {
1081*4882a593Smuzhiyun tdls_dbg(sdata, "Aborting TDLS setup due to SMPS mode %d\n",
1082*4882a593Smuzhiyun smps_mode);
1083*4882a593Smuzhiyun return -ENOTSUPP;
1084*4882a593Smuzhiyun }
1085*4882a593Smuzhiyun
1086*4882a593Smuzhiyun mutex_lock(&local->mtx);
1087*4882a593Smuzhiyun
1088*4882a593Smuzhiyun /* we don't support concurrent TDLS peer setups */
1089*4882a593Smuzhiyun if (!is_zero_ether_addr(sdata->u.mgd.tdls_peer) &&
1090*4882a593Smuzhiyun !ether_addr_equal(sdata->u.mgd.tdls_peer, peer)) {
1091*4882a593Smuzhiyun ret = -EBUSY;
1092*4882a593Smuzhiyun goto out_unlock;
1093*4882a593Smuzhiyun }
1094*4882a593Smuzhiyun
1095*4882a593Smuzhiyun /*
1096*4882a593Smuzhiyun * make sure we have a STA representing the peer so we drop or buffer
1097*4882a593Smuzhiyun * non-TDLS-setup frames to the peer. We can't send other packets
1098*4882a593Smuzhiyun * during setup through the AP path.
1099*4882a593Smuzhiyun * Allow error packets to be sent - sometimes we don't even add a STA
1100*4882a593Smuzhiyun * before failing the setup.
1101*4882a593Smuzhiyun */
1102*4882a593Smuzhiyun if (status_code == 0) {
1103*4882a593Smuzhiyun rcu_read_lock();
1104*4882a593Smuzhiyun if (!sta_info_get(sdata, peer)) {
1105*4882a593Smuzhiyun rcu_read_unlock();
1106*4882a593Smuzhiyun ret = -ENOLINK;
1107*4882a593Smuzhiyun goto out_unlock;
1108*4882a593Smuzhiyun }
1109*4882a593Smuzhiyun rcu_read_unlock();
1110*4882a593Smuzhiyun }
1111*4882a593Smuzhiyun
1112*4882a593Smuzhiyun ieee80211_flush_queues(local, sdata, false);
1113*4882a593Smuzhiyun memcpy(sdata->u.mgd.tdls_peer, peer, ETH_ALEN);
1114*4882a593Smuzhiyun mutex_unlock(&local->mtx);
1115*4882a593Smuzhiyun
1116*4882a593Smuzhiyun /* we cannot take the mutex while preparing the setup packet */
1117*4882a593Smuzhiyun ret = ieee80211_tdls_prep_mgmt_packet(wiphy, dev, peer, action_code,
1118*4882a593Smuzhiyun dialog_token, status_code,
1119*4882a593Smuzhiyun peer_capability, initiator,
1120*4882a593Smuzhiyun extra_ies, extra_ies_len, 0,
1121*4882a593Smuzhiyun NULL);
1122*4882a593Smuzhiyun if (ret < 0) {
1123*4882a593Smuzhiyun mutex_lock(&local->mtx);
1124*4882a593Smuzhiyun eth_zero_addr(sdata->u.mgd.tdls_peer);
1125*4882a593Smuzhiyun mutex_unlock(&local->mtx);
1126*4882a593Smuzhiyun return ret;
1127*4882a593Smuzhiyun }
1128*4882a593Smuzhiyun
1129*4882a593Smuzhiyun ieee80211_queue_delayed_work(&sdata->local->hw,
1130*4882a593Smuzhiyun &sdata->u.mgd.tdls_peer_del_work,
1131*4882a593Smuzhiyun TDLS_PEER_SETUP_TIMEOUT);
1132*4882a593Smuzhiyun return 0;
1133*4882a593Smuzhiyun
1134*4882a593Smuzhiyun out_unlock:
1135*4882a593Smuzhiyun mutex_unlock(&local->mtx);
1136*4882a593Smuzhiyun return ret;
1137*4882a593Smuzhiyun }
1138*4882a593Smuzhiyun
1139*4882a593Smuzhiyun static int
ieee80211_tdls_mgmt_teardown(struct wiphy * wiphy,struct net_device * dev,const u8 * peer,u8 action_code,u8 dialog_token,u16 status_code,u32 peer_capability,bool initiator,const u8 * extra_ies,size_t extra_ies_len)1140*4882a593Smuzhiyun ieee80211_tdls_mgmt_teardown(struct wiphy *wiphy, struct net_device *dev,
1141*4882a593Smuzhiyun const u8 *peer, u8 action_code, u8 dialog_token,
1142*4882a593Smuzhiyun u16 status_code, u32 peer_capability,
1143*4882a593Smuzhiyun bool initiator, const u8 *extra_ies,
1144*4882a593Smuzhiyun size_t extra_ies_len)
1145*4882a593Smuzhiyun {
1146*4882a593Smuzhiyun struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1147*4882a593Smuzhiyun struct ieee80211_local *local = sdata->local;
1148*4882a593Smuzhiyun struct sta_info *sta;
1149*4882a593Smuzhiyun int ret;
1150*4882a593Smuzhiyun
1151*4882a593Smuzhiyun /*
1152*4882a593Smuzhiyun * No packets can be transmitted to the peer via the AP during setup -
1153*4882a593Smuzhiyun * the STA is set as a TDLS peer, but is not authorized.
1154*4882a593Smuzhiyun * During teardown, we prevent direct transmissions by stopping the
1155*4882a593Smuzhiyun * queues and flushing all direct packets.
1156*4882a593Smuzhiyun */
1157*4882a593Smuzhiyun ieee80211_stop_vif_queues(local, sdata,
1158*4882a593Smuzhiyun IEEE80211_QUEUE_STOP_REASON_TDLS_TEARDOWN);
1159*4882a593Smuzhiyun ieee80211_flush_queues(local, sdata, false);
1160*4882a593Smuzhiyun
1161*4882a593Smuzhiyun ret = ieee80211_tdls_prep_mgmt_packet(wiphy, dev, peer, action_code,
1162*4882a593Smuzhiyun dialog_token, status_code,
1163*4882a593Smuzhiyun peer_capability, initiator,
1164*4882a593Smuzhiyun extra_ies, extra_ies_len, 0,
1165*4882a593Smuzhiyun NULL);
1166*4882a593Smuzhiyun if (ret < 0)
1167*4882a593Smuzhiyun sdata_err(sdata, "Failed sending TDLS teardown packet %d\n",
1168*4882a593Smuzhiyun ret);
1169*4882a593Smuzhiyun
1170*4882a593Smuzhiyun /*
1171*4882a593Smuzhiyun * Remove the STA AUTH flag to force further traffic through the AP. If
1172*4882a593Smuzhiyun * the STA was unreachable, it was already removed.
1173*4882a593Smuzhiyun */
1174*4882a593Smuzhiyun rcu_read_lock();
1175*4882a593Smuzhiyun sta = sta_info_get(sdata, peer);
1176*4882a593Smuzhiyun if (sta)
1177*4882a593Smuzhiyun clear_sta_flag(sta, WLAN_STA_TDLS_PEER_AUTH);
1178*4882a593Smuzhiyun rcu_read_unlock();
1179*4882a593Smuzhiyun
1180*4882a593Smuzhiyun ieee80211_wake_vif_queues(local, sdata,
1181*4882a593Smuzhiyun IEEE80211_QUEUE_STOP_REASON_TDLS_TEARDOWN);
1182*4882a593Smuzhiyun
1183*4882a593Smuzhiyun return 0;
1184*4882a593Smuzhiyun }
1185*4882a593Smuzhiyun
ieee80211_tdls_mgmt(struct wiphy * wiphy,struct net_device * dev,const u8 * peer,u8 action_code,u8 dialog_token,u16 status_code,u32 peer_capability,bool initiator,const u8 * extra_ies,size_t extra_ies_len)1186*4882a593Smuzhiyun int ieee80211_tdls_mgmt(struct wiphy *wiphy, struct net_device *dev,
1187*4882a593Smuzhiyun const u8 *peer, u8 action_code, u8 dialog_token,
1188*4882a593Smuzhiyun u16 status_code, u32 peer_capability,
1189*4882a593Smuzhiyun bool initiator, const u8 *extra_ies,
1190*4882a593Smuzhiyun size_t extra_ies_len)
1191*4882a593Smuzhiyun {
1192*4882a593Smuzhiyun struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1193*4882a593Smuzhiyun int ret;
1194*4882a593Smuzhiyun
1195*4882a593Smuzhiyun if (!(wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS))
1196*4882a593Smuzhiyun return -ENOTSUPP;
1197*4882a593Smuzhiyun
1198*4882a593Smuzhiyun /* make sure we are in managed mode, and associated */
1199*4882a593Smuzhiyun if (sdata->vif.type != NL80211_IFTYPE_STATION ||
1200*4882a593Smuzhiyun !sdata->u.mgd.associated)
1201*4882a593Smuzhiyun return -EINVAL;
1202*4882a593Smuzhiyun
1203*4882a593Smuzhiyun switch (action_code) {
1204*4882a593Smuzhiyun case WLAN_TDLS_SETUP_REQUEST:
1205*4882a593Smuzhiyun case WLAN_TDLS_SETUP_RESPONSE:
1206*4882a593Smuzhiyun ret = ieee80211_tdls_mgmt_setup(wiphy, dev, peer, action_code,
1207*4882a593Smuzhiyun dialog_token, status_code,
1208*4882a593Smuzhiyun peer_capability, initiator,
1209*4882a593Smuzhiyun extra_ies, extra_ies_len);
1210*4882a593Smuzhiyun break;
1211*4882a593Smuzhiyun case WLAN_TDLS_TEARDOWN:
1212*4882a593Smuzhiyun ret = ieee80211_tdls_mgmt_teardown(wiphy, dev, peer,
1213*4882a593Smuzhiyun action_code, dialog_token,
1214*4882a593Smuzhiyun status_code,
1215*4882a593Smuzhiyun peer_capability, initiator,
1216*4882a593Smuzhiyun extra_ies, extra_ies_len);
1217*4882a593Smuzhiyun break;
1218*4882a593Smuzhiyun case WLAN_TDLS_DISCOVERY_REQUEST:
1219*4882a593Smuzhiyun /*
1220*4882a593Smuzhiyun * Protect the discovery so we can hear the TDLS discovery
1221*4882a593Smuzhiyun * response frame. It is transmitted directly and not buffered
1222*4882a593Smuzhiyun * by the AP.
