mesh.c source code [linux/net/mac80211/mesh.c]

1	// SPDX-License-Identifier: GPL-2.0-only
2	/*
3	* Copyright (c) 2008, 2009 open80211s Ltd.
4	* Copyright (C) 2018 - 2023 Intel Corporation
5	* Authors: Luis Carlos Cobo <luisca@cozybit.com>
6	* Javier Cardona <javier@cozybit.com>
7	*/
8
9	#include <linux/slab.h>
10	#include <asm/unaligned.h>
11	#include "ieee80211_i.h"
12	#include "mesh.h"
13	#include "wme.h"
14	#include "driver-ops.h"
15
16	static int mesh_allocated;
17	static struct kmem_cache *rm_cache;
18
19	bool mesh_action_is_path_sel(struct ieee80211_mgmt *mgmt)
20	{
21	return (mgmt->u.action.u.mesh_action.action_code ==
22	WLAN_MESH_ACTION_HWMP_PATH_SELECTION);
23	}
24
25	void ieee80211s_init(void)
26	{
27	mesh_allocated = `1`;
28	rm_cache = kmem_cache_create(name: "mesh_rmc", size: sizeof(struct rmc_entry),
29	align: `0`, flags: `0`, NULL);
30	}
31
32	void ieee80211s_stop(void)
33	{
34	if (!mesh_allocated)
35	return;
36	kmem_cache_destroy(s: rm_cache);
37	}
38
39	static void ieee80211_mesh_housekeeping_timer(struct timer_list *t)
40	{
41	struct ieee80211_sub_if_data *sdata =
42	from_timer(sdata, t, u.mesh.housekeeping_timer);
43	struct ieee80211_local *local = sdata->local;
44	struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
45
46	set_bit(nr: MESH_WORK_HOUSEKEEPING, addr: &ifmsh->wrkq_flags);
47
48	wiphy_work_queue(wiphy: local->hw.wiphy, work: &sdata->work);
49	}
50
51	/**
52	* mesh_matches_local - check if the config of a mesh point matches ours
53	*
54	* @sdata: local mesh subif
55	* @ie: information elements of a management frame from the mesh peer
56	*
57	* This function checks if the mesh configuration of a mesh point matches the
58	* local mesh configuration, i.e. if both nodes belong to the same mesh network.
59	*
60	* Returns: %true if both nodes belong to the same mesh
61	*/
62	bool mesh_matches_local(struct ieee80211_sub_if_data *sdata,
63	struct ieee802_11_elems *ie)
64	{
65	struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
66	u32 basic_rates = `0`;
67	struct cfg80211_chan_def sta_chan_def;
68	struct ieee80211_supported_band *sband;
69	u32 vht_cap_info = `0`;
70
71	/*
72	* As support for each feature is added, check for matching
73	* - On mesh config capabilities
74	* - Power Save Support En
75	* - Sync support enabled
76	* - Sync support active
77	* - Sync support required from peer
78	* - MDA enabled
79	* - Power management control on fc
80	*/
81	if (!(ifmsh->mesh_id_len == ie->mesh_id_len &&
82	memcmp(p: ifmsh->mesh_id, q: ie->mesh_id, size: ie->mesh_id_len) == `0` &&
83	(ifmsh->mesh_pp_id == ie->mesh_config->meshconf_psel) &&
84	(ifmsh->mesh_pm_id == ie->mesh_config->meshconf_pmetric) &&
85	(ifmsh->mesh_cc_id == ie->mesh_config->meshconf_congest) &&
86	(ifmsh->mesh_sp_id == ie->mesh_config->meshconf_synch) &&
87	(ifmsh->mesh_auth_id == ie->mesh_config->meshconf_auth)))
88	return false;
89
90	sband = ieee80211_get_sband(sdata);
91	if (!sband)
92	return false;
93
94	ieee80211_sta_get_rates(sdata, elems: ie, band: sband->band,
95	basic_rates: &basic_rates);
96
97	if (sdata->vif.bss_conf.basic_rates != basic_rates)
98	return false;
99
100	cfg80211_chandef_create(chandef: &sta_chan_def, channel: sdata->vif.bss_conf.chandef.chan,
101	chantype: NL80211_CHAN_NO_HT);
