summaryrefslogtreecommitdiff
path: root/net/wireless/sme.c
AgeCommit message (Collapse)Author
2016-05-12cfg80211: make wdev_list accessible to driversJohannes Berg
There's no harm in having drivers read the list, since they can use RCU protection or RTNL locking; allow this to not require each and every driver to also implement its own bookkeeping. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2016-04-26cfg80211: Add option to report the bss entry in connect resultKanchanapally, Vidyullatha
Since cfg80211 maintains separate BSS table entries for APs if the same BSSID, SSID pair is seen on multiple channels, it is possible that it can map the current_bss to a BSS entry on the wrong channel. This current_bss will not get flushed unless disconnected and cfg80211 reports a wrong channel as the associated channel. Fix this by introducing a new cfg80211_connect_bss() function which is similar to cfg80211_connect_result(), but it includes an additional parameter: the bss the STA is connected to. This allows drivers to provide the exact bss entry that matches the BSS to which the connection was completed. Reviewed-by: Jouni Malinen <jouni@qca.qualcomm.com> Signed-off-by: Vidyullatha Kanchanapally <vkanchan@qti.qualcomm.com> Signed-off-by: Sunil Dutt <usdutt@qti.qualcomm.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2016-04-12cfg80211: remove enum ieee80211_bandJohannes Berg
This enum is already perfectly aliased to enum nl80211_band, and the only reason for it is that we get IEEE80211_NUM_BANDS out of it. There's no really good reason to not declare the number of bands in nl80211 though, so do that and remove the cfg80211 one. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2016-04-06cfg80211: Allow reassociation to be requested with internal SMEJouni Malinen
If the user space issues a NL80211_CMD_CONNECT with NL80211_ATTR_PREV_BSSID when there is already a connection, allow this to proceed as a reassociation instead of rejecting the new connect command with EALREADY. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> [validate prev_bssid] Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2016-04-05cfg80211: Allow a scan request for a specific BSSIDJouni Malinen
This allows scans for a specific BSSID to be optimized by the user space application by requesting the driver to set the Probe Request frame BSSID field (Address 3) to the specified BSSID instead of the wildcard BSSID. This prevents other APs from replying which reduces airtime need and latency in getting the response from the target AP through. This is an optimization and as such, it is acceptable for some of the drivers not to support the mechanism. If not supported, the wildcard BSSID will be used and more responses may be received. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2016-03-08Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller
Several cases of overlapping changes, as well as one instance (vxlan) of a bug fix in 'net' overlapping with code movement in 'net-next'. Signed-off-by: David S. Miller <davem@davemloft.net>
2016-02-24cfg80211: basic support for PBSS network typeLior David
PBSS (Personal Basic Service Set) is a new BSS type for DMG networks. It is similar to infrastructure BSS, having an AP-like entity called PCP (PBSS Control Point), but it has few differences. PBSS support is mandatory for 11ad devices. Add support for PBSS by introducing a new PBSS flag attribute. The PBSS flag is used in the START_AP command to request starting a PCP instead of an AP, and in the CONNECT command to request connecting to a PCP instead of an AP. Signed-off-by: Lior David <liord@codeaurora.org> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2016-02-23cfg80211: stop critical protocol session upon disconnect eventArend van Spriel
When user-space has started a critical protocol session and a disconnect event occurs, the rdev::crit_prot_nlportid remains set. This caused a subsequent NL80211_CMD_CRIT_PROTO_START to fail (-EBUSY). Fix this by clearing the rdev attribute and call .crit_proto_stop() callback upon disconnect event. Reviewed-by: Hante Meuleman <meuleman@broadcom.com> Reviewed-by: Pieter-Paul Giesberts <pieterpg@broadcom.com> Signed-off-by: Arend van Spriel <arend@broadcom.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2015-05-26cfg80211: properly send NL80211_ATTR_DISCONNECTED_BY_AP in disconnectJohannes Berg