1223*4882a593Smuzhiyun */
1224*4882a593Smuzhiyun drv_mgd_protect_tdls_discover(sdata->local, sdata);
1225*4882a593Smuzhiyun fallthrough;
1226*4882a593Smuzhiyun case WLAN_TDLS_SETUP_CONFIRM:
1227*4882a593Smuzhiyun case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
1228*4882a593Smuzhiyun /* no special handling */
1229*4882a593Smuzhiyun ret = ieee80211_tdls_prep_mgmt_packet(wiphy, dev, peer,
1230*4882a593Smuzhiyun action_code,
1231*4882a593Smuzhiyun dialog_token,
1232*4882a593Smuzhiyun status_code,
1233*4882a593Smuzhiyun peer_capability,
1234*4882a593Smuzhiyun initiator, extra_ies,
1235*4882a593Smuzhiyun extra_ies_len, 0, NULL);
1236*4882a593Smuzhiyun break;
1237*4882a593Smuzhiyun default:
1238*4882a593Smuzhiyun ret = -EOPNOTSUPP;
1239*4882a593Smuzhiyun break;
1240*4882a593Smuzhiyun }
1241*4882a593Smuzhiyun
1242*4882a593Smuzhiyun tdls_dbg(sdata, "TDLS mgmt action %d peer %pM status %d\n",
1243*4882a593Smuzhiyun action_code, peer, ret);
1244*4882a593Smuzhiyun return ret;
1245*4882a593Smuzhiyun }
1246*4882a593Smuzhiyun
iee80211_tdls_recalc_chanctx(struct ieee80211_sub_if_data * sdata,struct sta_info * sta)1247*4882a593Smuzhiyun static void iee80211_tdls_recalc_chanctx(struct ieee80211_sub_if_data *sdata,
1248*4882a593Smuzhiyun struct sta_info *sta)
1249*4882a593Smuzhiyun {
1250*4882a593Smuzhiyun struct ieee80211_local *local = sdata->local;
1251*4882a593Smuzhiyun struct ieee80211_chanctx_conf *conf;
1252*4882a593Smuzhiyun struct ieee80211_chanctx *ctx;
1253*4882a593Smuzhiyun enum nl80211_chan_width width;
1254*4882a593Smuzhiyun struct ieee80211_supported_band *sband;
1255*4882a593Smuzhiyun
1256*4882a593Smuzhiyun mutex_lock(&local->chanctx_mtx);
1257*4882a593Smuzhiyun conf = rcu_dereference_protected(sdata->vif.chanctx_conf,
1258*4882a593Smuzhiyun lockdep_is_held(&local->chanctx_mtx));
1259*4882a593Smuzhiyun if (conf) {
1260*4882a593Smuzhiyun width = conf->def.width;
1261*4882a593Smuzhiyun sband = local->hw.wiphy->bands[conf->def.chan->band];
1262*4882a593Smuzhiyun ctx = container_of(conf, struct ieee80211_chanctx, conf);
1263*4882a593Smuzhiyun ieee80211_recalc_chanctx_chantype(local, ctx);
1264*4882a593Smuzhiyun
1265*4882a593Smuzhiyun /* if width changed and a peer is given, update its BW */
1266*4882a593Smuzhiyun if (width != conf->def.width && sta &&
1267*4882a593Smuzhiyun test_sta_flag(sta, WLAN_STA_TDLS_WIDER_BW)) {
1268*4882a593Smuzhiyun enum ieee80211_sta_rx_bandwidth bw;
1269*4882a593Smuzhiyun
1270*4882a593Smuzhiyun bw = ieee80211_chan_width_to_rx_bw(conf->def.width);
1271*4882a593Smuzhiyun bw = min(bw, ieee80211_sta_cap_rx_bw(sta));
1272*4882a593Smuzhiyun if (bw != sta->sta.bandwidth) {
1273*4882a593Smuzhiyun sta->sta.bandwidth = bw;
1274*4882a593Smuzhiyun rate_control_rate_update(local, sband, sta,
1275*4882a593Smuzhiyun IEEE80211_RC_BW_CHANGED);
1276*4882a593Smuzhiyun /*
1277*4882a593Smuzhiyun * if a TDLS peer BW was updated, we need to
1278*4882a593Smuzhiyun * recalc the chandef width again, to get the
1279*4882a593Smuzhiyun * correct chanctx min_def
1280*4882a593Smuzhiyun */
1281*4882a593Smuzhiyun ieee80211_recalc_chanctx_chantype(local, ctx);
1282*4882a593Smuzhiyun }
1283*4882a593Smuzhiyun }
1284*4882a593Smuzhiyun
1285*4882a593Smuzhiyun }
1286*4882a593Smuzhiyun mutex_unlock(&local->chanctx_mtx);
1287*4882a593Smuzhiyun }
1288*4882a593Smuzhiyun
iee80211_tdls_have_ht_peers(struct ieee80211_sub_if_data * sdata)1289*4882a593Smuzhiyun static int iee80211_tdls_have_ht_peers(struct ieee80211_sub_if_data *sdata)
1290*4882a593Smuzhiyun {
1291*4882a593Smuzhiyun struct sta_info *sta;
1292*4882a593Smuzhiyun bool result = false;
1293*4882a593Smuzhiyun
1294*4882a593Smuzhiyun rcu_read_lock();
1295*4882a593Smuzhiyun list_for_each_entry_rcu(sta, &sdata->local->sta_list, list) {
1296*4882a593Smuzhiyun if (!sta->sta.tdls || sta->sdata != sdata || !sta->uploaded ||
1297*4882a593Smuzhiyun !test_sta_flag(sta, WLAN_STA_AUTHORIZED) ||
1298*4882a593Smuzhiyun !test_sta_flag(sta, WLAN_STA_TDLS_PEER_AUTH) ||
1299*4882a593Smuzhiyun !sta->sta.ht_cap.ht_supported)
1300*4882a593Smuzhiyun continue;
1301*4882a593Smuzhiyun result = true;
1302*4882a593Smuzhiyun break;
1303*4882a593Smuzhiyun }
1304*4882a593Smuzhiyun rcu_read_unlock();
1305*4882a593Smuzhiyun
1306*4882a593Smuzhiyun return result;
1307*4882a593Smuzhiyun }
1308*4882a593Smuzhiyun
1309*4882a593Smuzhiyun static void
iee80211_tdls_recalc_ht_protection(struct ieee80211_sub_if_data * sdata,struct sta_info * sta)1310*4882a593Smuzhiyun iee80211_tdls_recalc_ht_protection(struct ieee80211_sub_if_data *sdata,
1311*4882a593Smuzhiyun struct sta_info *sta)
1312*4882a593Smuzhiyun {
1313*4882a593Smuzhiyun struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
1314*4882a593Smuzhiyun bool tdls_ht;
1315*4882a593Smuzhiyun u16 protection = IEEE80211_HT_OP_MODE_PROTECTION_NONHT_MIXED |