102	ieee80211_chandef_ht_oper(ht_oper: ie->ht_operation, chandef: &sta_chan_def);
103
104	if (ie->vht_cap_elem)
105	vht_cap_info = le32_to_cpu(ie->vht_cap_elem->vht_cap_info);
106
107	ieee80211_chandef_vht_oper(hw: &sdata->local->hw, vht_cap_info,
108	oper: ie->vht_operation, htop: ie->ht_operation,
109	chandef: &sta_chan_def);
110	ieee80211_chandef_he_6ghz_oper(sdata, he_oper: ie->he_operation, eht_oper: ie->eht_operation,
111	chandef: &sta_chan_def);
112
113	if (!cfg80211_chandef_compatible(chandef1: &sdata->vif.bss_conf.chandef,
114	chandef2: &sta_chan_def))
115	return false;
116
117	return true;
118	}
119
120	/**
121	* mesh_peer_accepts_plinks - check if an mp is willing to establish peer links
122	*
123	* @ie: information elements of a management frame from the mesh peer
124	*
125	* Returns: %true if the mesh peer is willing to establish peer links
126	*/
127	bool mesh_peer_accepts_plinks(struct ieee802_11_elems *ie)
128	{
129	return (ie->mesh_config->meshconf_cap &
130	IEEE80211_MESHCONF_CAPAB_ACCEPT_PLINKS) != `0`;
131	}
132
133	/**
134	* mesh_accept_plinks_update - update accepting_plink in local mesh beacons
135	*
136	* @sdata: mesh interface in which mesh beacons are going to be updated
137	*
138	* Returns: beacon changed flag if the beacon content changed.
139	*/
140	u64 mesh_accept_plinks_update(struct ieee80211_sub_if_data *sdata)
141	{
142	bool free_plinks;
143	u64 changed = `0`;
144
145	/ In case mesh_plink_free_count > 0 and mesh_plinktbl_capacity == 0,*
146	* the mesh interface might be able to establish plinks with peers that
147	* are already on the table but are not on PLINK_ESTAB state. However,
148	* in general the mesh interface is not accepting peer link requests
149	* from new peers, and that must be reflected in the beacon
150	*/
151	free_plinks = mesh_plink_availables(sdata);
152
153	if (free_plinks != sdata->u.mesh.accepting_plinks) {
154	sdata->u.mesh.accepting_plinks = free_plinks;
155	changed = BSS_CHANGED_BEACON;
156	}
157
158	return changed;
159	}
160
161	/*
162	* mesh_sta_cleanup - clean up any mesh sta state
163	*
164	* @sta: mesh sta to clean up.
165	*/
166	void mesh_sta_cleanup(struct sta_info *sta)
167	{
168	struct ieee80211_sub_if_data *sdata = sta->sdata;
169	u64 changed = mesh_plink_deactivate(sta);
170
171	if (changed)
172	ieee80211_mbss_info_change_notify(sdata, changed);
173	}
174
175	int mesh_rmc_init(struct ieee80211_sub_if_data *sdata)
176	{
177	int i;
178
179	sdata->u.mesh.rmc = kmalloc(size: sizeof(struct mesh_rmc), GFP_KERNEL);
180	if (!sdata->u.mesh.rmc)
181	return -ENOMEM;
182	sdata->u.mesh.rmc->idx_mask = RMC_BUCKETS - `1`;
183	for (i = `0`; i < RMC_BUCKETS; i++)
184	INIT_HLIST_HEAD(&sdata->u.mesh.rmc->bucket[i]);
185	return `0`;
186	}
187
188	void mesh_rmc_free(struct ieee80211_sub_if_data *sdata)
189	{
190	struct mesh_rmc *rmc = sdata->u.mesh.rmc;
191	struct rmc_entry *p;
192	struct hlist_node *n;
193	int i;
194
195	if (!sdata->u.mesh.rmc)
196	return;
197
198	for (i = `0`; i < RMC_BUCKETS; i++) {
199	hlist_for_each_entry_safe(p, n, &rmc->bucket[i], list) {
200	hlist_del(n: &p->list);
201	kmem_cache_free(s: rm_cache, objp: p);
202	}
203	}
204
205	kfree(objp: rmc);
206	sdata->u.mesh.rmc = NULL;
207	}
208
209	/**
210	* mesh_rmc_check - Check frame in recent multicast cache and add if absent.
