search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'stable/for-linus-fixes-3.2' of git://git.kernel.org/pub/scm/linux/kerne...
[zen-stable.git] / net / wireless / sme.c
blob0acfdc9beacf8a397b8122c236cd6156d6c78b7e
1 /*
2 * SME code for cfg80211's connect emulation.
3 *
4 * Copyright 2009 Johannes Berg <johannes@sipsolutions.net>
5 * Copyright (C) 2009 Intel Corporation. All rights reserved.
6 */
7
8 #include <linux/etherdevice.h>
9 #include <linux/if_arp.h>
10 #include <linux/slab.h>
11 #include <linux/workqueue.h>
12 #include <linux/wireless.h>
13 #include <linux/export.h>
14 #include <net/iw_handler.h>
15 #include <net/cfg80211.h>
16 #include <net/rtnetlink.h>
17 #include "nl80211.h"
18 #include "reg.h"
19
20 struct cfg80211_conn {
21 struct cfg80211_connect_params params;
22 /* these are sub-states of the _CONNECTING sme_state */
23 enum {
24 CFG80211_CONN_IDLE,
25 CFG80211_CONN_SCANNING,
26 CFG80211_CONN_SCAN_AGAIN,
27 CFG80211_CONN_AUTHENTICATE_NEXT,
28 CFG80211_CONN_AUTHENTICATING,
29 CFG80211_CONN_ASSOCIATE_NEXT,
30 CFG80211_CONN_ASSOCIATING,
31 CFG80211_CONN_DEAUTH_ASSOC_FAIL,
32 } state;
33 u8 bssid[ETH_ALEN], prev_bssid[ETH_ALEN];
34 u8 *ie;
35 size_t ie_len;
36 bool auto_auth, prev_bssid_valid;
37 };
38
39 static bool cfg80211_is_all_idle(void)
40 {
41 struct cfg80211_registered_device *rdev;
42 struct wireless_dev *wdev;
43 bool is_all_idle = true;
44
45 mutex_lock(&cfg80211_mutex);
46
47 /*
48 * All devices must be idle as otherwise if you are actively
49 * scanning some new beacon hints could be learned and would
50 * count as new regulatory hints.
51 */
52 list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
53 cfg80211_lock_rdev(rdev);
54 list_for_each_entry(wdev, &rdev->netdev_list, list) {
55 wdev_lock(wdev);
56 if (wdev->sme_state != CFG80211_SME_IDLE)
57 is_all_idle = false;
58 wdev_unlock(wdev);
59 }
60 cfg80211_unlock_rdev(rdev);
61 }
62
63 mutex_unlock(&cfg80211_mutex);
64
65 return is_all_idle;
66 }
67
68 static void disconnect_work(struct work_struct *work)
69 {
70 if (!cfg80211_is_all_idle())
71 return;
72
73 regulatory_hint_disconnect();
74 }
75
76 static DECLARE_WORK(cfg80211_disconnect_work, disconnect_work);
77
78 static int cfg80211_conn_scan(struct wireless_dev *wdev)
79 {
80 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
81 struct cfg80211_scan_request *request;
82 int n_channels, err;
83
84 ASSERT_RTNL();
85 ASSERT_RDEV_LOCK(rdev);
86 ASSERT_WDEV_LOCK(wdev);
87
88 if (rdev->scan_req)
89 return -EBUSY;
90
91 if (wdev->conn->params.channel) {
92 n_channels = 1;
93 } else {
94 enum ieee80211_band band;
95 n_channels = 0;
96
97 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
98 if (!wdev->wiphy->bands[band])
99 continue;
100 n_channels += wdev->wiphy->bands[band]->n_channels;
101 }
102 }
103 request = kzalloc(sizeof(*request) + sizeof(request->ssids[0]) +
104 sizeof(request->channels[0]) * n_channels,
105 GFP_KERNEL);
106 if (!request)
107 return -ENOMEM;
108
109 if (wdev->conn->params.channel)
110 request->channels[0] = wdev->conn->params.channel;
111 else {
112 int i = 0, j;
113 enum ieee80211_band band;
114 struct ieee80211_supported_band *bands;
115 struct ieee80211_channel *channel;
116
117 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
118 bands = wdev->wiphy->bands[band];
119 if (!bands)
120 continue;
121 for (j = 0; j < bands->n_channels; j++) {
122 channel = &bands->channels[j];
123 if (channel->flags & IEEE80211_CHAN_DISABLED)
124 continue;
125 request->channels[i++] = channel;
126 }
127 request->rates[band] = (1 << bands->n_bitrates) - 1;
128 }
129 n_channels = i;
130 }
131 request->n_channels = n_channels;
132 request->ssids = (void *)&request->channels[n_channels];
133 request->n_ssids = 1;