1316*4882a593Smuzhiyun IEEE80211_HT_OP_MODE_NON_GF_STA_PRSNT |
1317*4882a593Smuzhiyun IEEE80211_HT_OP_MODE_NON_HT_STA_PRSNT;
1318*4882a593Smuzhiyun u16 opmode;
1319*4882a593Smuzhiyun
1320*4882a593Smuzhiyun /* Nothing to do if the BSS connection uses HT */
1321*4882a593Smuzhiyun if (!(ifmgd->flags & IEEE80211_STA_DISABLE_HT))
1322*4882a593Smuzhiyun return;
1323*4882a593Smuzhiyun
1324*4882a593Smuzhiyun tdls_ht = (sta && sta->sta.ht_cap.ht_supported) ||
1325*4882a593Smuzhiyun iee80211_tdls_have_ht_peers(sdata);
1326*4882a593Smuzhiyun
1327*4882a593Smuzhiyun opmode = sdata->vif.bss_conf.ht_operation_mode;
1328*4882a593Smuzhiyun
1329*4882a593Smuzhiyun if (tdls_ht)
1330*4882a593Smuzhiyun opmode |= protection;
1331*4882a593Smuzhiyun else
1332*4882a593Smuzhiyun opmode &= ~protection;
1333*4882a593Smuzhiyun
1334*4882a593Smuzhiyun if (opmode == sdata->vif.bss_conf.ht_operation_mode)
1335*4882a593Smuzhiyun return;
1336*4882a593Smuzhiyun
1337*4882a593Smuzhiyun sdata->vif.bss_conf.ht_operation_mode = opmode;
1338*4882a593Smuzhiyun ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_HT);
1339*4882a593Smuzhiyun }
1340*4882a593Smuzhiyun
ieee80211_tdls_oper(struct wiphy * wiphy,struct net_device * dev,const u8 * peer,enum nl80211_tdls_operation oper)1341*4882a593Smuzhiyun int ieee80211_tdls_oper(struct wiphy *wiphy, struct net_device *dev,
1342*4882a593Smuzhiyun const u8 *peer, enum nl80211_tdls_operation oper)
1343*4882a593Smuzhiyun {
1344*4882a593Smuzhiyun struct sta_info *sta;
1345*4882a593Smuzhiyun struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1346*4882a593Smuzhiyun struct ieee80211_local *local = sdata->local;
1347*4882a593Smuzhiyun int ret;
1348*4882a593Smuzhiyun
1349*4882a593Smuzhiyun if (!(wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS))
1350*4882a593Smuzhiyun return -ENOTSUPP;
1351*4882a593Smuzhiyun
1352*4882a593Smuzhiyun if (sdata->vif.type != NL80211_IFTYPE_STATION)
1353*4882a593Smuzhiyun return -EINVAL;
1354*4882a593Smuzhiyun
1355*4882a593Smuzhiyun switch (oper) {
1356*4882a593Smuzhiyun case NL80211_TDLS_ENABLE_LINK:
1357*4882a593Smuzhiyun case NL80211_TDLS_DISABLE_LINK:
1358*4882a593Smuzhiyun break;
1359*4882a593Smuzhiyun case NL80211_TDLS_TEARDOWN:
1360*4882a593Smuzhiyun case NL80211_TDLS_SETUP:
1361*4882a593Smuzhiyun case NL80211_TDLS_DISCOVERY_REQ:
1362*4882a593Smuzhiyun /* We don't support in-driver setup/teardown/discovery */
1363*4882a593Smuzhiyun return -ENOTSUPP;
1364*4882a593Smuzhiyun }
1365*4882a593Smuzhiyun
1366*4882a593Smuzhiyun /* protect possible bss_conf changes and avoid concurrency in
1367*4882a593Smuzhiyun * ieee80211_bss_info_change_notify()
1368*4882a593Smuzhiyun */
1369*4882a593Smuzhiyun sdata_lock(sdata);
1370*4882a593Smuzhiyun mutex_lock(&local->mtx);
1371*4882a593Smuzhiyun tdls_dbg(sdata, "TDLS oper %d peer %pM\n", oper, peer);
1372*4882a593Smuzhiyun
1373*4882a593Smuzhiyun switch (oper) {
1374*4882a593Smuzhiyun case NL80211_TDLS_ENABLE_LINK:
1375*4882a593Smuzhiyun if (sdata->vif.csa_active) {
1376*4882a593Smuzhiyun tdls_dbg(sdata, "TDLS: disallow link during CSA\n");
1377*4882a593Smuzhiyun ret = -EBUSY;
1378*4882a593Smuzhiyun break;
1379*4882a593Smuzhiyun }
1380*4882a593Smuzhiyun
1381*4882a593Smuzhiyun mutex_lock(&local->sta_mtx);
1382*4882a593Smuzhiyun sta = sta_info_get(sdata, peer);
1383*4882a593Smuzhiyun if (!sta) {
1384*4882a593Smuzhiyun mutex_unlock(&local->sta_mtx);
1385*4882a593Smuzhiyun ret = -ENOLINK;
1386*4882a593Smuzhiyun break;
1387*4882a593Smuzhiyun }
1388*4882a593Smuzhiyun
1389*4882a593Smuzhiyun iee80211_tdls_recalc_chanctx(sdata, sta);
1390*4882a593Smuzhiyun iee80211_tdls_recalc_ht_protection(sdata, sta);
1391*4882a593Smuzhiyun
1392*4882a593Smuzhiyun set_sta_flag(sta, WLAN_STA_TDLS_PEER_AUTH);
1393*4882a593Smuzhiyun mutex_unlock(&local->sta_mtx);
1394*4882a593Smuzhiyun
1395*4882a593Smuzhiyun WARN_ON_ONCE(is_zero_ether_addr(sdata->u.mgd.tdls_peer) ||
1396*4882a593Smuzhiyun !ether_addr_equal(sdata->u.mgd.tdls_peer, peer));
1397*4882a593Smuzhiyun ret = 0;
1398*4882a593Smuzhiyun break;
1399*4882a593Smuzhiyun case NL80211_TDLS_DISABLE_LINK:
1400*4882a593Smuzhiyun /*
1401*4882a593Smuzhiyun * The teardown message in ieee80211_tdls_mgmt_teardown() was
1402*4882a593Smuzhiyun * created while the queues were stopped, so it might still be
1403*4882a593Smuzhiyun * pending. Before flushing the queues we need to be sure the
1404*4882a593Smuzhiyun * message is handled by the tasklet handling pending messages,
1405*4882a593Smuzhiyun * otherwise we might start destroying the station before
1406*4882a593Smuzhiyun * sending the teardown packet.
1407*4882a593Smuzhiyun * Note that this only forces the tasklet to flush pendings -
1408*4882a593Smuzhiyun * not to stop the tasklet from rescheduling itself.