211	*
212	* @sdata: interface
213	* @sa: source address
214	* @mesh_hdr: mesh_header
215	*
216	* Returns: 0 if the frame is not in the cache, nonzero otherwise.
217	*
218	* Checks using the source address and the mesh sequence number if we have
219	* received this frame lately. If the frame is not in the cache, it is added to
220	* it.
221	*/
222	int mesh_rmc_check(struct ieee80211_sub_if_data *sdata,
223	const u8 sa, struct* ieee80211s_hdr *mesh_hdr)
224	{
225	struct mesh_rmc *rmc = sdata->u.mesh.rmc;
226	u32 seqnum = `0`;
227	int entries = `0`;
228	u8 idx;
229	struct rmc_entry *p;
230	struct hlist_node *n;
231
232	if (!rmc)
233	return -`1`;
234
235	/ Don't care about endianness since only match matters /
236	memcpy(&seqnum, &mesh_hdr->seqnum, sizeof(mesh_hdr->seqnum));
237	idx = le32_to_cpu(mesh_hdr->seqnum) & rmc->idx_mask;
238	hlist_for_each_entry_safe(p, n, &rmc->bucket[idx], list) {
239	++entries;
240	if (time_after(jiffies, p->exp_time) \|\|
241	entries == RMC_QUEUE_MAX_LEN) {
242	hlist_del(n: &p->list);
243	kmem_cache_free(s: rm_cache, objp: p);
244	--entries;
245	} else if ((seqnum == p->seqnum) && ether_addr_equal(addr1: sa, addr2: p->sa))
246	return -`1`;
247	}
248
249	p = kmem_cache_alloc(cachep: rm_cache, GFP_ATOMIC);
250	if (!p)
251	return `0`;
252
253	p->seqnum = seqnum;
254	p->exp_time = jiffies + RMC_TIMEOUT;
255	memcpy(p->sa, sa, ETH_ALEN);
256	hlist_add_head(n: &p->list, h: &rmc->bucket[idx]);
257	return `0`;
258	}
259
260	int mesh_add_meshconf_ie(struct ieee80211_sub_if_data *sdata,
261	struct sk_buff *skb)
262	{
263	struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
264	u8 *pos, neighbors;
265	u8 meshconf_len = sizeof(struct ieee80211_meshconf_ie);
266	bool is_connected_to_gate = ifmsh->num_gates > `0` \|\|
267	ifmsh->mshcfg.dot11MeshGateAnnouncementProtocol \|\|
268	ifmsh->mshcfg.dot11MeshConnectedToMeshGate;
269	bool is_connected_to_as = ifmsh->mshcfg.dot11MeshConnectedToAuthServer;
270
271	if (skb_tailroom(skb) < `2` + meshconf_len)
272	return -ENOMEM;
273
274	pos = skb_put(skb, len: `2` + meshconf_len);
275	*pos++ = WLAN_EID_MESH_CONFIG;
276	*pos++ = meshconf_len;
277
278	/ save a pointer for quick updates in pre-tbtt /
279	ifmsh->meshconf_offset = pos - skb->data;
280
281	/ Active path selection protocol ID /
282	*pos++ = ifmsh->mesh_pp_id;
283	/ Active path selection metric ID /
284	*pos++ = ifmsh->mesh_pm_id;
285	/ Congestion control mode identifier /
286	*pos++ = ifmsh->mesh_cc_id;
287	/ Synchronization protocol identifier /
288	*pos++ = ifmsh->mesh_sp_id;
289	/ Authentication Protocol identifier /
290	*pos++ = ifmsh->mesh_auth_id;
291	/ Mesh Formation Info - number of neighbors /
292	neighbors = atomic_read(v: &ifmsh->estab_plinks);
293	neighbors = min_t(int, neighbors, IEEE80211_MAX_MESH_PEERINGS);
294	*pos++ = (is_connected_to_as << `7`) \|
295	(neighbors << `1`) \|
296	is_connected_to_gate;
297	/ Mesh capability /
298	*pos = `0x00`;
299	*pos \|= ifmsh->mshcfg.dot11MeshForwarding ?