134
135 memcpy(request->ssids[0].ssid, wdev->conn->params.ssid,
136 wdev->conn->params.ssid_len);
137 request->ssids[0].ssid_len = wdev->conn->params.ssid_len;
138
139 request->dev = wdev->netdev;
140 request->wiphy = &rdev->wiphy;
141
142 rdev->scan_req = request;
143
144 err = rdev->ops->scan(wdev->wiphy, wdev->netdev, request);
145 if (!err) {
146 wdev->conn->state = CFG80211_CONN_SCANNING;
147 nl80211_send_scan_start(rdev, wdev->netdev);
148 dev_hold(wdev->netdev);
149 } else {
150 rdev->scan_req = NULL;
151 kfree(request);
152 }
153 return err;
154 }
155
156 static int cfg80211_conn_do_work(struct wireless_dev *wdev)
157 {
158 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
159 struct cfg80211_connect_params *params;
160 const u8 *prev_bssid = NULL;
161 int err;
162
163 ASSERT_WDEV_LOCK(wdev);
164
165 if (!wdev->conn)
166 return 0;
167
168 params = &wdev->conn->params;
169
170 switch (wdev->conn->state) {
171 case CFG80211_CONN_SCAN_AGAIN:
172 return cfg80211_conn_scan(wdev);
173 case CFG80211_CONN_AUTHENTICATE_NEXT:
174 BUG_ON(!rdev->ops->auth);
175 wdev->conn->state = CFG80211_CONN_AUTHENTICATING;
176 return __cfg80211_mlme_auth(rdev, wdev->netdev,
177 params->channel, params->auth_type,
178 params->bssid,
179 params->ssid, params->ssid_len,
180 NULL, 0,
181 params->key, params->key_len,
182 params->key_idx, false);
183 case CFG80211_CONN_ASSOCIATE_NEXT:
184 BUG_ON(!rdev->ops->assoc);
185 wdev->conn->state = CFG80211_CONN_ASSOCIATING;
186 if (wdev->conn->prev_bssid_valid)
187 prev_bssid = wdev->conn->prev_bssid;
188 err = __cfg80211_mlme_assoc(rdev, wdev->netdev,
189 params->channel, params->bssid,
190 prev_bssid,
191 params->ssid, params->ssid_len,
192 params->ie, params->ie_len,
193 false, &params->crypto);
194 if (err)
195 __cfg80211_mlme_deauth(rdev, wdev->netdev, params->bssid,
196 NULL, 0,
197 WLAN_REASON_DEAUTH_LEAVING,
198 false);
199 return err;
200 case CFG80211_CONN_DEAUTH_ASSOC_FAIL:
201 __cfg80211_mlme_deauth(rdev, wdev->netdev, params->bssid,
202 NULL, 0,
203 WLAN_REASON_DEAUTH_LEAVING, false);
204 /* return an error so that we call __cfg80211_connect_result() */
205 return -EINVAL;
206 default:
207 return 0;
208 }
209 }
210
211 void cfg80211_conn_work(struct work_struct *work)
212 {
213 struct cfg80211_registered_device *rdev =
214 container_of(work, struct cfg80211_registered_device, conn_work);
215 struct wireless_dev *wdev;
216 u8 bssid_buf[ETH_ALEN], *bssid = NULL;
217
218 rtnl_lock();
219 cfg80211_lock_rdev(rdev);
220 mutex_lock(&rdev->devlist_mtx);
221
222 list_for_each_entry(wdev, &rdev->netdev_list, list) {
223 wdev_lock(wdev);
224 if (!netif_running(wdev->netdev)) {
225 wdev_unlock(wdev);
226 continue;
227 }
228 if (wdev->sme_state != CFG80211_SME_CONNECTING) {
229 wdev_unlock(wdev);
230 continue;
231 }
232 if (wdev->conn->params.bssid) {
233 memcpy(bssid_buf, wdev->conn->params.bssid, ETH_ALEN);
234 bssid = bssid_buf;
235 }
236 if (cfg80211_conn_do_work(wdev))
237 __cfg80211_connect_result(
238 wdev->netdev, bssid,
239 NULL, 0, NULL, 0,
240 WLAN_STATUS_UNSPECIFIED_FAILURE,
241 false, NULL);
242 wdev_unlock(wdev);
243 }
244
245 mutex_unlock(&rdev->devlist_mtx);
246 cfg80211_unlock_rdev(rdev);
247 rtnl_unlock();
248 }
249
250 static struct cfg80211_bss *cfg80211_get_conn_bss(struct wireless_dev *wdev)
251 {
252 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
253 struct cfg80211_bss *bss;
254 u16 capa = WLAN_CAPABILITY_ESS;
255
256 ASSERT_WDEV_LOCK(wdev);
257
258 if (wdev->conn->params.privacy)
259 capa |= WLAN_CAPABILITY_PRIVACY;
260
261 bss = cfg80211_get_bss(wdev->wiphy, wdev->conn->params.channel,
262 wdev->conn->params.bssid,
263 wdev->conn->params.ssid,
264 wdev->conn->params.ssid_len,
