[mirror_ubuntu-bionic-kernel.git] / net / mac80211 / tdls.c

/*
 * mac80211 TDLS handling code
 *
 * Copyright 2006-2010	Johannes Berg <johannes@sipsolutions.net>
 * Copyright 2014, Intel Corporation
 *
 * This file is GPLv2 as found in COPYING.
 */

#include <linux/ieee80211.h>
#include <net/cfg80211.h>
#include "ieee80211_i.h"
#include "driver-ops.h"

/* give usermode some time for retries in setting up the TDLS session */
#define TDLS_PEER_SETUP_TIMEOUT	(15 * HZ)

void ieee80211_tdls_peer_del_work(struct work_struct *wk)
{
	struct ieee80211_sub_if_data *sdata;
	struct ieee80211_local *local;

	sdata = container_of(wk, struct ieee80211_sub_if_data,
			     tdls_peer_del_work.work);
	local = sdata->local;

	mutex_lock(&local->mtx);
	if (!is_zero_ether_addr(sdata->tdls_peer)) {
		tdls_dbg(sdata, "TDLS del peer %pM\n", sdata->tdls_peer);
		sta_info_destroy_addr(sdata, sdata->tdls_peer);
		eth_zero_addr(sdata->tdls_peer);
	}
	mutex_unlock(&local->mtx);
}

static void ieee80211_tdls_add_ext_capab(struct sk_buff *skb)
{
	u8 *pos = (void *)skb_put(skb, 7);

	*pos++ = WLAN_EID_EXT_CAPABILITY;
	*pos++ = 5; /* len */
	*pos++ = 0x0;
	*pos++ = 0x0;
	*pos++ = 0x0;
	*pos++ = 0x0;
	*pos++ = WLAN_EXT_CAPA5_TDLS_ENABLED;
}

static u16 ieee80211_get_tdls_sta_capab(struct ieee80211_sub_if_data *sdata)
{
	struct ieee80211_local *local = sdata->local;
	u16 capab;

	capab = 0;
	if (ieee80211_get_sdata_band(sdata) != IEEE80211_BAND_2GHZ)
		return capab;

	if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
		capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
	if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE))
		capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;

	return capab;
}

static void ieee80211_tdls_add_link_ie(struct sk_buff *skb, const u8 *src_addr,
				       const u8 *peer, const u8 *bssid)
{
	struct ieee80211_tdls_lnkie *lnkid;

	lnkid = (void *)skb_put(skb, sizeof(struct ieee80211_tdls_lnkie));

	lnkid->ie_type = WLAN_EID_LINK_ID;
	lnkid->ie_len = sizeof(struct ieee80211_tdls_lnkie) - 2;

	memcpy(lnkid->bssid, bssid, ETH_ALEN);
	memcpy(lnkid->init_sta, src_addr, ETH_ALEN);
	memcpy(lnkid->resp_sta, peer, ETH_ALEN);
}

static void
ieee80211_tdls_add_setup_start_ies(struct ieee80211_sub_if_data *sdata,
				   struct sk_buff *skb, const u8 *peer,
				   u8 action_code, const u8 *extra_ies,
				   size_t extra_ies_len)
{
	enum ieee80211_band band = ieee80211_get_sdata_band(sdata);
	size_t offset = 0, noffset;
	u8 *pos;

	ieee80211_add_srates_ie(sdata, skb, false, band);
	ieee80211_add_ext_srates_ie(sdata, skb, false, band);

	/* add any custom IEs that go before Extended Capabilities */
	if (extra_ies_len) {
		static const u8 before_ext_cap[] = {
			WLAN_EID_SUPP_RATES,
			WLAN_EID_COUNTRY,
			WLAN_EID_EXT_SUPP_RATES,
			WLAN_EID_SUPPORTED_CHANNELS,
			WLAN_EID_RSN,
		};
		noffset = ieee80211_ie_split(extra_ies, extra_ies_len,
					     before_ext_cap,
					     ARRAY_SIZE(before_ext_cap),
					     offset);
		pos = skb_put(skb, noffset - offset);
		memcpy(pos, extra_ies + offset, noffset - offset);
		offset = noffset;
	}

	ieee80211_tdls_add_ext_capab(skb);

	/* add any custom IEs that go before HT capabilities */
	if (extra_ies_len) {
		static const u8 before_ht_cap[] = {
			WLAN_EID_SUPP_RATES,
			WLAN_EID_COUNTRY,
			WLAN_EID_EXT_SUPP_RATES,
			WLAN_EID_SUPPORTED_CHANNELS,
			WLAN_EID_RSN,
			WLAN_EID_EXT_CAPABILITY,
			WLAN_EID_QOS_CAPA,
			WLAN_EID_FAST_BSS_TRANSITION,
			WLAN_EID_TIMEOUT_INTERVAL,
			WLAN_EID_SUPPORTED_REGULATORY_CLASSES,
		};
		noffset = ieee80211_ie_split(extra_ies, extra_ies_len,
					     before_ht_cap,
					     ARRAY_SIZE(before_ht_cap),
					     offset);
		pos = skb_put(skb, noffset - offset);
		memcpy(pos, extra_ies + offset, noffset - offset);
		offset = noffset;
	}

	/* add any remaining IEs */
	if (extra_ies_len) {
		noffset = extra_ies_len;
		pos = skb_put(skb, noffset - offset);
		memcpy(pos, extra_ies + offset, noffset - offset);
	}
}

static void ieee80211_tdls_add_ies(struct ieee80211_sub_if_data *sdata,
				   struct sk_buff *skb, const u8 *peer,
				   u8 action_code, bool initiator,
				   const u8 *extra_ies, size_t extra_ies_len)
{
	const u8 *init_addr, *rsp_addr;

	switch (action_code) {
	case WLAN_TDLS_SETUP_REQUEST:
	case WLAN_TDLS_SETUP_RESPONSE:
	case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
		ieee80211_tdls_add_setup_start_ies(sdata, skb, peer,
						   action_code, extra_ies,
						   extra_ies_len);
		break;
	case WLAN_TDLS_SETUP_CONFIRM:
	case WLAN_TDLS_TEARDOWN:
	case WLAN_TDLS_DISCOVERY_REQUEST:
		if (extra_ies_len)
			memcpy(skb_put(skb, extra_ies_len), extra_ies,
			       extra_ies_len);
		break;
	}