300	IEEE80211_MESHCONF_CAPAB_FORWARDING : `0x00`;
301	*pos \|= ifmsh->accepting_plinks ?
302	IEEE80211_MESHCONF_CAPAB_ACCEPT_PLINKS : `0x00`;
303	/ Mesh PS mode. See IEEE802.11-2012 8.4.2.100.8 /
304	*pos \|= ifmsh->ps_peers_deep_sleep ?
305	IEEE80211_MESHCONF_CAPAB_POWER_SAVE_LEVEL : `0x00`;
306	return `0`;
307	}
308
309	int mesh_add_meshid_ie(struct ieee80211_sub_if_data sdata, struct* sk_buff *skb)
310	{
311	struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
312	u8 *pos;
313
314	if (skb_tailroom(skb) < `2` + ifmsh->mesh_id_len)
315	return -ENOMEM;
316
317	pos = skb_put(skb, len: `2` + ifmsh->mesh_id_len);
318	*pos++ = WLAN_EID_MESH_ID;
319	*pos++ = ifmsh->mesh_id_len;
320	if (ifmsh->mesh_id_len)
321	memcpy(pos, ifmsh->mesh_id, ifmsh->mesh_id_len);
322
323	return `0`;
324	}
325
326	static int mesh_add_awake_window_ie(struct ieee80211_sub_if_data *sdata,
327	struct sk_buff *skb)
328	{
329	struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
330	u8 *pos;
331
332	/ see IEEE802.11-2012 13.14.6 /
333	if (ifmsh->ps_peers_light_sleep == `0` &&
334	ifmsh->ps_peers_deep_sleep == `0` &&
335	ifmsh->nonpeer_pm == NL80211_MESH_POWER_ACTIVE)
336	return `0`;
337
338	if (skb_tailroom(skb) < `4`)
339	return -ENOMEM;
340
341	pos = skb_put(skb, len: `2` + `2`);
342	*pos++ = WLAN_EID_MESH_AWAKE_WINDOW;
343	*pos++ = `2`;
344	put_unaligned_le16(val: ifmsh->mshcfg.dot11MeshAwakeWindowDuration, p: pos);
345
346	return `0`;
347	}
348
349	int mesh_add_vendor_ies(struct ieee80211_sub_if_data *sdata,
350	struct sk_buff *skb)
351	{
352	struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
353	u8 offset, len;
354	const u8 *data;
355
356	if (!ifmsh->ie \|\| !ifmsh->ie_len)
357	return `0`;
358
359	/ fast-forward to vendor IEs /
360	offset = ieee80211_ie_split_vendor(ies: ifmsh->ie, ielen: ifmsh->ie_len, offset: `0`);
361
362	if (offset < ifmsh->ie_len) {
363	len = ifmsh->ie_len - offset;
364	data = ifmsh->ie + offset;
365	if (skb_tailroom(skb) < len)
366	return -ENOMEM;
367	skb_put_data(skb, data, len);
368	}
369
370	return `0`;
371	}
372
373	int mesh_add_rsn_ie(struct ieee80211_sub_if_data sdata, struct* sk_buff *skb)
374	{
375	struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
376	u8 len = `0`;
377	const u8 *data;
378
379	if (!ifmsh->ie \|\| !ifmsh->ie_len)
380	return `0`;
381
382	/ find RSN IE /
383	data = cfg80211_find_ie(eid: WLAN_EID_RSN, ies: ifmsh->ie, len: ifmsh->ie_len);
384	if (!data)
385	return `0`;
386
387	len = data[`1`] + `2`;
388
389	if (skb_tailroom(skb) < len)
390	return -ENOMEM;
391	skb_put_data(skb, data, len);
392
393	return `0`;
394	}
395
396	static int mesh_add_ds_params_ie(struct ieee80211_sub_if_data *sdata,
397	struct sk_buff *skb)
398	{
399	struct ieee80211_chanctx_conf *chanctx_conf;
400	struct ieee80211_channel *chan;
401	u8 *pos;
402
403	if (skb_tailroom(skb) < `3`)
404	return -ENOMEM;
405
406	rcu_read_lock();
407	chanctx_conf = rcu_dereference(sdata->vif.bss_conf.chanctx_conf);
408	if (WARN_ON(!chanctx_conf)) {
409	rcu_read_unlock();
410	return -EINVAL;
411	}
412	chan = chanctx_conf->def.chan;
413	rcu_read_unlock();
414
415	pos = skb_put(skb, len: `2` + `1`);
416	*pos++ = WLAN_EID_DS_PARAMS;
417	*pos++ = `1`;
418	*pos++ = ieee80211_frequency_to_channel(freq: chan->center_freq);