265 WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_PRIVACY,
266 capa);
267 if (!bss)
268 return NULL;
269
270 memcpy(wdev->conn->bssid, bss->bssid, ETH_ALEN);
271 wdev->conn->params.bssid = wdev->conn->bssid;
272 wdev->conn->params.channel = bss->channel;
273 wdev->conn->state = CFG80211_CONN_AUTHENTICATE_NEXT;
274 schedule_work(&rdev->conn_work);
275
276 return bss;
277 }
278
279 static void __cfg80211_sme_scan_done(struct net_device *dev)
280 {
281 struct wireless_dev *wdev = dev->ieee80211_ptr;
282 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
283 struct cfg80211_bss *bss;
284
285 ASSERT_WDEV_LOCK(wdev);
286
287 if (wdev->sme_state != CFG80211_SME_CONNECTING)
288 return;
289
290 if (!wdev->conn)
291 return;
292
293 if (wdev->conn->state != CFG80211_CONN_SCANNING &&
294 wdev->conn->state != CFG80211_CONN_SCAN_AGAIN)
295 return;
296
297 bss = cfg80211_get_conn_bss(wdev);
298 if (bss) {
299 cfg80211_put_bss(bss);
300 } else {
301 /* not found */
302 if (wdev->conn->state == CFG80211_CONN_SCAN_AGAIN)
303 schedule_work(&rdev->conn_work);
304 else
305 __cfg80211_connect_result(
306 wdev->netdev,
307 wdev->conn->params.bssid,
308 NULL, 0, NULL, 0,
309 WLAN_STATUS_UNSPECIFIED_FAILURE,
310 false, NULL);
311 }
312 }
313
314 void cfg80211_sme_scan_done(struct net_device *dev)
315 {
316 struct wireless_dev *wdev = dev->ieee80211_ptr;
317
318 mutex_lock(&wiphy_to_dev(wdev->wiphy)->devlist_mtx);
319 wdev_lock(wdev);
320 __cfg80211_sme_scan_done(dev);
321 wdev_unlock(wdev);
322 mutex_unlock(&wiphy_to_dev(wdev->wiphy)->devlist_mtx);
323 }
324
325 void cfg80211_sme_rx_auth(struct net_device *dev,
326 const u8 *buf, size_t len)
327 {
328 struct wireless_dev *wdev = dev->ieee80211_ptr;
329 struct wiphy *wiphy = wdev->wiphy;
330 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
331 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf;
332 u16 status_code = le16_to_cpu(mgmt->u.auth.status_code);
333
334 ASSERT_WDEV_LOCK(wdev);
335
336 /* should only RX auth frames when connecting */
337 if (wdev->sme_state != CFG80211_SME_CONNECTING)
338 return;
339
340 if (WARN_ON(!wdev->conn))
341 return;
342
343 if (status_code == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG &&
344 wdev->conn->auto_auth &&
345 wdev->conn->params.auth_type != NL80211_AUTHTYPE_NETWORK_EAP) {
346 /* select automatically between only open, shared, leap */
347 switch (wdev->conn->params.auth_type) {
348 case NL80211_AUTHTYPE_OPEN_SYSTEM:
349 if (wdev->connect_keys)
350 wdev->conn->params.auth_type =
351 NL80211_AUTHTYPE_SHARED_KEY;
352 else
353 wdev->conn->params.auth_type =
354 NL80211_AUTHTYPE_NETWORK_EAP;
355 break;
356 case NL80211_AUTHTYPE_SHARED_KEY:
357 wdev->conn->params.auth_type =
358 NL80211_AUTHTYPE_NETWORK_EAP;
359 break;
360 default:
361 /* huh? */
362 wdev->conn->params.auth_type =
363 NL80211_AUTHTYPE_OPEN_SYSTEM;
364 break;
365 }
366 wdev->conn->state = CFG80211_CONN_AUTHENTICATE_NEXT;
367 schedule_work(&rdev->conn_work);
368 } else if (status_code != WLAN_STATUS_SUCCESS) {
369 __cfg80211_connect_result(dev, mgmt->bssid, NULL, 0, NULL, 0,
370 status_code, false, NULL);
371 } else if (wdev->sme_state == CFG80211_SME_CONNECTING &&
372 wdev->conn->state == CFG80211_CONN_AUTHENTICATING) {
373 wdev->conn->state = CFG80211_CONN_ASSOCIATE_NEXT;
374 schedule_work(&rdev->conn_work);
375 }
376 }
377
378 bool cfg80211_sme_failed_reassoc(struct wireless_dev *wdev)
379 {
380 struct wiphy *wiphy = wdev->wiphy;
381 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
382
383 if (WARN_ON(!wdev->conn))
384 return false;
385
386 if (!wdev->conn->prev_bssid_valid)
387 return false;
388
389 /*
390 * Some stupid APs don't accept reassoc, so we
391 * need to fall back to trying regular assoc.