	if (initiator) {
		init_addr = sdata->vif.addr;
		rsp_addr = peer;
	} else {
		init_addr = peer;
		rsp_addr = sdata->vif.addr;
	}

	ieee80211_tdls_add_link_ie(skb, init_addr, rsp_addr,
				   sdata->u.mgd.bssid);
}

static int
ieee80211_prep_tdls_encap_data(struct wiphy *wiphy, struct net_device *dev,
			       const u8 *peer, u8 action_code, u8 dialog_token,
			       u16 status_code, struct sk_buff *skb)
{
	struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
	struct ieee80211_tdls_data *tf;

	tf = (void *)skb_put(skb, offsetof(struct ieee80211_tdls_data, u));

	memcpy(tf->da, peer, ETH_ALEN);
	memcpy(tf->sa, sdata->vif.addr, ETH_ALEN);
	tf->ether_type = cpu_to_be16(ETH_P_TDLS);
	tf->payload_type = WLAN_TDLS_SNAP_RFTYPE;

	switch (action_code) {
	case WLAN_TDLS_SETUP_REQUEST:
		tf->category = WLAN_CATEGORY_TDLS;
		tf->action_code = WLAN_TDLS_SETUP_REQUEST;

		skb_put(skb, sizeof(tf->u.setup_req));
		tf->u.setup_req.dialog_token = dialog_token;
		tf->u.setup_req.capability =
			cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata));
		break;
	case WLAN_TDLS_SETUP_RESPONSE:
		tf->category = WLAN_CATEGORY_TDLS;
		tf->action_code = WLAN_TDLS_SETUP_RESPONSE;

		skb_put(skb, sizeof(tf->u.setup_resp));
		tf->u.setup_resp.status_code = cpu_to_le16(status_code);
		tf->u.setup_resp.dialog_token = dialog_token;
		tf->u.setup_resp.capability =
			cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata));
		break;
	case WLAN_TDLS_SETUP_CONFIRM:
		tf->category = WLAN_CATEGORY_TDLS;
		tf->action_code = WLAN_TDLS_SETUP_CONFIRM;

		skb_put(skb, sizeof(tf->u.setup_cfm));
		tf->u.setup_cfm.status_code = cpu_to_le16(status_code);
		tf->u.setup_cfm.dialog_token = dialog_token;
		break;
	case WLAN_TDLS_TEARDOWN:
		tf->category = WLAN_CATEGORY_TDLS;
		tf->action_code = WLAN_TDLS_TEARDOWN;

		skb_put(skb, sizeof(tf->u.teardown));
		tf->u.teardown.reason_code = cpu_to_le16(status_code);
		break;
	case WLAN_TDLS_DISCOVERY_REQUEST:
		tf->category = WLAN_CATEGORY_TDLS;
		tf->action_code = WLAN_TDLS_DISCOVERY_REQUEST;

		skb_put(skb, sizeof(tf->u.discover_req));
		tf->u.discover_req.dialog_token = dialog_token;
		break;
	default:
		return -EINVAL;
	}

	return 0;
}

static int
ieee80211_prep_tdls_direct(struct wiphy *wiphy, struct net_device *dev,
			   const u8 *peer, u8 action_code, u8 dialog_token,
			   u16 status_code, struct sk_buff *skb)
{
	struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
	struct ieee80211_mgmt *mgmt;

	mgmt = (void *)skb_put(skb, 24);
	memset(mgmt, 0, 24);
	memcpy(mgmt->da, peer, ETH_ALEN);
	memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
	memcpy(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN);

	mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
					  IEEE80211_STYPE_ACTION);

	switch (action_code) {
	case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
		skb_put(skb, 1 + sizeof(mgmt->u.action.u.tdls_discover_resp));
		mgmt->u.action.category = WLAN_CATEGORY_PUBLIC;
		mgmt->u.action.u.tdls_discover_resp.action_code =
			WLAN_PUB_ACTION_TDLS_DISCOVER_RES;
		mgmt->u.action.u.tdls_discover_resp.dialog_token =
			dialog_token;
		mgmt->u.action.u.tdls_discover_resp.capability =
			cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata));
		break;
	default:
		return -EINVAL;
	}

	return 0;
}

static int
ieee80211_tdls_prep_mgmt_packet(struct wiphy *wiphy, struct net_device *dev,
				const u8 *peer, u8 action_code,
				u8 dialog_token, u16 status_code,
				u32 peer_capability, bool initiator,
				const u8 *extra_ies, size_t extra_ies_len)
{
	struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
	struct ieee80211_local *local = sdata->local;
	struct sk_buff *skb = NULL;
	bool send_direct;
	struct sta_info *sta;
	int ret;

	skb = dev_alloc_skb(local->hw.extra_tx_headroom +
			    max(sizeof(struct ieee80211_mgmt),
				sizeof(struct ieee80211_tdls_data)) +
			    50 + /* supported rates */
			    7 + /* ext capab */
			    extra_ies_len +
			    sizeof(struct ieee80211_tdls_lnkie));
	if (!skb)
		return -ENOMEM;

	skb_reserve(skb, local->hw.extra_tx_headroom);

	switch (action_code) {
	case WLAN_TDLS_SETUP_REQUEST:
	case WLAN_TDLS_SETUP_RESPONSE:
	case WLAN_TDLS_SETUP_CONFIRM:
	case WLAN_TDLS_TEARDOWN:
	case WLAN_TDLS_DISCOVERY_REQUEST:
		ret = ieee80211_prep_tdls_encap_data(wiphy, dev, peer,
						     action_code, dialog_token,
						     status_code, skb);
		send_direct = false;
		break;
	case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
		ret = ieee80211_prep_tdls_direct(wiphy, dev, peer, action_code,
						 dialog_token, status_code,
						 skb);
		send_direct = true;
		break;
	default:
		ret = -ENOTSUPP;
		break;
	}

	if (ret < 0)
		goto fail;

	rcu_read_lock();
	sta = sta_info_get(sdata, peer);