419
420	return `0`;
421	}
422
423	int mesh_add_ht_cap_ie(struct ieee80211_sub_if_data *sdata,
424	struct sk_buff *skb)
425	{
426	struct ieee80211_supported_band *sband;
427	u8 *pos;
428
429	sband = ieee80211_get_sband(sdata);
430	if (!sband)
431	return -EINVAL;
432
433	/ HT not allowed in 6 GHz /
434	if (sband->band == NL80211_BAND_6GHZ)
435	return `0`;
436
437	if (!sband->ht_cap.ht_supported \|\|
438	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_20_NOHT \|\|
439	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_5 \|\|
440	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_10)
441	return `0`;
442
443	if (skb_tailroom(skb) < `2` + sizeof(struct ieee80211_ht_cap))
444	return -ENOMEM;
445
446	pos = skb_put(skb, len: `2` + sizeof(struct ieee80211_ht_cap));
447	ieee80211_ie_build_ht_cap(pos, ht_cap: &sband->ht_cap, cap: sband->ht_cap.cap);
448
449	return `0`;
450	}
451
452	int mesh_add_ht_oper_ie(struct ieee80211_sub_if_data *sdata,
453	struct sk_buff *skb)
454	{
455	struct ieee80211_local *local = sdata->local;
456	struct ieee80211_chanctx_conf *chanctx_conf;
457	struct ieee80211_channel *channel;
458	struct ieee80211_supported_band *sband;
459	struct ieee80211_sta_ht_cap *ht_cap;
460	u8 *pos;
461
462	rcu_read_lock();
463	chanctx_conf = rcu_dereference(sdata->vif.bss_conf.chanctx_conf);
464	if (WARN_ON(!chanctx_conf)) {
465	rcu_read_unlock();
466	return -EINVAL;
467	}
468	channel = chanctx_conf->def.chan;
469	rcu_read_unlock();
470
471	sband = local->hw.wiphy->bands[channel->band];
472	ht_cap = &sband->ht_cap;
473
474	/ HT not allowed in 6 GHz /
475	if (sband->band == NL80211_BAND_6GHZ)
476	return `0`;
477
478	if (!ht_cap->ht_supported \|\|
479	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_20_NOHT \|\|
480	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_5 \|\|
481	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_10)
482	return `0`;
483
484	if (skb_tailroom(skb) < `2` + sizeof(struct ieee80211_ht_operation))
485	return -ENOMEM;
486
487	pos = skb_put(skb, len: `2` + sizeof(struct ieee80211_ht_operation));
488	ieee80211_ie_build_ht_oper(pos, ht_cap, chandef: &sdata->vif.bss_conf.chandef,
489	prot_mode: sdata->vif.bss_conf.ht_operation_mode,
490	rifs_mode: false);
491
492	return `0`;
493	}
494
495	int mesh_add_vht_cap_ie(struct ieee80211_sub_if_data *sdata,
496	struct sk_buff *skb)
497	{
498	struct ieee80211_supported_band *sband;
499	u8 *pos;
500
501	sband = ieee80211_get_sband(sdata);
502	if (!sband)
503	return -EINVAL;
504
505	/ VHT not allowed in 6 GHz /
506	if (sband->band == NL80211_BAND_6GHZ)
507	return `0`;
508
509	if (!sband->vht_cap.vht_supported \|\|
510	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_20_NOHT \|\|
511	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_5 \|\|
512	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_10)
513	return `0`;
514
515	if (skb_tailroom(skb) < `2` + sizeof(struct ieee80211_vht_cap))
516	return -ENOMEM;
517
518	pos = skb_put(skb, len: `2` + sizeof(struct ieee80211_vht_cap));
519	ieee80211_ie_build_vht_cap(pos, vht_cap: &sband->vht_cap, cap: sband->vht_cap.cap);
520
521	return `0`;
522	}
523
524	int mesh_add_vht_oper_ie(struct ieee80211_sub_if_data *sdata,