392 */
393 wdev->conn->prev_bssid_valid = false;
394 wdev->conn->state = CFG80211_CONN_ASSOCIATE_NEXT;
395 schedule_work(&rdev->conn_work);
396
397 return true;
398 }
399
400 void cfg80211_sme_failed_assoc(struct wireless_dev *wdev)
401 {
402 struct wiphy *wiphy = wdev->wiphy;
403 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
404
405 wdev->conn->state = CFG80211_CONN_DEAUTH_ASSOC_FAIL;
406 schedule_work(&rdev->conn_work);
407 }
408
409 void __cfg80211_connect_result(struct net_device *dev, const u8 *bssid,
410 const u8 *req_ie, size_t req_ie_len,
411 const u8 *resp_ie, size_t resp_ie_len,
412 u16 status, bool wextev,
413 struct cfg80211_bss *bss)
414 {
415 struct wireless_dev *wdev = dev->ieee80211_ptr;
416 u8 *country_ie;
417 #ifdef CONFIG_CFG80211_WEXT
418 union iwreq_data wrqu;
419 #endif
420
421 ASSERT_WDEV_LOCK(wdev);
422
423 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION &&
424 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT))
425 return;
426
427 if (wdev->sme_state != CFG80211_SME_CONNECTING)
428 return;
429
430 nl80211_send_connect_result(wiphy_to_dev(wdev->wiphy), dev,
431 bssid, req_ie, req_ie_len,
432 resp_ie, resp_ie_len,
433 status, GFP_KERNEL);
434
435 #ifdef CONFIG_CFG80211_WEXT
436 if (wextev) {
437 if (req_ie && status == WLAN_STATUS_SUCCESS) {
438 memset(&wrqu, 0, sizeof(wrqu));
439 wrqu.data.length = req_ie_len;
440 wireless_send_event(dev, IWEVASSOCREQIE, &wrqu, req_ie);
441 }
442
443 if (resp_ie && status == WLAN_STATUS_SUCCESS) {
444 memset(&wrqu, 0, sizeof(wrqu));
445 wrqu.data.length = resp_ie_len;
446 wireless_send_event(dev, IWEVASSOCRESPIE, &wrqu, resp_ie);
447 }
448
449 memset(&wrqu, 0, sizeof(wrqu));
450 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
451 if (bssid && status == WLAN_STATUS_SUCCESS) {
452 memcpy(wrqu.ap_addr.sa_data, bssid, ETH_ALEN);
453 memcpy(wdev->wext.prev_bssid, bssid, ETH_ALEN);
454 wdev->wext.prev_bssid_valid = true;
455 }
456 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
457 }
458 #endif
459
460 if (wdev->current_bss) {
461 cfg80211_unhold_bss(wdev->current_bss);
462 cfg80211_put_bss(&wdev->current_bss->pub);
463 wdev->current_bss = NULL;
464 }
465
466 if (wdev->conn)
467 wdev->conn->state = CFG80211_CONN_IDLE;
468
469 if (status != WLAN_STATUS_SUCCESS) {
470 wdev->sme_state = CFG80211_SME_IDLE;
471 if (wdev->conn)
472 kfree(wdev->conn->ie);
473 kfree(wdev->conn);
474 wdev->conn = NULL;
475 kfree(wdev->connect_keys);
476 wdev->connect_keys = NULL;
477 wdev->ssid_len = 0;
478 return;
479 }
480
481 if (!bss)
482 bss = cfg80211_get_bss(wdev->wiphy,
483 wdev->conn ? wdev->conn->params.channel :
484 NULL,
485 bssid,
486 wdev->ssid, wdev->ssid_len,
487 WLAN_CAPABILITY_ESS,
488 WLAN_CAPABILITY_ESS);
489
490 if (WARN_ON(!bss))
491 return;
492
493 cfg80211_hold_bss(bss_from_pub(bss));
494 wdev->current_bss = bss_from_pub(bss);
495
496 wdev->sme_state = CFG80211_SME_CONNECTED;
497 cfg80211_upload_connect_keys(wdev);
498
499 country_ie = (u8 *) ieee80211_bss_get_ie(bss, WLAN_EID_COUNTRY);
500
501 if (!country_ie)
502 return;
503
504 /*
505 * ieee80211_bss_get_ie() ensures we can access:
506 * - country_ie + 2, the start of the country ie data, and
507 * - and country_ie[1] which is the IE length
508 */
509 regulatory_hint_11d(wdev->wiphy,
510 bss->channel->band,
511 country_ie + 2,
512 country_ie[1]);
513 }
514
515 void cfg80211_connect_result(struct net_device *dev, const u8 *bssid,
516 const u8 *req_ie, size_t req_ie_len,
517 const u8 *resp_ie, size_t resp_ie_len,
518 u16 status, gfp_t gfp)
519 {
520 struct wireless_dev *wdev = dev->ieee80211_ptr;
521 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
522 struct cfg80211_event *ev;
523 unsigned long flags;
524
525 CFG80211_DEV_WARN_ON(wdev->sme_state != CFG80211_SME_CONNECTING);
526
527 ev = kzalloc(sizeof(*ev) + req_ie_len + resp_ie_len, gfp);
528 if (!ev)
529 return;
530
531 ev->type = EVENT_CONNECT_RESULT;
532 if (bssid)