	/* infer the initiator if we can, to support old userspace */
	switch (action_code) {
	case WLAN_TDLS_SETUP_REQUEST:
		if (sta)
			set_sta_flag(sta, WLAN_STA_TDLS_INITIATOR);
		/* fall-through */
	case WLAN_TDLS_SETUP_CONFIRM:
	case WLAN_TDLS_DISCOVERY_REQUEST:
		initiator = true;
		break;
	case WLAN_TDLS_SETUP_RESPONSE:
		/*
		 * In some testing scenarios, we send a request and response.
		 * Make the last packet sent take effect for the initiator
		 * value.
		 */
		if (sta)
			clear_sta_flag(sta, WLAN_STA_TDLS_INITIATOR);
		/* fall-through */
	case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
		initiator = false;
		break;
	case WLAN_TDLS_TEARDOWN:
		/* any value is ok */
		break;
	default:
		ret = -ENOTSUPP;
		break;
	}

	if (sta && test_sta_flag(sta, WLAN_STA_TDLS_INITIATOR))
		initiator = true;

	rcu_read_unlock();
	if (ret < 0)
		goto fail;

	ieee80211_tdls_add_ies(sdata, skb, peer, action_code, initiator,
			       extra_ies, extra_ies_len);
	if (send_direct) {
		ieee80211_tx_skb(sdata, skb);
		return 0;
	}

	/*
	 * According to 802.11z: Setup req/resp are sent in AC_BK, otherwise
	 * we should default to AC_VI.
	 */
	switch (action_code) {
	case WLAN_TDLS_SETUP_REQUEST:
	case WLAN_TDLS_SETUP_RESPONSE:
		skb_set_queue_mapping(skb, IEEE80211_AC_BK);
		skb->priority = 2;
		break;
	default:
		skb_set_queue_mapping(skb, IEEE80211_AC_VI);
		skb->priority = 5;
		break;
	}

	/* disable bottom halves when entering the Tx path */
	local_bh_disable();
	ret = ieee80211_subif_start_xmit(skb, dev);
	local_bh_enable();

	return ret;

fail:
	dev_kfree_skb(skb);
	return ret;
}

static int
ieee80211_tdls_mgmt_setup(struct wiphy *wiphy, struct net_device *dev,
			  const u8 *peer, u8 action_code, u8 dialog_token,
			  u16 status_code, u32 peer_capability, bool initiator,
			  const u8 *extra_ies, size_t extra_ies_len)
{
	struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
	struct ieee80211_local *local = sdata->local;
	int ret;

	mutex_lock(&local->mtx);

	/* we don't support concurrent TDLS peer setups */
	if (!is_zero_ether_addr(sdata->tdls_peer) &&
	    !ether_addr_equal(sdata->tdls_peer, peer)) {
		ret = -EBUSY;
		goto exit;
	}

	/*
	 * make sure we have a STA representing the peer so we drop or buffer
	 * non-TDLS-setup frames to the peer. We can't send other packets
	 * during setup through the AP path.
	 * Allow error packets to be sent - sometimes we don't even add a STA
	 * before failing the setup.
	 */
	if (status_code == 0) {
		rcu_read_lock();
		if (!sta_info_get(sdata, peer)) {
			rcu_read_unlock();
			ret = -ENOLINK;
			goto exit;
		}
		rcu_read_unlock();
	}

	ieee80211_flush_queues(local, sdata);

	ret = ieee80211_tdls_prep_mgmt_packet(wiphy, dev, peer, action_code,
					      dialog_token, status_code,
					      peer_capability, initiator,
					      extra_ies, extra_ies_len);
	if (ret < 0)
		goto exit;

	memcpy(sdata->tdls_peer, peer, ETH_ALEN);
	ieee80211_queue_delayed_work(&sdata->local->hw,
				     &sdata->tdls_peer_del_work,
				     TDLS_PEER_SETUP_TIMEOUT);

exit:
	mutex_unlock(&local->mtx);
	return ret;
}

static int
ieee80211_tdls_mgmt_teardown(struct wiphy *wiphy, struct net_device *dev,
			     const u8 *peer, u8 action_code, u8 dialog_token,
			     u16 status_code, u32 peer_capability,
			     bool initiator, const u8 *extra_ies,
			     size_t extra_ies_len)
{
	struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
	struct ieee80211_local *local = sdata->local;
	struct sta_info *sta;
	int ret;

	/*
	 * No packets can be transmitted to the peer via the AP during setup -
	 * the STA is set as a TDLS peer, but is not authorized.
	 * During teardown, we prevent direct transmissions by stopping the
	 * queues and flushing all direct packets.
	 */
	ieee80211_stop_vif_queues(local, sdata,
				  IEEE80211_QUEUE_STOP_REASON_TDLS_TEARDOWN);
	ieee80211_flush_queues(local, sdata);

	ret = ieee80211_tdls_prep_mgmt_packet(wiphy, dev, peer, action_code,
					      dialog_token, status_code,
					      peer_capability, initiator,
					      extra_ies, extra_ies_len);
	if (ret < 0)
		sdata_err(sdata, "Failed sending TDLS teardown packet %d\n",
			  ret);

	/*
	 * Remove the STA AUTH flag to force further traffic through the AP. If
	 * the STA was unreachable, it was already removed.
	 */
	rcu_read_lock();
	sta = sta_info_get(sdata, peer);
	if (sta)
		clear_sta_flag(sta, WLAN_STA_TDLS_PEER_AUTH);
	rcu_read_unlock();

	ieee80211_wake_vif_queues(local, sdata,
				  IEEE80211_QUEUE_STOP_REASON_TDLS_TEARDOWN);

	return 0;
}

int ieee80211_tdls_mgmt(struct wiphy *wiphy, struct net_device *dev,
			const u8 *peer, u8 action_code, u8 dialog_token,
			u16 status_code, u32 peer_capability,
			bool initiator, const u8 *extra_ies,
			size_t extra_ies_len)
{
	struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
	int ret;

	if (!(wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS))
		return -ENOTSUPP;