1409*4882a593Smuzhiyun */
1410*4882a593Smuzhiyun tasklet_kill(&local->tx_pending_tasklet);
1411*4882a593Smuzhiyun /* flush a potentially queued teardown packet */
1412*4882a593Smuzhiyun ieee80211_flush_queues(local, sdata, false);
1413*4882a593Smuzhiyun
1414*4882a593Smuzhiyun ret = sta_info_destroy_addr(sdata, peer);
1415*4882a593Smuzhiyun
1416*4882a593Smuzhiyun mutex_lock(&local->sta_mtx);
1417*4882a593Smuzhiyun iee80211_tdls_recalc_ht_protection(sdata, NULL);
1418*4882a593Smuzhiyun mutex_unlock(&local->sta_mtx);
1419*4882a593Smuzhiyun
1420*4882a593Smuzhiyun iee80211_tdls_recalc_chanctx(sdata, NULL);
1421*4882a593Smuzhiyun break;
1422*4882a593Smuzhiyun default:
1423*4882a593Smuzhiyun ret = -ENOTSUPP;
1424*4882a593Smuzhiyun break;
1425*4882a593Smuzhiyun }
1426*4882a593Smuzhiyun
1427*4882a593Smuzhiyun if (ret == 0 && ether_addr_equal(sdata->u.mgd.tdls_peer, peer)) {
1428*4882a593Smuzhiyun cancel_delayed_work(&sdata->u.mgd.tdls_peer_del_work);
1429*4882a593Smuzhiyun eth_zero_addr(sdata->u.mgd.tdls_peer);
1430*4882a593Smuzhiyun }
1431*4882a593Smuzhiyun
1432*4882a593Smuzhiyun if (ret == 0)
1433*4882a593Smuzhiyun ieee80211_queue_work(&sdata->local->hw,
1434*4882a593Smuzhiyun &sdata->u.mgd.request_smps_work);
1435*4882a593Smuzhiyun
1436*4882a593Smuzhiyun mutex_unlock(&local->mtx);
1437*4882a593Smuzhiyun sdata_unlock(sdata);
1438*4882a593Smuzhiyun return ret;
1439*4882a593Smuzhiyun }
1440*4882a593Smuzhiyun
ieee80211_tdls_oper_request(struct ieee80211_vif * vif,const u8 * peer,enum nl80211_tdls_operation oper,u16 reason_code,gfp_t gfp)1441*4882a593Smuzhiyun void ieee80211_tdls_oper_request(struct ieee80211_vif *vif, const u8 *peer,
1442*4882a593Smuzhiyun enum nl80211_tdls_operation oper,
1443*4882a593Smuzhiyun u16 reason_code, gfp_t gfp)
1444*4882a593Smuzhiyun {
1445*4882a593Smuzhiyun struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
1446*4882a593Smuzhiyun
1447*4882a593Smuzhiyun if (vif->type != NL80211_IFTYPE_STATION || !vif->bss_conf.assoc) {
1448*4882a593Smuzhiyun sdata_err(sdata, "Discarding TDLS oper %d - not STA or disconnected\n",
1449*4882a593Smuzhiyun oper);
1450*4882a593Smuzhiyun return;
1451*4882a593Smuzhiyun }
1452*4882a593Smuzhiyun
1453*4882a593Smuzhiyun cfg80211_tdls_oper_request(sdata->dev, peer, oper, reason_code, gfp);
1454*4882a593Smuzhiyun }
1455*4882a593Smuzhiyun EXPORT_SYMBOL(ieee80211_tdls_oper_request);
1456*4882a593Smuzhiyun
1457*4882a593Smuzhiyun static void
iee80211_tdls_add_ch_switch_timing(u8 * buf,u16 switch_time,u16 switch_timeout)1458*4882a593Smuzhiyun iee80211_tdls_add_ch_switch_timing(u8 *buf, u16 switch_time, u16 switch_timeout)
1459*4882a593Smuzhiyun {
1460*4882a593Smuzhiyun struct ieee80211_ch_switch_timing *ch_sw;
1461*4882a593Smuzhiyun
1462*4882a593Smuzhiyun *buf++ = WLAN_EID_CHAN_SWITCH_TIMING;
1463*4882a593Smuzhiyun *buf++ = sizeof(struct ieee80211_ch_switch_timing);
1464*4882a593Smuzhiyun
1465*4882a593Smuzhiyun ch_sw = (void *)buf;
1466*4882a593Smuzhiyun ch_sw->switch_time = cpu_to_le16(switch_time);
1467*4882a593Smuzhiyun ch_sw->switch_timeout = cpu_to_le16(switch_timeout);
1468*4882a593Smuzhiyun }
1469*4882a593Smuzhiyun
1470*4882a593Smuzhiyun /* find switch timing IE in SKB ready for Tx */
ieee80211_tdls_find_sw_timing_ie(struct sk_buff * skb)1471*4882a593Smuzhiyun static const u8 *ieee80211_tdls_find_sw_timing_ie(struct sk_buff *skb)
1472*4882a593Smuzhiyun {
1473*4882a593Smuzhiyun struct ieee80211_tdls_data *tf;
1474*4882a593Smuzhiyun const u8 *ie_start;
1475*4882a593Smuzhiyun
1476*4882a593Smuzhiyun /*
1477*4882a593Smuzhiyun * Get the offset for the new location of the switch timing IE.
1478*4882a593Smuzhiyun * The SKB network header will now point to the "payload_type"
1479*4882a593Smuzhiyun * element of the TDLS data frame struct.
1480*4882a593Smuzhiyun */
1481*4882a593Smuzhiyun tf = container_of(skb->data + skb_network_offset(skb),
1482*4882a593Smuzhiyun struct ieee80211_tdls_data, payload_type);
1483*4882a593Smuzhiyun ie_start = tf->u.chan_switch_req.variable;
1484*4882a593Smuzhiyun return cfg80211_find_ie(WLAN_EID_CHAN_SWITCH_TIMING, ie_start,
1485*4882a593Smuzhiyun skb->len - (ie_start - skb->data));
1486*4882a593Smuzhiyun }
1487*4882a593Smuzhiyun
1488*4882a593Smuzhiyun static struct sk_buff *
ieee80211_tdls_ch_sw_tmpl_get(struct sta_info * sta,u8 oper_class,struct cfg80211_chan_def * chandef,u32 * ch_sw_tm_ie_offset)1489*4882a593Smuzhiyun ieee80211_tdls_ch_sw_tmpl_get(struct sta_info *sta, u8 oper_class,
1490*4882a593Smuzhiyun struct cfg80211_chan_def *chandef,
1491*4882a593Smuzhiyun u32 *ch_sw_tm_ie_offset)
1492*4882a593Smuzhiyun {
1493*4882a593Smuzhiyun struct ieee80211_sub_if_data *sdata = sta->sdata;
1494*4882a593Smuzhiyun u8 extra_ies[2 + sizeof(struct ieee80211_sec_chan_offs_ie) +
1495*4882a593Smuzhiyun 2 + sizeof(struct ieee80211_ch_switch_timing)];
1496*4882a593Smuzhiyun int extra_ies_len = 2 + sizeof(struct ieee80211_ch_switch_timing);
1497*4882a593Smuzhiyun u8 *pos = extra_ies;
1498*4882a593Smuzhiyun struct sk_buff *skb;
1499*4882a593Smuzhiyun
1500*4882a593Smuzhiyun /*
1501*4882a593Smuzhiyun * if chandef points to a wide channel add a Secondary-Channel
1502*4882a593Smuzhiyun * Offset information element
1503*4882a593Smuzhiyun */
1504*4882a593Smuzhiyun if (chandef->width == NL80211_CHAN_WIDTH_40) {
1505*4882a593Smuzhiyun struct ieee80211_sec_chan_offs_ie *sec_chan_ie;
1506*4882a593Smuzhiyun bool ht40plus;
1507*4882a593Smuzhiyun
1508*4882a593Smuzhiyun *pos++ = WLAN_EID_SECONDARY_CHANNEL_OFFSET;
1509*4882a593Smuzhiyun *pos++ = sizeof(*sec_chan_ie);
1510*4882a593Smuzhiyun sec_chan_ie = (void *)pos;
1511*4882a593Smuzhiyun
1512*4882a593Smuzhiyun ht40plus = cfg80211_get_chandef_type(chandef) ==
1513*4882a593Smuzhiyun NL80211_CHAN_HT40PLUS;
1514*4882a593Smuzhiyun sec_chan_ie->sec_chan_offs = ht40plus ?