533 memcpy(ev->cr.bssid, bssid, ETH_ALEN);
534 if (req_ie_len) {
535 ev->cr.req_ie = ((u8 *)ev) + sizeof(*ev);
536 ev->cr.req_ie_len = req_ie_len;
537 memcpy((void *)ev->cr.req_ie, req_ie, req_ie_len);
538 }
539 if (resp_ie_len) {
540 ev->cr.resp_ie = ((u8 *)ev) + sizeof(*ev) + req_ie_len;
541 ev->cr.resp_ie_len = resp_ie_len;
542 memcpy((void *)ev->cr.resp_ie, resp_ie, resp_ie_len);
543 }
544 ev->cr.status = status;
545
546 spin_lock_irqsave(&wdev->event_lock, flags);
547 list_add_tail(&ev->list, &wdev->event_list);
548 spin_unlock_irqrestore(&wdev->event_lock, flags);
549 queue_work(cfg80211_wq, &rdev->event_work);
550 }
551 EXPORT_SYMBOL(cfg80211_connect_result);
552
553 void __cfg80211_roamed(struct wireless_dev *wdev,
554 struct ieee80211_channel *channel,
555 const u8 *bssid,
556 const u8 *req_ie, size_t req_ie_len,
557 const u8 *resp_ie, size_t resp_ie_len)
558 {
559 struct cfg80211_bss *bss;
560 #ifdef CONFIG_CFG80211_WEXT
561 union iwreq_data wrqu;
562 #endif
563
564 ASSERT_WDEV_LOCK(wdev);
565
566 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION &&
567 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT))
568 return;
569
570 if (wdev->sme_state != CFG80211_SME_CONNECTED)
571 return;
572
573 /* internal error -- how did we get to CONNECTED w/o BSS? */
574 if (WARN_ON(!wdev->current_bss)) {
575 return;
576 }
577
578 cfg80211_unhold_bss(wdev->current_bss);
579 cfg80211_put_bss(&wdev->current_bss->pub);
580 wdev->current_bss = NULL;
581
582 bss = cfg80211_get_bss(wdev->wiphy, channel, bssid,
583 wdev->ssid, wdev->ssid_len,
584 WLAN_CAPABILITY_ESS, WLAN_CAPABILITY_ESS);
585
586 if (WARN_ON(!bss))
587 return;
588
589 cfg80211_hold_bss(bss_from_pub(bss));
590 wdev->current_bss = bss_from_pub(bss);
591
592 nl80211_send_roamed(wiphy_to_dev(wdev->wiphy), wdev->netdev, bssid,
593 req_ie, req_ie_len, resp_ie, resp_ie_len,
594 GFP_KERNEL);
595
596 #ifdef CONFIG_CFG80211_WEXT
597 if (req_ie) {
598 memset(&wrqu, 0, sizeof(wrqu));
599 wrqu.data.length = req_ie_len;
600 wireless_send_event(wdev->netdev, IWEVASSOCREQIE,
601 &wrqu, req_ie);
602 }
603
604 if (resp_ie) {
605 memset(&wrqu, 0, sizeof(wrqu));
606 wrqu.data.length = resp_ie_len;
607 wireless_send_event(wdev->netdev, IWEVASSOCRESPIE,
608 &wrqu, resp_ie);
609 }
610
611 memset(&wrqu, 0, sizeof(wrqu));
612 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
613 memcpy(wrqu.ap_addr.sa_data, bssid, ETH_ALEN);
614 memcpy(wdev->wext.prev_bssid, bssid, ETH_ALEN);
615 wdev->wext.prev_bssid_valid = true;
616 wireless_send_event(wdev->netdev, SIOCGIWAP, &wrqu, NULL);
617 #endif
618 }
619
620 void cfg80211_roamed(struct net_device *dev,
621 struct ieee80211_channel *channel,
622 const u8 *bssid,
623 const u8 *req_ie, size_t req_ie_len,
624 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp)
625 {
626 struct wireless_dev *wdev = dev->ieee80211_ptr;
627 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
628 struct cfg80211_event *ev;
629 unsigned long flags;
630
631 CFG80211_DEV_WARN_ON(wdev->sme_state != CFG80211_SME_CONNECTED);
632
633 ev = kzalloc(sizeof(*ev) + req_ie_len + resp_ie_len, gfp);
634 if (!ev)
635 return;
636
637 ev->type = EVENT_ROAMED;
638 ev->rm.channel = channel;
639 memcpy(ev->rm.bssid, bssid, ETH_ALEN);
640 ev->rm.req_ie = ((u8 *)ev) + sizeof(*ev);
641 ev->rm.req_ie_len = req_ie_len;
642 memcpy((void *)ev->rm.req_ie, req_ie, req_ie_len);
643 ev->rm.resp_ie = ((u8 *)ev) + sizeof(*ev) + req_ie_len;
644 ev->rm.resp_ie_len = resp_ie_len;
645 memcpy((void *)ev->rm.resp_ie, resp_ie, resp_ie_len);
646
647 spin_lock_irqsave(&wdev->event_lock, flags);
648 list_add_tail(&ev->list, &wdev->event_list);
649 spin_unlock_irqrestore(&wdev->event_lock, flags);
650 queue_work(cfg80211_wq, &rdev->event_work);
651 }
652 EXPORT_SYMBOL(cfg80211_roamed);
653
654 void __cfg80211_disconnected(struct net_device *dev, const u8 *ie,
655 size_t ie_len, u16 reason, bool from_ap)
656 {