	/* make sure we are in managed mode, and associated */
	if (sdata->vif.type != NL80211_IFTYPE_STATION ||
	    !sdata->u.mgd.associated)
		return -EINVAL;

	switch (action_code) {
	case WLAN_TDLS_SETUP_REQUEST:
	case WLAN_TDLS_SETUP_RESPONSE:
		ret = ieee80211_tdls_mgmt_setup(wiphy, dev, peer, action_code,
						dialog_token, status_code,
						peer_capability, initiator,
						extra_ies, extra_ies_len);
		break;
	case WLAN_TDLS_TEARDOWN:
		ret = ieee80211_tdls_mgmt_teardown(wiphy, dev, peer,
						   action_code, dialog_token,
						   status_code,
						   peer_capability, initiator,
						   extra_ies, extra_ies_len);
		break;
	case WLAN_TDLS_DISCOVERY_REQUEST:
		/*
		 * Protect the discovery so we can hear the TDLS discovery
		 * response frame. It is transmitted directly and not buffered
		 * by the AP.
		 */
		drv_mgd_protect_tdls_discover(sdata->local, sdata);
		/* fall-through */
	case WLAN_TDLS_SETUP_CONFIRM:
	case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
		/* no special handling */
		ret = ieee80211_tdls_prep_mgmt_packet(wiphy, dev, peer,
						      action_code,
						      dialog_token,
						      status_code,
						      peer_capability,
						      initiator, extra_ies,
						      extra_ies_len);
		break;
	default:
		ret = -EOPNOTSUPP;
		break;
	}

	tdls_dbg(sdata, "TDLS mgmt action %d peer %pM status %d\n",
		 action_code, peer, ret);
	return ret;
}

int ieee80211_tdls_oper(struct wiphy *wiphy, struct net_device *dev,
			const u8 *peer, enum nl80211_tdls_operation oper)
{
	struct sta_info *sta;
	struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
	struct ieee80211_local *local = sdata->local;
	int ret;

	if (!(wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS))
		return -ENOTSUPP;

	if (sdata->vif.type != NL80211_IFTYPE_STATION)
		return -EINVAL;

	switch (oper) {
	case NL80211_TDLS_ENABLE_LINK:
	case NL80211_TDLS_DISABLE_LINK:
		break;
	case NL80211_TDLS_TEARDOWN:
	case NL80211_TDLS_SETUP:
	case NL80211_TDLS_DISCOVERY_REQ:
		/* We don't support in-driver setup/teardown/discovery */
		return -ENOTSUPP;
	}

	mutex_lock(&local->mtx);
	tdls_dbg(sdata, "TDLS oper %d peer %pM\n", oper, peer);

	switch (oper) {
	case NL80211_TDLS_ENABLE_LINK:
		rcu_read_lock();
		sta = sta_info_get(sdata, peer);
		if (!sta) {
			rcu_read_unlock();
			ret = -ENOLINK;
			break;
		}

		set_sta_flag(sta, WLAN_STA_TDLS_PEER_AUTH);
		rcu_read_unlock();

		WARN_ON_ONCE(is_zero_ether_addr(sdata->tdls_peer) ||
			     !ether_addr_equal(sdata->tdls_peer, peer));
		ret = 0;
		break;
	case NL80211_TDLS_DISABLE_LINK:
		/* flush a potentially queued teardown packet */
		ieee80211_flush_queues(local, sdata);

		ret = sta_info_destroy_addr(sdata, peer);
		break;
	default:
		ret = -ENOTSUPP;
		break;
	}

	if (ret == 0 && ether_addr_equal(sdata->tdls_peer, peer)) {
		cancel_delayed_work(&sdata->tdls_peer_del_work);
		eth_zero_addr(sdata->tdls_peer);
	}

	mutex_unlock(&local->mtx);
	return ret;
}

void ieee80211_tdls_oper_request(struct ieee80211_vif *vif, const u8 *peer,
				 enum nl80211_tdls_operation oper,
				 u16 reason_code, gfp_t gfp)
{
	struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);

	if (vif->type != NL80211_IFTYPE_STATION || !vif->bss_conf.assoc) {
		sdata_err(sdata, "Discarding TDLS oper %d - not STA or disconnected\n",
			  oper);
		return;
	}