When we disconnect from the AP, drivers call cfg80211_disconnect(). This doesn't know whether the disconnection was initiated locally or by the AP though, which can cause problems with the supplicant, for example with WPS. This issue obviously doesn't show up with any mac80211 based driver since mac80211 doesn't call this function. Fix this by requiring drivers to indicate whether the disconnect is locally generated or not. I've tried to update the drivers, but may not have gotten the values correct, and some drivers may currently not be able to report correct values. In case of doubt I left it at false, which is the current behaviour. For libertas, make adjustments as indicated by Dan Williams. Reported-by: Matthieu Mauger <matthieux.mauger@intel.com> Tested-by: Matthieu Mauger <matthieux.mauger@intel.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2015-04-07cfg80211: send extended capabilities IE in connectJohannes Berg
If the connect request from userspace didn't include an extended capabilities IE, create one using the driver capabilities. This fixes VHT associations, since those need to set the operating mode notification capability. Reviewed-by: Gregory Greenman <gregory.greenman@intel.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2015-03-03cfg80211: add bss_type and privacy arguments in cfg80211_get_bss()Dedy Lansky
802.11ad adds new a network type (PBSS) and changes the capability field interpretation for the DMG (60G) band. The same 2 bits that were interpreted as "ESS" and "IBSS" before are re-used as a 2-bit field with 3 valid values (and 1 reserved). Valid values are: "IBSS", "PBSS" (new) and "AP". In order to get the BSS struct for the new PBSS networks, change the cfg80211_get_bss() function to take a new enum ieee80211_bss_type argument with the valid network types, as "capa_mask" and "capa_val" no longer work correctly (the search must be band-aware now.) The remaining bits in "capa_mask" and "capa_val" are used only for privacy matching so replace those two with a privacy enum as well. Signed-off-by: Dedy Lansky <dlansky@codeaurora.org> [rewrite commit log, tiny fixes] Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2014-10-10cfg80211: set the rates mask in connection probes over specified freqKarl Beldan
ATM, specifying the frequency when connecting sends a void 'supported rates' EID. Signed-off-by: Karl Beldan <karl.beldan@rivierawaves.com> [fix memory leak in error path] Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2014-09-11cfg80211: clear connect keys when freeing themJohannes Berg
When freeing the connect keys, clear the memory to avoid having the key material stick around in memory "forever". Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2014-05-22Merge git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-nextJohn W. Linville
2014-05-19cfg80211: constify more pointers in the cfg80211 APIJohannes Berg
This also propagates through the drivers. The orinoco driver uses the cfg80211 API structs for internal bookkeeping, and so needs a (void *) cast that removes the const - but that's OK because it allocates those pointers. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2014-05-13Merge branch 'master' of ↵John W. Linville
git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless
2014-05-05cfg80211: free sme on connection failuresEliad Peller
cfg80211 is notified about connection failures by __cfg80211_connect_result() call. However, this function currently does not free cfg80211 sme. This results in hanging connection attempts in some cases e.g. when mac80211 authentication attempt is denied, we have this function call: ieee80211_rx_mgmt_auth() -> cfg80211_rx_mlme_mgmt() -> cfg80211_process_auth() -> cfg80211_sme_rx_auth() -> __cfg80211_connect_result() but cfg80211_sme_free() is never get called. Fixes: ceca7b712 ("cfg80211: separate internal SME implementation") Cc: stable@vger.kernel.org (3.10+) Signed-off-by: Eliad Peller <eliadx.peller@intel.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2014-04-29cfg80211: remove BUG_ON usageJohannes Berg
These really can't trigger unless somebody messes up the code, but don't make debugging it needlessly complicated, WARN and return instead of BUG_ON(). Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2014-04-25cfg80211: change wiphy_to_dev function nameZhao, Gang
Name wiphy_to_rdev is more accurate to describe what the function does, i.e., return a pointer pointing to struct cfg80211_registered_device. Signed-off-by: Zhao, Gang <gamerh2o@gmail.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2014-04-09cfg80211: slightly clean up of cfg80211_sme_connect()Zhao, Gang
Wdev->ssid_len has already been set in cfg80211_connect() and is equal to connect->ssid_len. Use wdev->ssid_len instead of connect->ssid_len so it will be consistent with previous ssid assignment statement. If bss is found in cfg80211_get_conn_bss(), wdev->conn->state is set to CFG80211_CONN_AUTHENTICATE_NEXT in there. So it's not needed to set it manually to CFG80211_CONN_AUTHENTICATE_NEXT if bss is found in that function. Signed-off-by: Zhao, Gang <gamerh2o@gmail.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2014-03-19cfg80211: remove macro ASSERT_RDEV_LOCK(rdev)Zhao, Gang