657 struct wireless_dev *wdev = dev->ieee80211_ptr;
658 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
659 int i;
660 #ifdef CONFIG_CFG80211_WEXT
661 union iwreq_data wrqu;
662 #endif
663
664 ASSERT_WDEV_LOCK(wdev);
665
666 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION &&
667 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT))
668 return;
669
670 if (wdev->sme_state != CFG80211_SME_CONNECTED)
671 return;
672
673 if (wdev->current_bss) {
674 cfg80211_unhold_bss(wdev->current_bss);
675 cfg80211_put_bss(&wdev->current_bss->pub);
676 }
677
678 wdev->current_bss = NULL;
679 wdev->sme_state = CFG80211_SME_IDLE;
680 wdev->ssid_len = 0;
681
682 if (wdev->conn) {
683 const u8 *bssid;
684 int ret;
685
686 kfree(wdev->conn->ie);
687 wdev->conn->ie = NULL;
688 kfree(wdev->conn);
689 wdev->conn = NULL;
690
691 /*
692 * If this disconnect was due to a disassoc, we
693 * we might still have an auth BSS around. For
694 * the userspace SME that's currently expected,
695 * but for the kernel SME (nl80211 CONNECT or
696 * wireless extensions) we want to clear up all
697 * state.
698 */
699 for (i = 0; i < MAX_AUTH_BSSES; i++) {
700 if (!wdev->auth_bsses[i])
701 continue;
702 bssid = wdev->auth_bsses[i]->pub.bssid;
703 ret = __cfg80211_mlme_deauth(rdev, dev, bssid, NULL, 0,
704 WLAN_REASON_DEAUTH_LEAVING,
705 false);
706 WARN(ret, "deauth failed: %d\n", ret);
707 }
708 }
709
710 nl80211_send_disconnected(rdev, dev, reason, ie, ie_len, from_ap);
711
712 /*
713 * Delete all the keys ... pairwise keys can't really
714 * exist any more anyway, but default keys might.
715 */
716 if (rdev->ops->del_key)
717 for (i = 0; i < 6; i++)
718 rdev->ops->del_key(wdev->wiphy, dev, i, false, NULL);
719
720 #ifdef CONFIG_CFG80211_WEXT
721 memset(&wrqu, 0, sizeof(wrqu));
722 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
723 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
724 wdev->wext.connect.ssid_len = 0;
725 #endif
726
727 schedule_work(&cfg80211_disconnect_work);
728 }
729
730 void cfg80211_disconnected(struct net_device *dev, u16 reason,
731 u8 *ie, size_t ie_len, gfp_t gfp)
732 {
733 struct wireless_dev *wdev = dev->ieee80211_ptr;
734 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
735 struct cfg80211_event *ev;
736 unsigned long flags;
737
738 CFG80211_DEV_WARN_ON(wdev->sme_state != CFG80211_SME_CONNECTED);
739
740 ev = kzalloc(sizeof(*ev) + ie_len, gfp);
741 if (!ev)
742 return;
743
744 ev->type = EVENT_DISCONNECTED;
745 ev->dc.ie = ((u8 *)ev) + sizeof(*ev);
746 ev->dc.ie_len = ie_len;
747 memcpy((void *)ev->dc.ie, ie, ie_len);
748 ev->dc.reason = reason;
749
750 spin_lock_irqsave(&wdev->event_lock, flags);
751 list_add_tail(&ev->list, &wdev->event_list);
752 spin_unlock_irqrestore(&wdev->event_lock, flags);
753 queue_work(cfg80211_wq, &rdev->event_work);
754 }
755 EXPORT_SYMBOL(cfg80211_disconnected);
756
757 int __cfg80211_connect(struct cfg80211_registered_device *rdev,
758 struct net_device *dev,
759 struct cfg80211_connect_params *connect,
760 struct cfg80211_cached_keys *connkeys,
761 const u8 *prev_bssid)
762 {
763 struct wireless_dev *wdev = dev->ieee80211_ptr;
764 struct cfg80211_bss *bss = NULL;
765 int err;
766
767 ASSERT_WDEV_LOCK(wdev);
768
769 if (wdev->sme_state != CFG80211_SME_IDLE)
770 return -EALREADY;
771
772 if (WARN_ON(wdev->connect_keys)) {
773 kfree(wdev->connect_keys);
774 wdev->connect_keys = NULL;
775 }
776
777 if (connkeys && connkeys->def >= 0) {
778 int idx;
779 u32 cipher;
780
781 idx = connkeys->def;
782 cipher = connkeys->params[idx].cipher;
783 /* If given a WEP key we may need it for shared key auth */
784 if (cipher == WLAN_CIPHER_SUITE_WEP40 ||
785 cipher == WLAN_CIPHER_SUITE_WEP104) {
786 connect->key_idx = idx;
787 connect->key = connkeys->params[idx].key;
788 connect->key_len = connkeys->params[idx].key_len;
789
790 /*
791 * If ciphers are not set (e.g. when going through
792 * iwconfig), we have to set them appropriately here.