1515*4882a593Smuzhiyun IEEE80211_HT_PARAM_CHA_SEC_ABOVE :
1516*4882a593Smuzhiyun IEEE80211_HT_PARAM_CHA_SEC_BELOW;
1517*4882a593Smuzhiyun pos += sizeof(*sec_chan_ie);
1518*4882a593Smuzhiyun
1519*4882a593Smuzhiyun extra_ies_len += 2 + sizeof(struct ieee80211_sec_chan_offs_ie);
1520*4882a593Smuzhiyun }
1521*4882a593Smuzhiyun
1522*4882a593Smuzhiyun /* just set the values to 0, this is a template */
1523*4882a593Smuzhiyun iee80211_tdls_add_ch_switch_timing(pos, 0, 0);
1524*4882a593Smuzhiyun
1525*4882a593Smuzhiyun skb = ieee80211_tdls_build_mgmt_packet_data(sdata, sta->sta.addr,
1526*4882a593Smuzhiyun WLAN_TDLS_CHANNEL_SWITCH_REQUEST,
1527*4882a593Smuzhiyun 0, 0, !sta->sta.tdls_initiator,
1528*4882a593Smuzhiyun extra_ies, extra_ies_len,
1529*4882a593Smuzhiyun oper_class, chandef);
1530*4882a593Smuzhiyun if (!skb)
1531*4882a593Smuzhiyun return NULL;
1532*4882a593Smuzhiyun
1533*4882a593Smuzhiyun skb = ieee80211_build_data_template(sdata, skb, 0);
1534*4882a593Smuzhiyun if (IS_ERR(skb)) {
1535*4882a593Smuzhiyun tdls_dbg(sdata, "Failed building TDLS channel switch frame\n");
1536*4882a593Smuzhiyun return NULL;
1537*4882a593Smuzhiyun }
1538*4882a593Smuzhiyun
1539*4882a593Smuzhiyun if (ch_sw_tm_ie_offset) {
1540*4882a593Smuzhiyun const u8 *tm_ie = ieee80211_tdls_find_sw_timing_ie(skb);
1541*4882a593Smuzhiyun
1542*4882a593Smuzhiyun if (!tm_ie) {
1543*4882a593Smuzhiyun tdls_dbg(sdata, "No switch timing IE in TDLS switch\n");
1544*4882a593Smuzhiyun dev_kfree_skb_any(skb);
1545*4882a593Smuzhiyun return NULL;
1546*4882a593Smuzhiyun }
1547*4882a593Smuzhiyun
1548*4882a593Smuzhiyun *ch_sw_tm_ie_offset = tm_ie - skb->data;
1549*4882a593Smuzhiyun }
1550*4882a593Smuzhiyun
1551*4882a593Smuzhiyun tdls_dbg(sdata,
1552*4882a593Smuzhiyun "TDLS channel switch request template for %pM ch %d width %d\n",
1553*4882a593Smuzhiyun sta->sta.addr, chandef->chan->center_freq, chandef->width);
1554*4882a593Smuzhiyun return skb;
1555*4882a593Smuzhiyun }
1556*4882a593Smuzhiyun
1557*4882a593Smuzhiyun int
ieee80211_tdls_channel_switch(struct wiphy * wiphy,struct net_device * dev,const u8 * addr,u8 oper_class,struct cfg80211_chan_def * chandef)1558*4882a593Smuzhiyun ieee80211_tdls_channel_switch(struct wiphy *wiphy, struct net_device *dev,
1559*4882a593Smuzhiyun const u8 *addr, u8 oper_class,
1560*4882a593Smuzhiyun struct cfg80211_chan_def *chandef)
1561*4882a593Smuzhiyun {
1562*4882a593Smuzhiyun struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1563*4882a593Smuzhiyun struct ieee80211_local *local = sdata->local;
1564*4882a593Smuzhiyun struct sta_info *sta;
1565*4882a593Smuzhiyun struct sk_buff *skb = NULL;
1566*4882a593Smuzhiyun u32 ch_sw_tm_ie;
1567*4882a593Smuzhiyun int ret;
1568*4882a593Smuzhiyun
1569*4882a593Smuzhiyun if (chandef->chan->freq_offset)
1570*4882a593Smuzhiyun /* this may work, but is untested */
1571*4882a593Smuzhiyun return -EOPNOTSUPP;
1572*4882a593Smuzhiyun
1573*4882a593Smuzhiyun mutex_lock(&local->sta_mtx);
1574*4882a593Smuzhiyun sta = sta_info_get(sdata, addr);
1575*4882a593Smuzhiyun if (!sta) {
1576*4882a593Smuzhiyun tdls_dbg(sdata,
1577*4882a593Smuzhiyun "Invalid TDLS peer %pM for channel switch request\n",
1578*4882a593Smuzhiyun addr);
1579*4882a593Smuzhiyun ret = -ENOENT;
1580*4882a593Smuzhiyun goto out;
1581*4882a593Smuzhiyun }
1582*4882a593Smuzhiyun
1583*4882a593Smuzhiyun if (!test_sta_flag(sta, WLAN_STA_TDLS_CHAN_SWITCH)) {
1584*4882a593Smuzhiyun tdls_dbg(sdata, "TDLS channel switch unsupported by %pM\n",
1585*4882a593Smuzhiyun addr);
1586*4882a593Smuzhiyun ret = -ENOTSUPP;
1587*4882a593Smuzhiyun goto out;
1588*4882a593Smuzhiyun }
1589*4882a593Smuzhiyun
1590*4882a593Smuzhiyun skb = ieee80211_tdls_ch_sw_tmpl_get(sta, oper_class, chandef,
1591*4882a593Smuzhiyun &ch_sw_tm_ie);
1592*4882a593Smuzhiyun if (!skb) {
1593*4882a593Smuzhiyun ret = -ENOENT;
1594*4882a593Smuzhiyun goto out;
1595*4882a593Smuzhiyun }
1596*4882a593Smuzhiyun
1597*4882a593Smuzhiyun ret = drv_tdls_channel_switch(local, sdata, &sta->sta, oper_class,
1598*4882a593Smuzhiyun chandef, skb, ch_sw_tm_ie);
1599*4882a593Smuzhiyun if (!ret)
1600*4882a593Smuzhiyun set_sta_flag(sta, WLAN_STA_TDLS_OFF_CHANNEL);
1601*4882a593Smuzhiyun
1602*4882a593Smuzhiyun out:
1603*4882a593Smuzhiyun mutex_unlock(&local->sta_mtx);
1604*4882a593Smuzhiyun dev_kfree_skb_any(skb);
1605*4882a593Smuzhiyun return ret;
1606*4882a593Smuzhiyun }
1607*4882a593Smuzhiyun
1608*4882a593Smuzhiyun void
ieee80211_tdls_cancel_channel_switch(struct wiphy * wiphy,struct net_device * dev,const u8 * addr)1609*4882a593Smuzhiyun ieee80211_tdls_cancel_channel_switch(struct wiphy *wiphy,
1610*4882a593Smuzhiyun struct net_device *dev,
1611*4882a593Smuzhiyun const u8 *addr)
1612*4882a593Smuzhiyun {
1613*4882a593Smuzhiyun struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1614*4882a593Smuzhiyun struct ieee80211_local *local = sdata->local;
1615*4882a593Smuzhiyun struct sta_info *sta;
1616*4882a593Smuzhiyun
1617*4882a593Smuzhiyun mutex_lock(&local->sta_mtx);
1618*4882a593Smuzhiyun sta = sta_info_get(sdata, addr);
1619*4882a593Smuzhiyun if (!sta) {
1620*4882a593Smuzhiyun tdls_dbg(sdata,
1621*4882a593Smuzhiyun "Invalid TDLS peer %pM for channel switch cancel\n",
1622*4882a593Smuzhiyun addr);
1623*4882a593Smuzhiyun goto out;
1624*4882a593Smuzhiyun }
1625*4882a593Smuzhiyun
1626*4882a593Smuzhiyun if (!test_sta_flag(sta, WLAN_STA_TDLS_OFF_CHANNEL)) {
1627*4882a593Smuzhiyun tdls_dbg(sdata, "TDLS channel switch not initiated by %pM\n",
1628*4882a593Smuzhiyun addr);
1629*4882a593Smuzhiyun goto out;
1630*4882a593Smuzhiyun }
1631*4882a593Smuzhiyun
1632*4882a593Smuzhiyun drv_tdls_cancel_channel_switch(local, sdata, &sta->sta);
1633*4882a593Smuzhiyun clear_sta_flag(sta, WLAN_STA_TDLS_OFF_CHANNEL);
1634*4882a593Smuzhiyun
1635*4882a593Smuzhiyun out:
1636*4882a593Smuzhiyun mutex_unlock(&local->sta_mtx);
1637*4882a593Smuzhiyun }
1638*4882a593Smuzhiyun
1639*4882a593Smuzhiyun static struct sk_buff *
ieee80211_tdls_ch_sw_resp_tmpl_get(struct sta_info * sta,u32 * ch_sw_tm_ie_offset)1640*4882a593Smuzhiyun ieee80211_tdls_ch_sw_resp_tmpl_get(struct sta_info *sta,
1641*4882a593Smuzhiyun u32 *ch_sw_tm_ie_offset)
1642*4882a593Smuzhiyun {
1643*4882a593Smuzhiyun struct ieee80211_sub_if_data *sdata = sta->sdata;
1644*4882a593Smuzhiyun struct sk_buff *skb;
1645*4882a593Smuzhiyun u8 extra_ies[2 + sizeof(struct ieee80211_ch_switch_timing)];
1646*4882a593Smuzhiyun
1647*4882a593Smuzhiyun /* initial timing are always zero in the template */
1648*4882a593Smuzhiyun iee80211_tdls_add_ch_switch_timing(extra_ies, 0, 0);
1649*4882a593Smuzhiyun
1650*4882a593Smuzhiyun skb = ieee80211_tdls_build_mgmt_packet_data(sdata, sta->sta.addr,
1651*4882a593Smuzhiyun WLAN_TDLS_CHANNEL_SWITCH_RESPONSE,
1652*4882a593Smuzhiyun 0, 0, !sta->sta.tdls_initiator,
1653*4882a593Smuzhiyun extra_ies, sizeof(extra_ies), 0, NULL);
1654*4882a593Smuzhiyun if (!skb)
1655*4882a593Smuzhiyun return NULL;
1656*4882a593Smuzhiyun
1657*4882a593Smuzhiyun skb = ieee80211_build_data_template(sdata, skb, 0);
1658*4882a593Smuzhiyun if (IS_ERR(skb)) {
1659*4882a593Smuzhiyun tdls_dbg(sdata,
1660*4882a593Smuzhiyun "Failed building TDLS channel switch resp frame\n");
1661*4882a593Smuzhiyun return NULL;
1662*4882a593Smuzhiyun }
1663*4882a593Smuzhiyun
1664*4882a593Smuzhiyun if (ch_sw_tm_ie_offset) {