	cfg80211_tdls_oper_request(sdata->dev, peer, oper, reason_code, gfp);
}
EXPORT_SYMBOL(ieee80211_tdls_oper_request);
Commit	Line	Data
95224fe8 AN	1	/*
	2	* mac80211 TDLS handling code
	3	*
	4	* Copyright 2006-2010 Johannes Berg <johannes@sipsolutions.net>
	5	* Copyright 2014, Intel Corporation
	6	*
	7	* This file is GPLv2 as found in COPYING.
	8	*/
	9
	10	#include <linux/ieee80211.h>
c887f0d3	11	#include <net/cfg80211.h>
95224fe8	12	#include "ieee80211_i.h"
ee10f2c7	13	#include "driver-ops.h"
95224fe8	14
17e6a59a AN	15	/* give usermode some time for retries in setting up the TDLS session */
	16	#define TDLS_PEER_SETUP_TIMEOUT (15 * HZ)
	17
	18	void ieee80211_tdls_peer_del_work(struct work_struct *wk)
	19	{
	20	struct ieee80211_sub_if_data *sdata;
	21	struct ieee80211_local *local;
	22
	23	sdata = container_of(wk, struct ieee80211_sub_if_data,
	24	tdls_peer_del_work.work);
	25	local = sdata->local;
	26
	27	mutex_lock(&local->mtx);
	28	if (!is_zero_ether_addr(sdata->tdls_peer)) {
	29	tdls_dbg(sdata, "TDLS del peer %pM\n", sdata->tdls_peer);
	30	sta_info_destroy_addr(sdata, sdata->tdls_peer);
	31	eth_zero_addr(sdata->tdls_peer);
	32	}
	33	mutex_unlock(&local->mtx);
	34	}
	35
95224fe8 AN	36	static void ieee80211_tdls_add_ext_capab(struct sk_buff *skb)
	37	{
	38	u8 pos = (void )skb_put(skb, 7);
	39
	40	*pos++ = WLAN_EID_EXT_CAPABILITY;
	41	pos++ = 5; / len */
	42	*pos++ = 0x0;
	43	*pos++ = 0x0;
	44	*pos++ = 0x0;
	45	*pos++ = 0x0;
	46	*pos++ = WLAN_EXT_CAPA5_TDLS_ENABLED;
	47	}
	48
	49	static u16 ieee80211_get_tdls_sta_capab(struct ieee80211_sub_if_data *sdata)
	50	{
	51	struct ieee80211_local *local = sdata->local;
	52	u16 capab;
	53
	54	capab = 0;
	55	if (ieee80211_get_sdata_band(sdata) != IEEE80211_BAND_2GHZ)
	56	return capab;
	57
	58	if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
	59	capab \|= WLAN_CAPABILITY_SHORT_SLOT_TIME;
	60	if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE))
	61	capab \|= WLAN_CAPABILITY_SHORT_PREAMBLE;
	62
	63	return capab;
	64	}
	65
3b3a0162 JB	66	static void ieee80211_tdls_add_link_ie(struct sk_buff skb, const u8 src_addr,
3b3a0162 JB	67	const u8 peer, const u8 bssid)
95224fe8 AN	68	{
	69	struct ieee80211_tdls_lnkie *lnkid;
	70
	71	lnkid = (void *)skb_put(skb, sizeof(struct ieee80211_tdls_lnkie));
	72
	73	lnkid->ie_type = WLAN_EID_LINK_ID;
	74	lnkid->ie_len = sizeof(struct ieee80211_tdls_lnkie) - 2;
	75
	76	memcpy(lnkid->bssid, bssid, ETH_ALEN);
	77	memcpy(lnkid->init_sta, src_addr, ETH_ALEN);
	78	memcpy(lnkid->resp_sta, peer, ETH_ALEN);
	79	}
	80
f09a87d2 AN	81	static void
	82	ieee80211_tdls_add_setup_start_ies(struct ieee80211_sub_if_data *sdata,
	83	struct sk_buff skb, const u8 peer,
	84	u8 action_code, const u8 *extra_ies,
	85	size_t extra_ies_len)
	86	{
	87	enum ieee80211_band band = ieee80211_get_sdata_band(sdata);
	88	size_t offset = 0, noffset;
	89	u8 *pos;
	90
	91	ieee80211_add_srates_ie(sdata, skb, false, band);
	92	ieee80211_add_ext_srates_ie(sdata, skb, false, band);
	93
	94	/* add any custom IEs that go before Extended Capabilities */
	95	if (extra_ies_len) {
	96	static const u8 before_ext_cap[] = {
	97	WLAN_EID_SUPP_RATES,
	98	WLAN_EID_COUNTRY,
	99	WLAN_EID_EXT_SUPP_RATES,
	100	WLAN_EID_SUPPORTED_CHANNELS,
	101	WLAN_EID_RSN,
	102	};
	103	noffset = ieee80211_ie_split(extra_ies, extra_ies_len,
	104	before_ext_cap,
	105	ARRAY_SIZE(before_ext_cap),
	106	offset);
	107	pos = skb_put(skb, noffset - offset);
	108	memcpy(pos, extra_ies + offset, noffset - offset);
	109	offset = noffset;
	110	}
	111
	112	ieee80211_tdls_add_ext_capab(skb);
	113
	114	/* add any custom IEs that go before HT capabilities */
	115	if (extra_ies_len) {
	116	static const u8 before_ht_cap[] = {
	117	WLAN_EID_SUPP_RATES,
	118	WLAN_EID_COUNTRY,
	119	WLAN_EID_EXT_SUPP_RATES,
	120	WLAN_EID_SUPPORTED_CHANNELS,
	121	WLAN_EID_RSN,
	122	WLAN_EID_EXT_CAPABILITY,
	123	WLAN_EID_QOS_CAPA,
	124	WLAN_EID_FAST_BSS_TRANSITION,
	125	WLAN_EID_TIMEOUT_INTERVAL,
	126	WLAN_EID_SUPPORTED_REGULATORY_CLASSES,
	127	};
	128	noffset = ieee80211_ie_split(extra_ies, extra_ies_len,
	129	before_ht_cap,
	130	ARRAY_SIZE(before_ht_cap),
	131	offset);
	132	pos = skb_put(skb, noffset - offset);
	133	memcpy(pos, extra_ies + offset, noffset - offset);
	134	offset = noffset;
	135	}
	136
	137	/* add any remaining IEs */
	138	if (extra_ies_len) {
	139	noffset = extra_ies_len;
	140	pos = skb_put(skb, noffset - offset);
	141	memcpy(pos, extra_ies + offset, noffset - offset);
	142	}
	143	}
	144
46792a2d AN	145	static void ieee80211_tdls_add_ies(struct ieee80211_sub_if_data *sdata,
	146	struct sk_buff skb, const u8 peer,
	147	u8 action_code, bool initiator,
	148	const u8 *extra_ies, size_t extra_ies_len)
	149	{
	150	const u8 init_addr, rsp_addr;
46792a2d AN	151
	152	switch (action_code) {
	153	case WLAN_TDLS_SETUP_REQUEST:
	154	case WLAN_TDLS_SETUP_RESPONSE:
	155	case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
f09a87d2 AN	156	ieee80211_tdls_add_setup_start_ies(sdata, skb, peer,
	157	action_code, extra_ies,
	158	extra_ies_len);
46792a2d AN	159	break;
	160	case WLAN_TDLS_SETUP_CONFIRM:
	161	case WLAN_TDLS_TEARDOWN:
	162	case WLAN_TDLS_DISCOVERY_REQUEST:
f09a87d2 AN	163	if (extra_ies_len)