793 */
794 if (connect->crypto.cipher_group == 0)
795 connect->crypto.cipher_group = cipher;
796
797 if (connect->crypto.n_ciphers_pairwise == 0) {
798 connect->crypto.n_ciphers_pairwise = 1;
799 connect->crypto.ciphers_pairwise[0] = cipher;
800 }
801 }
802 }
803
804 if (!rdev->ops->connect) {
805 if (!rdev->ops->auth || !rdev->ops->assoc)
806 return -EOPNOTSUPP;
807
808 if (WARN_ON(wdev->conn))
809 return -EINPROGRESS;
810
811 wdev->conn = kzalloc(sizeof(*wdev->conn), GFP_KERNEL);
812 if (!wdev->conn)
813 return -ENOMEM;
814
815 /*
816 * Copy all parameters, and treat explicitly IEs, BSSID, SSID.
817 */
818 memcpy(&wdev->conn->params, connect, sizeof(*connect));
819 if (connect->bssid) {
820 wdev->conn->params.bssid = wdev->conn->bssid;
821 memcpy(wdev->conn->bssid, connect->bssid, ETH_ALEN);
822 }
823
824 if (connect->ie) {
825 wdev->conn->ie = kmemdup(connect->ie, connect->ie_len,
826 GFP_KERNEL);
827 wdev->conn->params.ie = wdev->conn->ie;
828 if (!wdev->conn->ie) {
829 kfree(wdev->conn);
830 wdev->conn = NULL;
831 return -ENOMEM;
832 }
833 }
834
835 if (connect->auth_type == NL80211_AUTHTYPE_AUTOMATIC) {
836 wdev->conn->auto_auth = true;
837 /* start with open system ... should mostly work */
838 wdev->conn->params.auth_type =
839 NL80211_AUTHTYPE_OPEN_SYSTEM;
840 } else {
841 wdev->conn->auto_auth = false;
842 }
843
844 memcpy(wdev->ssid, connect->ssid, connect->ssid_len);
845 wdev->ssid_len = connect->ssid_len;
846 wdev->conn->params.ssid = wdev->ssid;
847 wdev->conn->params.ssid_len = connect->ssid_len;
848
849 /* see if we have the bss already */
850 bss = cfg80211_get_conn_bss(wdev);
851
852 wdev->sme_state = CFG80211_SME_CONNECTING;
853 wdev->connect_keys = connkeys;
854
855 if (prev_bssid) {
856 memcpy(wdev->conn->prev_bssid, prev_bssid, ETH_ALEN);
857 wdev->conn->prev_bssid_valid = true;
858 }
859
860 /* we're good if we have a matching bss struct */
861 if (bss) {
862 wdev->conn->state = CFG80211_CONN_AUTHENTICATE_NEXT;
863 err = cfg80211_conn_do_work(wdev);
864 cfg80211_put_bss(bss);
865 } else {
866 /* otherwise we'll need to scan for the AP first */
867 err = cfg80211_conn_scan(wdev);
868 /*
869 * If we can't scan right now, then we need to scan again
870 * after the current scan finished, since the parameters
871 * changed (unless we find a good AP anyway).