Macro ASSERT_RDEV_LOCK(rdev) is equal to ASSERT_RTNL(), so replace it with ASSERT_RTNL() and remove it. Signed-off-by: Zhao, Gang <gamerh2o@gmail.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2014-02-06cfg80211: send scan results from work queueJohannes Berg
Due to the previous commit, when a scan finishes, it is in theory possible to hit the following sequence: 1. interface starts being removed 2. scan is cancelled by driver and cfg80211 is notified 3. scan done work is scheduled 4. interface is removed completely, rdev->scan_req is freed, event sent to userspace but scan done work remains pending 5. new scan is requested on another virtual interface 6. scan done work runs, freeing the still-running scan To fix this situation, hang on to the scan done message and block new scans while that is the case, and only send the message from the work function, regardless of whether the scan_req is already freed from interface removal. This makes step 5 above impossible and changes step 6 to be 5. scan done work runs, sending the scan done message As this can't work for wext, so we send the message immediately, but this shouldn't be an issue since we still return -EBUSY. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2014-01-13Merge branch 'for-john' of ↵John W. Linville
git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next
2014-01-09cfg80211: Add a function to get the number of supported channelsIlan Peer
Add a utility function to get the number of channels supported by the device, and update the places in the code that need this data. Signed-off-by: Ilan Peer <ilan.peer@intel.com> [replace another occurrence in libertas, fix kernel-doc, fix bugs] Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2014-01-06Merge branch 'master' of ↵John W. Linville
git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless
2013-12-19cfg80211: Add support for QoS mappingKyeyoon Park
This allows QoS mapping from external networks to be implemented as defined in IEEE Std 802.11-2012, 10.24.9. APs can use this to advertise DSCP ranges and exceptions for mapping frames to a specific UP over Wi-Fi. The payload of the QoS Map Set element (IEEE Std 802.11-2012, 8.4.2.97) is sent to the driver through the new NL80211_ATTR_QOS_MAP attribute to configure the local behavior either on the AP (based on local configuration) or on a station (based on information received from the AP). Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com> Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-12-05cfg80211: fix WARN_ON for re-association to the expired BSSUjjal Roy
cfg80211 allows re-association in managed mode and if a user wants to re-associate to the same AP network after the time period of IEEE80211_SCAN_RESULT_EXPIRE, cfg80211 warns with the following message on receiving the connect result event. ------------[ cut here ]------------ WARNING: CPU: 0 PID: 13984 at net/wireless/sme.c:658 __cfg80211_connect_result+0x3a6/0x3e0 [cfg80211]() Call Trace: [<ffffffff81747a41>] dump_stack+0x46/0x58 [<ffffffff81045847>] warn_slowpath_common+0x87/0xb0 [<ffffffff81045885>] warn_slowpath_null+0x15/0x20 [<ffffffffa05345f6>] __cfg80211_connect_result+0x3a6/0x3e0 [cfg80211] [<ffffffff8107168b>] ? update_rq_clock+0x2b/0x50 [<ffffffff81078c01>] ? update_curr+0x1/0x160 [<ffffffffa05133d2>] cfg80211_process_wdev_events+0xb2/0x1c0 [cfg80211] [<ffffffff81079303>] ? pick_next_task_fair+0x63/0x170 [<ffffffffa0513518>] cfg80211_process_rdev_events+0x38/0x90 [cfg80211] [<ffffffffa050f03d>] cfg80211_event_work+0x1d/0x30 [cfg80211] [<ffffffff8105f21f>] process_one_work+0x17f/0x420 [<ffffffff8105f90a>] worker_thread+0x11a/0x370 [<ffffffff8105f7f0>] ? rescuer_thread+0x2f0/0x2f0 [<ffffffff8106638b>] kthread+0xbb/0xc0 [<ffffffff810662d0>] ? kthread_create_on_node+0x120/0x120 [<ffffffff817574bc>] ret_from_fork+0x7c/0xb0 [<ffffffff810662d0>] ? kthread_create_on_node+0x120/0x120 ---[ end trace 61f3bddc9c4981f7 ]--- The reason is that, in connect result event cfg80211 unholds the BSS to which the device is associated (and was held so far). So, for the event with status successful, when cfg80211 wants to get that BSS from the device's BSS list it gets a NULL BSS because the BSS has been expired and unheld already. Fix it by reshuffling the code. Signed-off-by: Ujjal Roy <royujjal@gmail.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-10-09cfg80211: rename regulatory_hint_11d() to regulatory_hint_country_ie()Luis R. Rodriguez
It is incorrect to refer to this as 11d as 802.11d was just a proposed amendment, 802.11d was merged to the standard so use proper terminology. Signed-off-by: Luis R. Rodriguez <mcgrof@do-not-panic.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-08-14cfg80211: don't request disconnect if not connectedJohannes Berg