	164	memcpy(skb_put(skb, extra_ies_len), extra_ies,
	165	extra_ies_len);
46792a2d AN	166	break;
	167	}
	168
	169	if (initiator) {
	170	init_addr = sdata->vif.addr;
	171	rsp_addr = peer;
	172	} else {
	173	init_addr = peer;
	174	rsp_addr = sdata->vif.addr;
	175	}
	176
46792a2d AN	177	ieee80211_tdls_add_link_ie(skb, init_addr, rsp_addr,
	178	sdata->u.mgd.bssid);
	179	}
	180
95224fe8 AN	181	static int
95224fe8 AN	182	ieee80211_prep_tdls_encap_data(struct wiphy wiphy, struct net_device dev,
3b3a0162	183	const u8 *peer, u8 action_code, u8 dialog_token,
95224fe8 AN	184	u16 status_code, struct sk_buff *skb)
	185	{
	186	struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
95224fe8 AN	187	struct ieee80211_tdls_data *tf;
	188
	189	tf = (void *)skb_put(skb, offsetof(struct ieee80211_tdls_data, u));
	190
	191	memcpy(tf->da, peer, ETH_ALEN);
	192	memcpy(tf->sa, sdata->vif.addr, ETH_ALEN);
	193	tf->ether_type = cpu_to_be16(ETH_P_TDLS);
	194	tf->payload_type = WLAN_TDLS_SNAP_RFTYPE;
	195
	196	switch (action_code) {
	197	case WLAN_TDLS_SETUP_REQUEST:
	198	tf->category = WLAN_CATEGORY_TDLS;
	199	tf->action_code = WLAN_TDLS_SETUP_REQUEST;
	200
	201	skb_put(skb, sizeof(tf->u.setup_req));
	202	tf->u.setup_req.dialog_token = dialog_token;
	203	tf->u.setup_req.capability =
	204	cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata));
95224fe8 AN	205	break;
	206	case WLAN_TDLS_SETUP_RESPONSE:
	207	tf->category = WLAN_CATEGORY_TDLS;
	208	tf->action_code = WLAN_TDLS_SETUP_RESPONSE;
	209
	210	skb_put(skb, sizeof(tf->u.setup_resp));
	211	tf->u.setup_resp.status_code = cpu_to_le16(status_code);
	212	tf->u.setup_resp.dialog_token = dialog_token;
	213	tf->u.setup_resp.capability =
	214	cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata));
95224fe8 AN	215	break;
	216	case WLAN_TDLS_SETUP_CONFIRM:
	217	tf->category = WLAN_CATEGORY_TDLS;
	218	tf->action_code = WLAN_TDLS_SETUP_CONFIRM;
	219
	220	skb_put(skb, sizeof(tf->u.setup_cfm));
	221	tf->u.setup_cfm.status_code = cpu_to_le16(status_code);
	222	tf->u.setup_cfm.dialog_token = dialog_token;
	223	break;
	224	case WLAN_TDLS_TEARDOWN:
	225	tf->category = WLAN_CATEGORY_TDLS;
	226	tf->action_code = WLAN_TDLS_TEARDOWN;
	227
	228	skb_put(skb, sizeof(tf->u.teardown));
	229	tf->u.teardown.reason_code = cpu_to_le16(status_code);
	230	break;
	231	case WLAN_TDLS_DISCOVERY_REQUEST:
	232	tf->category = WLAN_CATEGORY_TDLS;
	233	tf->action_code = WLAN_TDLS_DISCOVERY_REQUEST;
	234
	235	skb_put(skb, sizeof(tf->u.discover_req));
	236	tf->u.discover_req.dialog_token = dialog_token;
	237	break;
	238	default:
	239	return -EINVAL;
	240	}
	241
	242	return 0;
	243	}
	244
	245	static int
	246	ieee80211_prep_tdls_direct(struct wiphy wiphy, struct net_device dev,
3b3a0162	247	const u8 *peer, u8 action_code, u8 dialog_token,
95224fe8 AN	248	u16 status_code, struct sk_buff *skb)
	249	{
	250	struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
95224fe8 AN	251	struct ieee80211_mgmt *mgmt;
	252
	253	mgmt = (void *)skb_put(skb, 24);
	254	memset(mgmt, 0, 24);
	255	memcpy(mgmt->da, peer, ETH_ALEN);
	256	memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
	257	memcpy(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN);
	258
	259	mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT \|
	260	IEEE80211_STYPE_ACTION);
	261
	262	switch (action_code) {
	263	case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
	264	skb_put(skb, 1 + sizeof(mgmt->u.action.u.tdls_discover_resp));
	265	mgmt->u.action.category = WLAN_CATEGORY_PUBLIC;
	266	mgmt->u.action.u.tdls_discover_resp.action_code =
	267	WLAN_PUB_ACTION_TDLS_DISCOVER_RES;
	268	mgmt->u.action.u.tdls_discover_resp.dialog_token =
	269	dialog_token;
	270	mgmt->u.action.u.tdls_discover_resp.capability =
	271	cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata));
95224fe8 AN	272	break;
	273	default:
	274	return -EINVAL;
	275	}
	276
	277	return 0;
	278	}
	279
17e6a59a AN	280	static int
	281	ieee80211_tdls_prep_mgmt_packet(struct wiphy wiphy, struct net_device dev,
	282	const u8 *peer, u8 action_code,
	283	u8 dialog_token, u16 status_code,
2fb6b9b8 AN	284	u32 peer_capability, bool initiator,
2fb6b9b8 AN	285	const u8 *extra_ies, size_t extra_ies_len)
95224fe8 AN	286	{
	287	struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
	288	struct ieee80211_local *local = sdata->local;
	289	struct sk_buff *skb = NULL;
	290	bool send_direct;
626911cc	291	struct sta_info *sta;
95224fe8 AN	292	int ret;
95224fe8 AN	293
95224fe8 AN	294	skb = dev_alloc_skb(local->hw.extra_tx_headroom +
	295	max(sizeof(struct ieee80211_mgmt),
	296	sizeof(struct ieee80211_tdls_data)) +
	297	50 + /* supported rates */
	298	7 + /* ext capab */
	299	extra_ies_len +
	300	sizeof(struct ieee80211_tdls_lnkie));
	301	if (!skb)
	302	return -ENOMEM;
	303
	304	skb_reserve(skb, local->hw.extra_tx_headroom);
	305
	306	switch (action_code) {
	307	case WLAN_TDLS_SETUP_REQUEST:
	308	case WLAN_TDLS_SETUP_RESPONSE:
	309	case WLAN_TDLS_SETUP_CONFIRM:
	310	case WLAN_TDLS_TEARDOWN:
	311	case WLAN_TDLS_DISCOVERY_REQUEST:
	312	ret = ieee80211_prep_tdls_encap_data(wiphy, dev, peer,
	313	action_code, dialog_token,
	314	status_code, skb);
	315	send_direct = false;
	316	break;