1665*4882a593Smuzhiyun const u8 *tm_ie = ieee80211_tdls_find_sw_timing_ie(skb);
1666*4882a593Smuzhiyun
1667*4882a593Smuzhiyun if (!tm_ie) {
1668*4882a593Smuzhiyun tdls_dbg(sdata,
1669*4882a593Smuzhiyun "No switch timing IE in TDLS switch resp\n");
1670*4882a593Smuzhiyun dev_kfree_skb_any(skb);
1671*4882a593Smuzhiyun return NULL;
1672*4882a593Smuzhiyun }
1673*4882a593Smuzhiyun
1674*4882a593Smuzhiyun *ch_sw_tm_ie_offset = tm_ie - skb->data;
1675*4882a593Smuzhiyun }
1676*4882a593Smuzhiyun
1677*4882a593Smuzhiyun tdls_dbg(sdata, "TDLS get channel switch response template for %pM\n",
1678*4882a593Smuzhiyun sta->sta.addr);
1679*4882a593Smuzhiyun return skb;
1680*4882a593Smuzhiyun }
1681*4882a593Smuzhiyun
1682*4882a593Smuzhiyun static int
ieee80211_process_tdls_channel_switch_resp(struct ieee80211_sub_if_data * sdata,struct sk_buff * skb)1683*4882a593Smuzhiyun ieee80211_process_tdls_channel_switch_resp(struct ieee80211_sub_if_data *sdata,
1684*4882a593Smuzhiyun struct sk_buff *skb)
1685*4882a593Smuzhiyun {
1686*4882a593Smuzhiyun struct ieee80211_local *local = sdata->local;
1687*4882a593Smuzhiyun struct ieee802_11_elems elems;
1688*4882a593Smuzhiyun struct sta_info *sta;
1689*4882a593Smuzhiyun struct ieee80211_tdls_data *tf = (void *)skb->data;
1690*4882a593Smuzhiyun bool local_initiator;
1691*4882a593Smuzhiyun struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb);
1692*4882a593Smuzhiyun int baselen = offsetof(typeof(*tf), u.chan_switch_resp.variable);
1693*4882a593Smuzhiyun struct ieee80211_tdls_ch_sw_params params = {};
1694*4882a593Smuzhiyun int ret;
1695*4882a593Smuzhiyun
1696*4882a593Smuzhiyun params.action_code = WLAN_TDLS_CHANNEL_SWITCH_RESPONSE;
1697*4882a593Smuzhiyun params.timestamp = rx_status->device_timestamp;
1698*4882a593Smuzhiyun
1699*4882a593Smuzhiyun if (skb->len < baselen) {
1700*4882a593Smuzhiyun tdls_dbg(sdata, "TDLS channel switch resp too short: %d\n",
1701*4882a593Smuzhiyun skb->len);
1702*4882a593Smuzhiyun return -EINVAL;
1703*4882a593Smuzhiyun }
1704*4882a593Smuzhiyun
1705*4882a593Smuzhiyun mutex_lock(&local->sta_mtx);
1706*4882a593Smuzhiyun sta = sta_info_get(sdata, tf->sa);
1707*4882a593Smuzhiyun if (!sta || !test_sta_flag(sta, WLAN_STA_TDLS_PEER_AUTH)) {
1708*4882a593Smuzhiyun tdls_dbg(sdata, "TDLS chan switch from non-peer sta %pM\n",
1709*4882a593Smuzhiyun tf->sa);
1710*4882a593Smuzhiyun ret = -EINVAL;
1711*4882a593Smuzhiyun goto out;
1712*4882a593Smuzhiyun }
1713*4882a593Smuzhiyun
1714*4882a593Smuzhiyun params.sta = &sta->sta;
1715*4882a593Smuzhiyun params.status = le16_to_cpu(tf->u.chan_switch_resp.status_code);
1716*4882a593Smuzhiyun if (params.status != 0) {
1717*4882a593Smuzhiyun ret = 0;
1718*4882a593Smuzhiyun goto call_drv;
1719*4882a593Smuzhiyun }
1720*4882a593Smuzhiyun
1721*4882a593Smuzhiyun ieee802_11_parse_elems(tf->u.chan_switch_resp.variable,
1722*4882a593Smuzhiyun skb->len - baselen, false, &elems,
1723*4882a593Smuzhiyun NULL, NULL);
1724*4882a593Smuzhiyun if (elems.parse_error) {
1725*4882a593Smuzhiyun tdls_dbg(sdata, "Invalid IEs in TDLS channel switch resp\n");
1726*4882a593Smuzhiyun ret = -EINVAL;
1727*4882a593Smuzhiyun goto out;
1728*4882a593Smuzhiyun }
1729*4882a593Smuzhiyun
1730*4882a593Smuzhiyun if (!elems.ch_sw_timing || !elems.lnk_id) {
1731*4882a593Smuzhiyun tdls_dbg(sdata, "TDLS channel switch resp - missing IEs\n");
1732*4882a593Smuzhiyun ret = -EINVAL;
1733*4882a593Smuzhiyun goto out;
1734*4882a593Smuzhiyun }
1735*4882a593Smuzhiyun
1736*4882a593Smuzhiyun /* validate the initiator is set correctly */
1737*4882a593Smuzhiyun local_initiator =
1738*4882a593Smuzhiyun !memcmp(elems.lnk_id->init_sta, sdata->vif.addr, ETH_ALEN);
1739*4882a593Smuzhiyun if (local_initiator == sta->sta.tdls_initiator) {
1740*4882a593Smuzhiyun tdls_dbg(sdata, "TDLS chan switch invalid lnk-id initiator\n");
1741*4882a593Smuzhiyun ret = -EINVAL;
1742*4882a593Smuzhiyun goto out;
1743*4882a593Smuzhiyun }
1744*4882a593Smuzhiyun
1745*4882a593Smuzhiyun params.switch_time = le16_to_cpu(elems.ch_sw_timing->switch_time);
1746*4882a593Smuzhiyun params.switch_timeout = le16_to_cpu(elems.ch_sw_timing->switch_timeout);
1747*4882a593Smuzhiyun
1748*4882a593Smuzhiyun params.tmpl_skb =
1749*4882a593Smuzhiyun ieee80211_tdls_ch_sw_resp_tmpl_get(sta, ¶ms.ch_sw_tm_ie);
1750*4882a593Smuzhiyun if (!params.tmpl_skb) {
1751*4882a593Smuzhiyun ret = -ENOENT;
1752*4882a593Smuzhiyun goto out;
1753*4882a593Smuzhiyun }
1754*4882a593Smuzhiyun
1755*4882a593Smuzhiyun ret = 0;
1756*4882a593Smuzhiyun call_drv:
1757*4882a593Smuzhiyun drv_tdls_recv_channel_switch(sdata->local, sdata, ¶ms);
1758*4882a593Smuzhiyun
1759*4882a593Smuzhiyun tdls_dbg(sdata,
1760*4882a593Smuzhiyun "TDLS channel switch response received from %pM status %d\n",
1761*4882a593Smuzhiyun tf->sa, params.status);
1762*4882a593Smuzhiyun
1763*4882a593Smuzhiyun out:
1764*4882a593Smuzhiyun mutex_unlock(&local->sta_mtx);
1765*4882a593Smuzhiyun dev_kfree_skb_any(params.tmpl_skb);
1766*4882a593Smuzhiyun return ret;
1767*4882a593Smuzhiyun }
1768*4882a593Smuzhiyun
1769*4882a593Smuzhiyun static int
ieee80211_process_tdls_channel_switch_req(struct ieee80211_sub_if_data * sdata,struct sk_buff * skb)1770*4882a593Smuzhiyun ieee80211_process_tdls_channel_switch_req(struct ieee80211_sub_if_data *sdata,
1771*4882a593Smuzhiyun struct sk_buff *skb)
1772*4882a593Smuzhiyun {
1773*4882a593Smuzhiyun struct ieee80211_local *local = sdata->local;
1774*4882a593Smuzhiyun struct ieee802_11_elems elems;
1775*4882a593Smuzhiyun struct cfg80211_chan_def chandef;
1776*4882a593Smuzhiyun struct ieee80211_channel *chan;
1777*4882a593Smuzhiyun enum nl80211_channel_type chan_type;
1778*4882a593Smuzhiyun int freq;
1779*4882a593Smuzhiyun u8 target_channel, oper_class;
1780*4882a593Smuzhiyun bool local_initiator;
1781*4882a593Smuzhiyun struct sta_info *sta;
1782*4882a593Smuzhiyun enum nl80211_band band;
1783*4882a593Smuzhiyun struct ieee80211_tdls_data *tf = (void *)skb->data;
1784*4882a593Smuzhiyun struct ieee80211_rx_status *rx_status = IEEE80211_SKB_RXCB(skb);
1785*4882a593Smuzhiyun int baselen = offsetof(typeof(*tf), u.chan_switch_req.variable);
1786*4882a593Smuzhiyun struct ieee80211_tdls_ch_sw_params params = {};
1787*4882a593Smuzhiyun int ret = 0;
1788*4882a593Smuzhiyun
1789*4882a593Smuzhiyun params.action_code = WLAN_TDLS_CHANNEL_SWITCH_REQUEST;
1790*4882a593Smuzhiyun params.timestamp = rx_status->device_timestamp;
1791*4882a593Smuzhiyun
1792*4882a593Smuzhiyun if (skb->len < baselen) {
1793*4882a593Smuzhiyun tdls_dbg(sdata, "TDLS channel switch req too short: %d\n",
1794*4882a593Smuzhiyun skb->len);
1795*4882a593Smuzhiyun return -EINVAL;
1796*4882a593Smuzhiyun }
1797*4882a593Smuzhiyun
1798*4882a593Smuzhiyun target_channel = tf->u.chan_switch_req.target_channel;
1799*4882a593Smuzhiyun oper_class = tf->u.chan_switch_req.oper_class;
1800*4882a593Smuzhiyun
1801*4882a593Smuzhiyun /*
1802*4882a593Smuzhiyun * We can't easily infer the channel band. The operating class is
1803*4882a593Smuzhiyun * ambiguous - there are multiple tables (US/Europe/JP/Global). The
1804*4882a593Smuzhiyun * solution here is to treat channels with number >14 as 5GHz ones,
1805*4882a593Smuzhiyun * and specifically check for the (oper_class, channel) combinations
1806*4882a593Smuzhiyun * where this doesn't hold. These are thankfully unique according to
1807*4882a593Smuzhiyun * IEEE802.11-2012.