Neil Brown reports that with libertas, my recent cfg80211 SME changes in commit ceca7b7121795ef81bd598a240d53a92566 ("cfg80211: separate internal SME implementation") broke libertas suspend because it we now asked it to disconnect while already disconnected. The problematic change is in cfg80211_disconnect() as it previously checked the SME state and now calls the driver disconnect operation unconditionally. Fix this by checking if there's a current_bss indicating a connection, and do nothing if not. Reported-and-tested-by: Neil Brown <neilb@suse.de> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-07-16cfg80211: fix bugs in new SME implementationJohannes Berg
When splitting the SME implementation from the MLME code, I introduced a few bugs: * association failures no longer sent a connect-failure event * getting disassociated from the AP caused deauth to be sent but state wasn't cleaned up, leading to warnings * authentication failures weren't cleaned up properly, causing new connection attempts to warn and fail Fix these bugs. Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
2013-06-24wireless: add comments about bss refcountingBen Greear
Should help the next person that tries to understand the bss refcounting logic. Signed-off-by: Ben Greear <greearb@candelatech.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-06-24wireless: Make sure __cfg80211_connect_result always puts bssBen Greear
Otherwise, we can leak a bss reference. Signed-off-by: Ben Greear <greearb@candelatech.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-06-19cfg80211: hold BSS over association processJohannes Berg
This fixes the potential issue that the BSS struct that we use and later assign to wdev->current_bss is removed from the scan list while associating. Also warn when we don't have a BSS struct in connect_result unless it's from a driver that only has the connect() API. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-06-04cfg80211: separate internal SME implementationJohannes Berg
The current internal SME implementation in cfg80211 is very mixed up with the MLME handling, which has been causing issues for a long time. There are three things that the implementation has to provide: * a basic SME implementation for nl80211's connect() call (for drivers implementing auth/assoc, which is really just mac80211) and wireless extensions * MLME events for the userspace SME * SME events (connected, disconnected etc.) for all different SME implementation possibilities (driver, cfg80211 and userspace) To achieve these goals it isn't necessary to track the software SME's connection status outside of it's state (which is the part that caused many issues.) Instead, track it only in the SME data (wdev->conn) and in the general case only track whether the wdev is connected or not (via wdev->current_bss.) Also separate the internal implementation to not have callbacks from the SME events, but rather call it from the API functions that the driver (or rather mac80211) calls. This separates the code better. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-05-25cfg80211: remove some locked wrappers from sme APIJohannes Berg
By making all the API functions require wdev locking we can clean up the API a bit, getting rid of the locking version of each function. This also decreases the size of cfg80211 by a small amount. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-05-25cfg80211: remove some locked wrappers from mlme APIJohannes Berg
By making all the API functions require wdev locking we can clean up the API a bit, getting rid of the locking version of each function. This also decreases the size of cfg80211 by a small amount. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-05-25cfg80211: vastly simplify lockingJohannes Berg
Virtually all code paths in cfg80211 already (need to) hold the RTNL. As such, there's little point in having another four mutexes for various parts of the code, they just cause lock ordering issues (and much of the time, the RTNL and a few of the others need thus be held.) Simplify all this by getting rid of the extra four mutexes and just use the RTNL throughout. Only a few code changes were needed to do this and we can get rid of a work struct for bonus points. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-05-23cfg80211: check wdev->netdev in connection workJohannes Berg
If a P2P-Device is present and another virtual interface triggers the connection work, the system crash because it tries to check if the P2P-Device's netdev (which doesn't exist) is up. Skip any wdevs that have no netdev to fix this. Cc: stable@vger.kernel.org Reported-by: YanBo <dreamfly281@gmail.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-05-16cfg80211: fix interface down/disconnect state handlingJohannes Berg