	317	case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
	318	ret = ieee80211_prep_tdls_direct(wiphy, dev, peer, action_code,
	319	dialog_token, status_code,
	320	skb);
	321	send_direct = true;
	322	break;
	323	default:
	324	ret = -ENOTSUPP;
	325	break;
	326	}
	327
	328	if (ret < 0)
	329	goto fail;
	330
626911cc AN	331	rcu_read_lock();
	332	sta = sta_info_get(sdata, peer);
	333
	334	/* infer the initiator if we can, to support old userspace */
95224fe8 AN	335	switch (action_code) {
95224fe8 AN	336	case WLAN_TDLS_SETUP_REQUEST:
626911cc AN	337	if (sta)
	338	set_sta_flag(sta, WLAN_STA_TDLS_INITIATOR);
	339	/* fall-through */
95224fe8	340	case WLAN_TDLS_SETUP_CONFIRM:
95224fe8	341	case WLAN_TDLS_DISCOVERY_REQUEST:
626911cc	342	initiator = true;
95224fe8 AN	343	break;
95224fe8 AN	344	case WLAN_TDLS_SETUP_RESPONSE:
626911cc AN	345	/*
	346	* In some testing scenarios, we send a request and response.
	347	* Make the last packet sent take effect for the initiator
	348	* value.
	349	*/
	350	if (sta)
	351	clear_sta_flag(sta, WLAN_STA_TDLS_INITIATOR);
	352	/* fall-through */
95224fe8	353	case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
626911cc	354	initiator = false;
2fb6b9b8 AN	355	break;
	356	case WLAN_TDLS_TEARDOWN:
	357	/* any value is ok */
95224fe8 AN	358	break;
	359	default:
	360	ret = -ENOTSUPP;
626911cc	361	break;
95224fe8 AN	362	}
95224fe8 AN	363
46792a2d AN	364	if (sta && test_sta_flag(sta, WLAN_STA_TDLS_INITIATOR))
46792a2d AN	365	initiator = true;
2fb6b9b8	366
626911cc AN	367	rcu_read_unlock();
	368	if (ret < 0)
	369	goto fail;
	370
46792a2d AN	371	ieee80211_tdls_add_ies(sdata, skb, peer, action_code, initiator,
46792a2d AN	372	extra_ies, extra_ies_len);
95224fe8 AN	373	if (send_direct) {
	374	ieee80211_tx_skb(sdata, skb);
	375	return 0;
	376	}
	377
	378	/*
	379	* According to 802.11z: Setup req/resp are sent in AC_BK, otherwise
	380	* we should default to AC_VI.
	381	*/
	382	switch (action_code) {
	383	case WLAN_TDLS_SETUP_REQUEST:
	384	case WLAN_TDLS_SETUP_RESPONSE:
	385	skb_set_queue_mapping(skb, IEEE80211_AC_BK);
	386	skb->priority = 2;
	387	break;
	388	default:
	389	skb_set_queue_mapping(skb, IEEE80211_AC_VI);
	390	skb->priority = 5;
	391	break;
	392	}
	393
	394	/* disable bottom halves when entering the Tx path */
	395	local_bh_disable();
	396	ret = ieee80211_subif_start_xmit(skb, dev);
	397	local_bh_enable();
	398
	399	return ret;
	400
	401	fail:
	402	dev_kfree_skb(skb);
	403	return ret;
	404	}
	405
191dd469 AN	406	static int
	407	ieee80211_tdls_mgmt_setup(struct wiphy wiphy, struct net_device dev,
	408	const u8 *peer, u8 action_code, u8 dialog_token,
	409	u16 status_code, u32 peer_capability, bool initiator,
	410	const u8 *extra_ies, size_t extra_ies_len)
17e6a59a AN	411	{
	412	struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
	413	struct ieee80211_local *local = sdata->local;
	414	int ret;
	415
17e6a59a AN	416	mutex_lock(&local->mtx);
	417
	418	/* we don't support concurrent TDLS peer setups */
	419	if (!is_zero_ether_addr(sdata->tdls_peer) &&
191dd469	420	!ether_addr_equal(sdata->tdls_peer, peer)) {
17e6a59a AN	421	ret = -EBUSY;
	422	goto exit;
	423	}
	424
7adc3e46 AN	425	/*
	426	* make sure we have a STA representing the peer so we drop or buffer
	427	* non-TDLS-setup frames to the peer. We can't send other packets
6ae32e5d AN	428	* during setup through the AP path.
	429	* Allow error packets to be sent - sometimes we don't even add a STA
	430	* before failing the setup.
7adc3e46	431	*/
6ae32e5d AN	432	if (status_code == 0) {
	433	rcu_read_lock();
	434	if (!sta_info_get(sdata, peer)) {
	435	rcu_read_unlock();
	436	ret = -ENOLINK;
	437	goto exit;
	438	}
7adc3e46	439	rcu_read_unlock();
7adc3e46	440	}
7adc3e46	441
db67d661 AN	442	ieee80211_flush_queues(local, sdata);
db67d661 AN	443
17e6a59a AN	444	ret = ieee80211_tdls_prep_mgmt_packet(wiphy, dev, peer, action_code,
17e6a59a AN	445	dialog_token, status_code,
2fb6b9b8 AN	446	peer_capability, initiator,
2fb6b9b8 AN	447	extra_ies, extra_ies_len);
17e6a59a AN	448	if (ret < 0)
	449	goto exit;
	450
191dd469 AN	451	memcpy(sdata->tdls_peer, peer, ETH_ALEN);
	452	ieee80211_queue_delayed_work(&sdata->local->hw,
	453	&sdata->tdls_peer_del_work,
	454	TDLS_PEER_SETUP_TIMEOUT);
17e6a59a AN	455
	456	exit:
	457	mutex_unlock(&local->mtx);
191dd469 AN	458	return ret;
	459	}
	460
db67d661 AN	461	static int
	462	ieee80211_tdls_mgmt_teardown(struct wiphy wiphy, struct net_device dev,
	463	const u8 *peer, u8 action_code, u8 dialog_token,
	464	u16 status_code, u32 peer_capability,
	465	bool initiator, const u8 *extra_ies,
	466	size_t extra_ies_len)
	467	{
	468	struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
	469	struct ieee80211_local *local = sdata->local;
	470	struct sta_info *sta;
	471	int ret;
	472
	473	/*
	474	* No packets can be transmitted to the peer via the AP during setup -
	475	* the STA is set as a TDLS peer, but is not authorized.
	476	* During teardown, we prevent direct transmissions by stopping the
	477	* queues and flushing all direct packets.
	478	*/
	479	ieee80211_stop_vif_queues(local, sdata,
	480	IEEE80211_QUEUE_STOP_REASON_TDLS_TEARDOWN);
	481	ieee80211_flush_queues(local, sdata);
	482
	483	ret = ieee80211_tdls_prep_mgmt_packet(wiphy, dev, peer, action_code,