1808*4882a593Smuzhiyun * We consider only the 2GHz and 5GHz bands and 20MHz+ channels as
1809*4882a593Smuzhiyun * valid here.
1810*4882a593Smuzhiyun */
1811*4882a593Smuzhiyun if ((oper_class == 112 || oper_class == 2 || oper_class == 3 ||
1812*4882a593Smuzhiyun oper_class == 4 || oper_class == 5 || oper_class == 6) &&
1813*4882a593Smuzhiyun target_channel < 14)
1814*4882a593Smuzhiyun band = NL80211_BAND_5GHZ;
1815*4882a593Smuzhiyun else
1816*4882a593Smuzhiyun band = target_channel < 14 ? NL80211_BAND_2GHZ :
1817*4882a593Smuzhiyun NL80211_BAND_5GHZ;
1818*4882a593Smuzhiyun
1819*4882a593Smuzhiyun freq = ieee80211_channel_to_frequency(target_channel, band);
1820*4882a593Smuzhiyun if (freq == 0) {
1821*4882a593Smuzhiyun tdls_dbg(sdata, "Invalid channel in TDLS chan switch: %d\n",
1822*4882a593Smuzhiyun target_channel);
1823*4882a593Smuzhiyun return -EINVAL;
1824*4882a593Smuzhiyun }
1825*4882a593Smuzhiyun
1826*4882a593Smuzhiyun chan = ieee80211_get_channel(sdata->local->hw.wiphy, freq);
1827*4882a593Smuzhiyun if (!chan) {
1828*4882a593Smuzhiyun tdls_dbg(sdata,
1829*4882a593Smuzhiyun "Unsupported channel for TDLS chan switch: %d\n",
1830*4882a593Smuzhiyun target_channel);
1831*4882a593Smuzhiyun return -EINVAL;
1832*4882a593Smuzhiyun }
1833*4882a593Smuzhiyun
1834*4882a593Smuzhiyun ieee802_11_parse_elems(tf->u.chan_switch_req.variable,
1835*4882a593Smuzhiyun skb->len - baselen, false, &elems, NULL, NULL);
1836*4882a593Smuzhiyun if (elems.parse_error) {
1837*4882a593Smuzhiyun tdls_dbg(sdata, "Invalid IEs in TDLS channel switch req\n");
1838*4882a593Smuzhiyun return -EINVAL;
1839*4882a593Smuzhiyun }
1840*4882a593Smuzhiyun
1841*4882a593Smuzhiyun if (!elems.ch_sw_timing || !elems.lnk_id) {
1842*4882a593Smuzhiyun tdls_dbg(sdata, "TDLS channel switch req - missing IEs\n");
1843*4882a593Smuzhiyun return -EINVAL;
1844*4882a593Smuzhiyun }
1845*4882a593Smuzhiyun
1846*4882a593Smuzhiyun if (!elems.sec_chan_offs) {
1847*4882a593Smuzhiyun chan_type = NL80211_CHAN_HT20;
1848*4882a593Smuzhiyun } else {
1849*4882a593Smuzhiyun switch (elems.sec_chan_offs->sec_chan_offs) {
1850*4882a593Smuzhiyun case IEEE80211_HT_PARAM_CHA_SEC_ABOVE:
1851*4882a593Smuzhiyun chan_type = NL80211_CHAN_HT40PLUS;
1852*4882a593Smuzhiyun break;
1853*4882a593Smuzhiyun case IEEE80211_HT_PARAM_CHA_SEC_BELOW:
1854*4882a593Smuzhiyun chan_type = NL80211_CHAN_HT40MINUS;
1855*4882a593Smuzhiyun break;
1856*4882a593Smuzhiyun default:
1857*4882a593Smuzhiyun chan_type = NL80211_CHAN_HT20;
1858*4882a593Smuzhiyun break;
1859*4882a593Smuzhiyun }
1860*4882a593Smuzhiyun }
1861*4882a593Smuzhiyun
1862*4882a593Smuzhiyun cfg80211_chandef_create(&chandef, chan, chan_type);
1863*4882a593Smuzhiyun
1864*4882a593Smuzhiyun /* we will be active on the TDLS link */
1865*4882a593Smuzhiyun if (!cfg80211_reg_can_beacon_relax(sdata->local->hw.wiphy, &chandef,
1866*4882a593Smuzhiyun sdata->wdev.iftype)) {
1867*4882a593Smuzhiyun tdls_dbg(sdata, "TDLS chan switch to forbidden channel\n");
1868*4882a593Smuzhiyun return -EINVAL;
1869*4882a593Smuzhiyun }
1870*4882a593Smuzhiyun
1871*4882a593Smuzhiyun mutex_lock(&local->sta_mtx);
1872*4882a593Smuzhiyun sta = sta_info_get(sdata, tf->sa);
1873*4882a593Smuzhiyun if (!sta || !test_sta_flag(sta, WLAN_STA_TDLS_PEER_AUTH)) {
1874*4882a593Smuzhiyun tdls_dbg(sdata, "TDLS chan switch from non-peer sta %pM\n",
1875*4882a593Smuzhiyun tf->sa);
1876*4882a593Smuzhiyun ret = -EINVAL;
1877*4882a593Smuzhiyun goto out;
1878*4882a593Smuzhiyun }
1879*4882a593Smuzhiyun
1880*4882a593Smuzhiyun params.sta = &sta->sta;
1881*4882a593Smuzhiyun
1882*4882a593Smuzhiyun /* validate the initiator is set correctly */
1883*4882a593Smuzhiyun local_initiator =
1884*4882a593Smuzhiyun !memcmp(elems.lnk_id->init_sta, sdata->vif.addr, ETH_ALEN);
1885*4882a593Smuzhiyun if (local_initiator == sta->sta.tdls_initiator) {
1886*4882a593Smuzhiyun tdls_dbg(sdata, "TDLS chan switch invalid lnk-id initiator\n");
1887*4882a593Smuzhiyun ret = -EINVAL;
1888*4882a593Smuzhiyun goto out;
1889*4882a593Smuzhiyun }
1890*4882a593Smuzhiyun
1891*4882a593Smuzhiyun /* peer should have known better */
1892*4882a593Smuzhiyun if (!sta->sta.ht_cap.ht_supported && elems.sec_chan_offs &&
1893*4882a593Smuzhiyun elems.sec_chan_offs->sec_chan_offs) {
1894*4882a593Smuzhiyun tdls_dbg(sdata, "TDLS chan switch - wide chan unsupported\n");
1895*4882a593Smuzhiyun ret = -ENOTSUPP;
1896*4882a593Smuzhiyun goto out;
1897*4882a593Smuzhiyun }
1898*4882a593Smuzhiyun
1899*4882a593Smuzhiyun params.chandef = &chandef;
1900*4882a593Smuzhiyun params.switch_time = le16_to_cpu(elems.ch_sw_timing->switch_time);
1901*4882a593Smuzhiyun params.switch_timeout = le16_to_cpu(elems.ch_sw_timing->switch_timeout);
1902*4882a593Smuzhiyun
1903*4882a593Smuzhiyun params.tmpl_skb =
1904*4882a593Smuzhiyun ieee80211_tdls_ch_sw_resp_tmpl_get(sta,
1905*4882a593Smuzhiyun ¶ms.ch_sw_tm_ie);
1906*4882a593Smuzhiyun if (!params.tmpl_skb) {
1907*4882a593Smuzhiyun ret = -ENOENT;
1908*4882a593Smuzhiyun goto out;
1909*4882a593Smuzhiyun }
1910*4882a593Smuzhiyun
1911*4882a593Smuzhiyun drv_tdls_recv_channel_switch(sdata->local, sdata, ¶ms);
1912*4882a593Smuzhiyun
1913*4882a593Smuzhiyun tdls_dbg(sdata,
1914*4882a593Smuzhiyun "TDLS ch switch request received from %pM ch %d width %d\n",
1915*4882a593Smuzhiyun tf->sa, params.chandef->chan->center_freq,