525	struct sk_buff *skb)
526	{
527	struct ieee80211_local *local = sdata->local;
528	struct ieee80211_chanctx_conf *chanctx_conf;
529	struct ieee80211_channel *channel;
530	struct ieee80211_supported_band *sband;
531	struct ieee80211_sta_vht_cap *vht_cap;
532	u8 *pos;
533
534	rcu_read_lock();
535	chanctx_conf = rcu_dereference(sdata->vif.bss_conf.chanctx_conf);
536	if (WARN_ON(!chanctx_conf)) {
537	rcu_read_unlock();
538	return -EINVAL;
539	}
540	channel = chanctx_conf->def.chan;
541	rcu_read_unlock();
542
543	sband = local->hw.wiphy->bands[channel->band];
544	vht_cap = &sband->vht_cap;
545
546	/ VHT not allowed in 6 GHz /
547	if (sband->band == NL80211_BAND_6GHZ)
548	return `0`;
549
550	if (!vht_cap->vht_supported \|\|
551	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_20_NOHT \|\|
552	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_5 \|\|
553	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_10)
554	return `0`;
555
556	if (skb_tailroom(skb) < `2` + sizeof(struct ieee80211_vht_operation))
557	return -ENOMEM;
558
559	pos = skb_put(skb, len: `2` + sizeof(struct ieee80211_vht_operation));
560	ieee80211_ie_build_vht_oper(pos, vht_cap,
561	chandef: &sdata->vif.bss_conf.chandef);
562
563	return `0`;
564	}
565
566	int mesh_add_he_cap_ie(struct ieee80211_sub_if_data *sdata,
567	struct sk_buff *skb, u8 ie_len)
568	{
569	const struct ieee80211_sta_he_cap *he_cap;
570	struct ieee80211_supported_band *sband;
571	u8 *pos;
572
573	sband = ieee80211_get_sband(sdata);
574	if (!sband)
575	return -EINVAL;
576
577	he_cap = ieee80211_get_he_iftype_cap(sband, iftype: NL80211_IFTYPE_MESH_POINT);
578
579	if (!he_cap \|\|
580	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_20_NOHT \|\|
581	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_5 \|\|
582	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_10)
583	return `0`;
584
585	if (skb_tailroom(skb) < ie_len)
586	return -ENOMEM;
587
588	pos = skb_put(skb, len: ie_len);
589	ieee80211_ie_build_he_cap(disable_flags: `0`, pos, he_cap, end: pos + ie_len);
590
591	return `0`;
592	}
593
594	int mesh_add_he_oper_ie(struct ieee80211_sub_if_data *sdata,
595	struct sk_buff *skb)
596	{
597	const struct ieee80211_sta_he_cap *he_cap;
598	struct ieee80211_supported_band *sband;
599	u32 len;
600	u8 *pos;
601
602	sband = ieee80211_get_sband(sdata);
603	if (!sband)
604	return -EINVAL;
605
606	he_cap = ieee80211_get_he_iftype_cap(sband, iftype: NL80211_IFTYPE_MESH_POINT);
607	if (!he_cap \|\|
608	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_20_NOHT \|\|
609	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_5 \|\|
610	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_10)
611	return `0`;
612
613	len = `2` + `1` + sizeof(struct ieee80211_he_operation);
614	if (sdata->vif.bss_conf.chandef.chan->band == NL80211_BAND_6GHZ)
615	len += sizeof(struct ieee80211_he_6ghz_oper);
616
617	if (skb_tailroom(skb) < len)
618	return -ENOMEM;
619
620	pos = skb_put(skb, len);
621	ieee80211_ie_build_he_oper(pos, chandef: &sdata->vif.bss_conf.chandef);
622
623	return `0`;
624	}
625
626	int mesh_add_he_6ghz_cap_ie(struct ieee80211_sub_if_data *sdata,
627	struct sk_buff *skb)
628	{
629	struct ieee80211_supported_band *sband;