	484	dialog_token, status_code,
	485	peer_capability, initiator,
	486	extra_ies, extra_ies_len);
	487	if (ret < 0)
	488	sdata_err(sdata, "Failed sending TDLS teardown packet %d\n",
	489	ret);
	490
	491	/*
	492	* Remove the STA AUTH flag to force further traffic through the AP. If
	493	* the STA was unreachable, it was already removed.
	494	*/
	495	rcu_read_lock();
	496	sta = sta_info_get(sdata, peer);
	497	if (sta)
	498	clear_sta_flag(sta, WLAN_STA_TDLS_PEER_AUTH);
	499	rcu_read_unlock();
	500
	501	ieee80211_wake_vif_queues(local, sdata,
	502	IEEE80211_QUEUE_STOP_REASON_TDLS_TEARDOWN);
	503
	504	return 0;
	505	}
	506
191dd469 AN	507	int ieee80211_tdls_mgmt(struct wiphy wiphy, struct net_device dev,
	508	const u8 *peer, u8 action_code, u8 dialog_token,
	509	u16 status_code, u32 peer_capability,
	510	bool initiator, const u8 *extra_ies,
	511	size_t extra_ies_len)
	512	{
	513	struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
	514	int ret;
	515
	516	if (!(wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS))
	517	return -ENOTSUPP;
	518
	519	/* make sure we are in managed mode, and associated */
	520	if (sdata->vif.type != NL80211_IFTYPE_STATION \|\|
	521	!sdata->u.mgd.associated)
	522	return -EINVAL;
	523
	524	switch (action_code) {
	525	case WLAN_TDLS_SETUP_REQUEST:
	526	case WLAN_TDLS_SETUP_RESPONSE:
	527	ret = ieee80211_tdls_mgmt_setup(wiphy, dev, peer, action_code,
	528	dialog_token, status_code,
	529	peer_capability, initiator,
	530	extra_ies, extra_ies_len);
	531	break;
	532	case WLAN_TDLS_TEARDOWN:
db67d661 AN	533	ret = ieee80211_tdls_mgmt_teardown(wiphy, dev, peer,
	534	action_code, dialog_token,
	535	status_code,
	536	peer_capability, initiator,
	537	extra_ies, extra_ies_len);
	538	break;
191dd469	539	case WLAN_TDLS_DISCOVERY_REQUEST:
ee10f2c7 AN	540	/*
	541	* Protect the discovery so we can hear the TDLS discovery
	542	* response frame. It is transmitted directly and not buffered
	543	* by the AP.
	544	*/
	545	drv_mgd_protect_tdls_discover(sdata->local, sdata);
	546	/* fall-through */
	547	case WLAN_TDLS_SETUP_CONFIRM:
191dd469 AN	548	case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
	549	/* no special handling */
	550	ret = ieee80211_tdls_prep_mgmt_packet(wiphy, dev, peer,
	551	action_code,
	552	dialog_token,
	553	status_code,
	554	peer_capability,
	555	initiator, extra_ies,
	556	extra_ies_len);
	557	break;
	558	default:
	559	ret = -EOPNOTSUPP;
	560	break;
	561	}
17e6a59a AN	562
	563	tdls_dbg(sdata, "TDLS mgmt action %d peer %pM status %d\n",
	564	action_code, peer, ret);
	565	return ret;
	566	}
	567
95224fe8	568	int ieee80211_tdls_oper(struct wiphy wiphy, struct net_device dev,
3b3a0162	569	const u8 *peer, enum nl80211_tdls_operation oper)
95224fe8 AN	570	{
	571	struct sta_info *sta;
	572	struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
17e6a59a AN	573	struct ieee80211_local *local = sdata->local;
17e6a59a AN	574	int ret;
95224fe8 AN	575
	576	if (!(wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS))
	577	return -ENOTSUPP;
	578
	579	if (sdata->vif.type != NL80211_IFTYPE_STATION)
	580	return -EINVAL;
	581
17e6a59a AN	582	switch (oper) {
	583	case NL80211_TDLS_ENABLE_LINK:
	584	case NL80211_TDLS_DISABLE_LINK:
	585	break;
	586	case NL80211_TDLS_TEARDOWN:
	587	case NL80211_TDLS_SETUP:
	588	case NL80211_TDLS_DISCOVERY_REQ:
	589	/* We don't support in-driver setup/teardown/discovery */
	590	return -ENOTSUPP;
	591	}
	592
	593	mutex_lock(&local->mtx);
95224fe8 AN	594	tdls_dbg(sdata, "TDLS oper %d peer %pM\n", oper, peer);
	595
	596	switch (oper) {
	597	case NL80211_TDLS_ENABLE_LINK:
	598	rcu_read_lock();
	599	sta = sta_info_get(sdata, peer);
	600	if (!sta) {
	601	rcu_read_unlock();
17e6a59a AN	602	ret = -ENOLINK;
17e6a59a AN	603	break;
95224fe8 AN	604	}
	605
	606	set_sta_flag(sta, WLAN_STA_TDLS_PEER_AUTH);
	607	rcu_read_unlock();
17e6a59a AN	608
	609	WARN_ON_ONCE(is_zero_ether_addr(sdata->tdls_peer) \|\|
	610	!ether_addr_equal(sdata->tdls_peer, peer));
	611	ret = 0;
95224fe8 AN	612	break;
95224fe8 AN	613	case NL80211_TDLS_DISABLE_LINK:
db67d661 AN	614	/* flush a potentially queued teardown packet */
	615	ieee80211_flush_queues(local, sdata);
	616
17e6a59a AN	617	ret = sta_info_destroy_addr(sdata, peer);
17e6a59a AN	618	break;
95224fe8	619	default:
17e6a59a AN	620	ret = -ENOTSUPP;
17e6a59a AN	621	break;
95224fe8 AN	622	}
95224fe8 AN	623
17e6a59a AN	624	if (ret == 0 && ether_addr_equal(sdata->tdls_peer, peer)) {
	625	cancel_delayed_work(&sdata->tdls_peer_del_work);
	626	eth_zero_addr(sdata->tdls_peer);
	627	}
	628
	629	mutex_unlock(&local->mtx);
	630	return ret;
95224fe8	631	}
c887f0d3 AN	632
	633	void ieee80211_tdls_oper_request(struct ieee80211_vif vif, const u8 peer,
	634	enum nl80211_tdls_operation oper,
	635	u16 reason_code, gfp_t gfp)
	636	{
	637	struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
	638
	639	if (vif->type != NL80211_IFTYPE_STATION \|\| !vif->bss_conf.assoc) {
	640	sdata_err(sdata, "Discarding TDLS oper %d - not STA or disconnected\n",
	641	oper);
	642	return;
	643	}
	644
	645	cfg80211_tdls_oper_request(sdata->dev, peer, oper, reason_code, gfp);
	646	}
	647	EXPORT_SYMBOL(ieee80211_tdls_oper_request);