872 */
873 if (err == -EBUSY) {
874 err = 0;
875 wdev->conn->state = CFG80211_CONN_SCAN_AGAIN;
876 }
877 }
878 if (err) {
879 kfree(wdev->conn->ie);
880 kfree(wdev->conn);
881 wdev->conn = NULL;
882 wdev->sme_state = CFG80211_SME_IDLE;
883 wdev->connect_keys = NULL;
884 wdev->ssid_len = 0;
885 }
886
887 return err;
888 } else {
889 wdev->sme_state = CFG80211_SME_CONNECTING;
890 wdev->connect_keys = connkeys;
891 err = rdev->ops->connect(&rdev->wiphy, dev, connect);
892 if (err) {
893 wdev->connect_keys = NULL;
894 wdev->sme_state = CFG80211_SME_IDLE;
895 return err;
896 }
897
898 memcpy(wdev->ssid, connect->ssid, connect->ssid_len);
899 wdev->ssid_len = connect->ssid_len;
900
901 return 0;
902 }
903 }
904
905 int cfg80211_connect(struct cfg80211_registered_device *rdev,
906 struct net_device *dev,
907 struct cfg80211_connect_params *connect,
908 struct cfg80211_cached_keys *connkeys)
909 {
910 int err;
911
912 mutex_lock(&rdev->devlist_mtx);
913 wdev_lock(dev->ieee80211_ptr);
914 err = __cfg80211_connect(rdev, dev, connect, connkeys, NULL);
915 wdev_unlock(dev->ieee80211_ptr);
916 mutex_unlock(&rdev->devlist_mtx);
917
918 return err;
919 }
920
921 int __cfg80211_disconnect(struct cfg80211_registered_device *rdev,
922 struct net_device *dev, u16 reason, bool wextev)
923 {
924 struct wireless_dev *wdev = dev->ieee80211_ptr;
925 int err;
926
927 ASSERT_WDEV_LOCK(wdev);
928
929 if (wdev->sme_state == CFG80211_SME_IDLE)
930 return -EINVAL;
931
932 kfree(wdev->connect_keys);
933 wdev->connect_keys = NULL;
934
935 if (!rdev->ops->disconnect) {
936 if (!rdev->ops->deauth)
937 return -EOPNOTSUPP;
938
939 /* was it connected by userspace SME? */
940 if (!wdev->conn) {
941 cfg80211_mlme_down(rdev, dev);
942 return 0;
943 }
944
945 if (wdev->sme_state == CFG80211_SME_CONNECTING &&
946 (wdev->conn->state == CFG80211_CONN_SCANNING ||
947 wdev->conn->state == CFG80211_CONN_SCAN_AGAIN)) {
948 wdev->sme_state = CFG80211_SME_IDLE;
949 kfree(wdev->conn->ie);
950 kfree(wdev->conn);
951 wdev->conn = NULL;
952 wdev->ssid_len = 0;
953 return 0;
954 }
955
956 /* wdev->conn->params.bssid must be set if > SCANNING */
957 err = __cfg80211_mlme_deauth(rdev, dev,
958 wdev->conn->params.bssid,
959 NULL, 0, reason, false);
960 if (err)
961 return err;
962 } else {
963 err = rdev->ops->disconnect(&rdev->wiphy, dev, reason);
964 if (err)
965 return err;
966 }
967
968 if (wdev->sme_state == CFG80211_SME_CONNECTED)
969 __cfg80211_disconnected(dev, NULL, 0, 0, false);
970 else if (wdev->sme_state == CFG80211_SME_CONNECTING)
971 __cfg80211_connect_result(dev, NULL, NULL, 0, NULL, 0,
972 WLAN_STATUS_UNSPECIFIED_FAILURE,
973 wextev, NULL);
974
975 return 0;
976 }
977
978 int cfg80211_disconnect(struct cfg80211_registered_device *rdev,
979 struct net_device *dev,
980 u16 reason, bool wextev)
981 {
982 int err;
983
984 wdev_lock(dev->ieee80211_ptr);
985 err = __cfg80211_disconnect(rdev, dev, reason, wextev);
986 wdev_unlock(dev->ieee80211_ptr);
987
988 return err;
989 }
990
991 void cfg80211_sme_disassoc(struct net_device *dev, int idx)
992 {
993 struct wireless_dev *wdev = dev->ieee80211_ptr;
994 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
995 u8 bssid[ETH_ALEN];
996
997 ASSERT_WDEV_LOCK(wdev);
998
999 if (!wdev->conn)
1000 return;
1001
1002 if (wdev->conn->state == CFG80211_CONN_IDLE)
1003 return;
1004
1005 /*
1006 * Ok, so the association was made by this SME -- we don't
1007 * want it any more so deauthenticate too.
1008 */
1009
1010 if (!wdev->auth_bsses[idx])
1011 return;
1012
1013 memcpy(bssid, wdev->auth_bsses[idx]->pub.bssid, ETH_ALEN);
1014 if (__cfg80211_mlme_deauth(rdev, dev, bssid,
1015 NULL, 0, WLAN_REASON_DEAUTH_LEAVING,
1016 false)) {
1017 /* whatever -- assume gone anyway */
1018 cfg80211_unhold_bss(wdev->auth_bsses[idx]);
1019 cfg80211_put_bss(&wdev->auth_bsses[idx]->pub);
1020 wdev->auth_bsses[idx] = NULL;
1021 }
1022 }