1916*4882a593Smuzhiyun params.chandef->width);
1917*4882a593Smuzhiyun out:
1918*4882a593Smuzhiyun mutex_unlock(&local->sta_mtx);
1919*4882a593Smuzhiyun dev_kfree_skb_any(params.tmpl_skb);
1920*4882a593Smuzhiyun return ret;
1921*4882a593Smuzhiyun }
1922*4882a593Smuzhiyun
1923*4882a593Smuzhiyun static void
ieee80211_process_tdls_channel_switch(struct ieee80211_sub_if_data * sdata,struct sk_buff * skb)1924*4882a593Smuzhiyun ieee80211_process_tdls_channel_switch(struct ieee80211_sub_if_data *sdata,
1925*4882a593Smuzhiyun struct sk_buff *skb)
1926*4882a593Smuzhiyun {
1927*4882a593Smuzhiyun struct ieee80211_tdls_data *tf = (void *)skb->data;
1928*4882a593Smuzhiyun struct wiphy *wiphy = sdata->local->hw.wiphy;
1929*4882a593Smuzhiyun
1930*4882a593Smuzhiyun ASSERT_RTNL();
1931*4882a593Smuzhiyun
1932*4882a593Smuzhiyun /* make sure the driver supports it */
1933*4882a593Smuzhiyun if (!(wiphy->features & NL80211_FEATURE_TDLS_CHANNEL_SWITCH))
1934*4882a593Smuzhiyun return;
1935*4882a593Smuzhiyun
1936*4882a593Smuzhiyun /* we want to access the entire packet */
1937*4882a593Smuzhiyun if (skb_linearize(skb))
1938*4882a593Smuzhiyun return;
1939*4882a593Smuzhiyun /*
1940*4882a593Smuzhiyun * The packet/size was already validated by mac80211 Rx path, only look
1941*4882a593Smuzhiyun * at the action type.
1942*4882a593Smuzhiyun */
1943*4882a593Smuzhiyun switch (tf->action_code) {
1944*4882a593Smuzhiyun case WLAN_TDLS_CHANNEL_SWITCH_REQUEST:
1945*4882a593Smuzhiyun ieee80211_process_tdls_channel_switch_req(sdata, skb);
1946*4882a593Smuzhiyun break;
1947*4882a593Smuzhiyun case WLAN_TDLS_CHANNEL_SWITCH_RESPONSE:
1948*4882a593Smuzhiyun ieee80211_process_tdls_channel_switch_resp(sdata, skb);
1949*4882a593Smuzhiyun break;
1950*4882a593Smuzhiyun default:
1951*4882a593Smuzhiyun WARN_ON_ONCE(1);
1952*4882a593Smuzhiyun return;
1953*4882a593Smuzhiyun }
1954*4882a593Smuzhiyun }
1955*4882a593Smuzhiyun
ieee80211_teardown_tdls_peers(struct ieee80211_sub_if_data * sdata)1956*4882a593Smuzhiyun void ieee80211_teardown_tdls_peers(struct ieee80211_sub_if_data *sdata)
1957*4882a593Smuzhiyun {
1958*4882a593Smuzhiyun struct sta_info *sta;
1959*4882a593Smuzhiyun u16 reason = WLAN_REASON_TDLS_TEARDOWN_UNSPECIFIED;
1960*4882a593Smuzhiyun
1961*4882a593Smuzhiyun rcu_read_lock();
1962*4882a593Smuzhiyun list_for_each_entry_rcu(sta, &sdata->local->sta_list, list) {
1963*4882a593Smuzhiyun if (!sta->sta.tdls || sta->sdata != sdata || !sta->uploaded ||
1964*4882a593Smuzhiyun !test_sta_flag(sta, WLAN_STA_AUTHORIZED))
1965*4882a593Smuzhiyun continue;
1966*4882a593Smuzhiyun
1967*4882a593Smuzhiyun ieee80211_tdls_oper_request(&sdata->vif, sta->sta.addr,
1968*4882a593Smuzhiyun NL80211_TDLS_TEARDOWN, reason,
1969*4882a593Smuzhiyun GFP_ATOMIC);
1970*4882a593Smuzhiyun }
1971*4882a593Smuzhiyun rcu_read_unlock();
1972*4882a593Smuzhiyun }
1973*4882a593Smuzhiyun
ieee80211_tdls_chsw_work(struct work_struct * wk)1974*4882a593Smuzhiyun void ieee80211_tdls_chsw_work(struct work_struct *wk)
1975*4882a593Smuzhiyun {
1976*4882a593Smuzhiyun struct ieee80211_local *local =
1977*4882a593Smuzhiyun container_of(wk, struct ieee80211_local, tdls_chsw_work);
1978*4882a593Smuzhiyun struct ieee80211_sub_if_data *sdata;
1979*4882a593Smuzhiyun struct sk_buff *skb;
1980*4882a593Smuzhiyun struct ieee80211_tdls_data *tf;
1981*4882a593Smuzhiyun
1982*4882a593Smuzhiyun rtnl_lock();
1983*4882a593Smuzhiyun while ((skb = skb_dequeue(&local->skb_queue_tdls_chsw))) {
1984*4882a593Smuzhiyun tf = (struct ieee80211_tdls_data *)skb->data;
1985*4882a593Smuzhiyun list_for_each_entry(sdata, &local->interfaces, list) {
1986*4882a593Smuzhiyun if (!ieee80211_sdata_running(sdata) ||
1987*4882a593Smuzhiyun sdata->vif.type != NL80211_IFTYPE_STATION ||
1988*4882a593Smuzhiyun !ether_addr_equal(tf->da, sdata->vif.addr))
1989*4882a593Smuzhiyun continue;
1990*4882a593Smuzhiyun
1991*4882a593Smuzhiyun ieee80211_process_tdls_channel_switch(sdata, skb);
1992*4882a593Smuzhiyun break;
1993*4882a593Smuzhiyun }
1994*4882a593Smuzhiyun
1995*4882a593Smuzhiyun kfree_skb(skb);
1996*4882a593Smuzhiyun }
1997*4882a593Smuzhiyun rtnl_unlock();
1998*4882a593Smuzhiyun }
1999*4882a593Smuzhiyun
ieee80211_tdls_handle_disconnect(struct ieee80211_sub_if_data * sdata,const u8 * peer,u16 reason)2000*4882a593Smuzhiyun void ieee80211_tdls_handle_disconnect(struct ieee80211_sub_if_data *sdata,
2001*4882a593Smuzhiyun const u8 *peer, u16 reason)
2002*4882a593Smuzhiyun {
2003*4882a593Smuzhiyun struct ieee80211_sta *sta;
2004*4882a593Smuzhiyun
2005*4882a593Smuzhiyun rcu_read_lock();
2006*4882a593Smuzhiyun sta = ieee80211_find_sta(&sdata->vif, peer);
2007*4882a593Smuzhiyun if (!sta || !sta->tdls) {
2008*4882a593Smuzhiyun rcu_read_unlock();
2009*4882a593Smuzhiyun return;
2010*4882a593Smuzhiyun }
2011*4882a593Smuzhiyun rcu_read_unlock();
2012*4882a593Smuzhiyun
2013*4882a593Smuzhiyun tdls_dbg(sdata, "disconnected from TDLS peer %pM (Reason: %u=%s)\n",
2014*4882a593Smuzhiyun peer, reason,
2015*4882a593Smuzhiyun ieee80211_get_reason_code_string(reason));
2016*4882a593Smuzhiyun
2017*4882a593Smuzhiyun ieee80211_tdls_oper_request(&sdata->vif, peer,
2018*4882a593Smuzhiyun NL80211_TDLS_TEARDOWN,
2019*4882a593Smuzhiyun WLAN_REASON_TDLS_TEARDOWN_UNREACHABLE,
2020*4882a593Smuzhiyun GFP_ATOMIC);
2021*4882a593Smuzhiyun }
2022