When the interface goes down, there's no need to call cfg80211_mlme_down() after __cfg80211_disconnect() as the latter will call the former (if appropriate.) Also, in __cfg80211_disconnect(), if the cfg80211 SME isn't used, __cfg80211_disconnected() may still need to be called (depending on the current state) so that the SME state gets cleared. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-04-10Merge branch 'master' of ↵John W. Linville
git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless Conflicts: drivers/net/wireless/rt2x00/rt2x00pci.c
2013-03-30cfg80211: sched_scan_mtx lock in cfg80211_conn_work()Artem Savkov
Introduced in f9f475292dbb0e7035fb6661d1524761ea0888d9 ("cfg80211: always check for scan end on P2P device") cfg80211_conn_scan() which requires sched_scan_mtx to be held can be called from cfg80211_conn_work(). Without this we are hitting multiple warnings like the following: WARNING: at net/wireless/sme.c:88 cfg80211_conn_scan+0x1dc/0x3a0 [cfg80211]() Hardware name: 0578A21 Modules linked in: ... Pid: 620, comm: kworker/3:1 Not tainted 3.9.0-rc4-next-20130328+ #326 Call Trace: [<c1036992>] warn_slowpath_common+0x72/0xa0 [<c10369e2>] warn_slowpath_null+0x22/0x30 [<faa4b0ec>] cfg80211_conn_scan+0x1dc/0x3a0 [cfg80211] [<faa4b344>] cfg80211_conn_do_work+0x94/0x380 [cfg80211] [<faa4c3b2>] cfg80211_conn_work+0xa2/0x130 [cfg80211] [<c1051858>] process_one_work+0x198/0x450 Signed-off-by: Artem Savkov <artem.savkov@gmail.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-03-29Merge branch 'master' of ↵John W. Linville
git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless Conflicts: net/mac80211/sta_info.c net/wireless/core.h
2013-03-24cfg80211: always check for scan end on P2P deviceJohannes Berg
If a P2P device wdev is removed while it has a scan, then the scan completion might crash later as it is already freed by that time. To avoid the crash always check the scan completion when the P2P device is being removed for some reason. If the driver already canceled it, don't want and free it, otherwise warn and leak it to avoid later crashes. In order to do this, locking needs to be changed away from the rdev mutex (which can't always be guaranteed). For now, use the sched_scan_mtx instead, I'll rename it to just scan_mtx in a later patch. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-03-20cfg80211: fix potential connection work crashJohannes Berg
If wpa_supplicant and iw/iwconfig are used together, very rarely the system crashes. It seems to be related to the connection parameters not being set up, but it's not all clear to me how this happens. In any case, checking that the conn pointer exists here is probably a good idea. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-03-06cfg80211: refactor association parametersJohannes Berg
cfg80211_mlme_assoc() has grown far too many arguments, make the caller build almost all of the driver struct and pass that to the function instead. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-03-06cfg80211: add ability to override VHT capabilitiesJohannes Berg
For testing it's sometimes useful to be able to override certain VHT capability advertisement, add the ability to do that in cfg80211. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-02-11cfg80211: pass wiphy to cfg80211_ref_bss/put_bssJohannes Berg
This prepares for using the spinlock instead of krefs which is needed in the next patch to track the refs of combined BSSes correctly. Acked-by: Bing Zhao <bzhao@marvell.com> [mwifiex] Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-01-16cfg80211: Allow use_mfp to be specified with the connect commandJouni Malinen
The NL80211_ATTR_USE_MFP attribute was originally added for NL80211_CMD_ASSOCIATE, but it is actually as useful (if not even more useful) with NL80211_CMD_CONNECT, so process that attribute with the connect command, too. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-01-03regulatory: code cleanupJohannes Berg
Clean up various things like indentation, extra parentheses, too many/few line breaks, etc. Acked-by: Luis R. Rodriguez <mcgrof@do-not-panic.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2012-11-30cfg80211: fix BSS struct IE access racesJohannes Berg
When a BSS struct is updated, the IEs are currently overwritten or freed. This can lead to races if some other CPU is accessing the BSS struct and using the IEs concurrently. Fix this by always allocating the IEs in a new struct that holds the data and length and protecting access to this new struct with RCU. Signed-off-by: Johannes Berg <johannes.berg@intel.com>