630	const struct ieee80211_sband_iftype_data *iftd;
631
632	sband = ieee80211_get_sband(sdata);
633	if (!sband)
634	return -EINVAL;
635
636	iftd = ieee80211_get_sband_iftype_data(sband,
637	iftype: NL80211_IFTYPE_MESH_POINT);
638	/ The device doesn't support HE in mesh mode or at all /
639	if (!iftd)
640	return `0`;
641
642	ieee80211_ie_build_he_6ghz_cap(sdata, smps_mode: sdata->deflink.smps_mode, skb);
643	return `0`;
644	}
645
646	int mesh_add_eht_cap_ie(struct ieee80211_sub_if_data *sdata,
647	struct sk_buff *skb, u8 ie_len)
648	{
649	const struct ieee80211_sta_he_cap *he_cap;
650	const struct ieee80211_sta_eht_cap *eht_cap;
651	struct ieee80211_supported_band *sband;
652	u8 *pos;
653
654	sband = ieee80211_get_sband(sdata);
655	if (!sband)
656	return -EINVAL;
657
658	he_cap = ieee80211_get_he_iftype_cap(sband, iftype: NL80211_IFTYPE_MESH_POINT);
659	eht_cap = ieee80211_get_eht_iftype_cap(sband, iftype: NL80211_IFTYPE_MESH_POINT);
660	if (!he_cap \|\| !eht_cap \|\|
661	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_20_NOHT \|\|
662	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_5 \|\|
663	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_10)
664	return `0`;
665
666	if (skb_tailroom(skb) < ie_len)
667	return -ENOMEM;
668
669	pos = skb_put(skb, len: ie_len);
670	ieee80211_ie_build_eht_cap(pos, he_cap, eht_cap, end: pos + ie_len, for_ap: false);
671
672	return `0`;
673	}
674
675	int mesh_add_eht_oper_ie(struct ieee80211_sub_if_data sdata, struct* sk_buff *skb)
676	{
677	const struct ieee80211_sta_eht_cap *eht_cap;
678	struct ieee80211_supported_band *sband;
679	u32 len;
680	u8 *pos;
681
682	sband = ieee80211_get_sband(sdata);
683	if (!sband)
684	return -EINVAL;
685
686	eht_cap = ieee80211_get_eht_iftype_cap(sband, iftype: NL80211_IFTYPE_MESH_POINT);
687	if (!eht_cap \|\|
688	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_20_NOHT \|\|
689	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_5 \|\|
690	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_10)
691	return `0`;
692
693	len = `2` + `1` + offsetof(struct ieee80211_eht_operation, optional) +
694	offsetof(struct ieee80211_eht_operation_info, optional);
695
696	if (skb_tailroom(skb) < len)
697	return -ENOMEM;
698
699	pos = skb_put(skb, len);
700	ieee80211_ie_build_eht_oper(pos, chandef: &sdata->vif.bss_conf.chandef, eht_cap);
701
702	return `0`;
703	}
704
705	static void ieee80211_mesh_path_timer(struct timer_list *t)
706	{
707	struct ieee80211_sub_if_data *sdata =
708	from_timer(sdata, t, u.mesh.mesh_path_timer);
709
710	wiphy_work_queue(wiphy: sdata->local->hw.wiphy, work: &sdata->work);
711	}
712
713	static void ieee80211_mesh_path_root_timer(struct timer_list *t)
714	{
715	struct ieee80211_sub_if_data *sdata =
716	from_timer(sdata, t, u.mesh.mesh_path_root_timer);
717	struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
718
719	set_bit(nr: MESH_WORK_ROOT, addr: &ifmsh->wrkq_flags);
720
721	wiphy_work_queue(wiphy: sdata->local->hw.wiphy, work: &sdata->work);
722	}
723
724	void ieee80211_mesh_root_setup(struct ieee80211_if_mesh *ifmsh)
725	{
726	if (ifmsh->mshcfg.dot11MeshHWMPRootMode > IEEE80211_ROOTMODE_ROOT)
727	set_bit(nr: MESH_WORK_ROOT, addr: &ifmsh->wrkq_flags);
728	else {
729	clear_bit(nr: MESH_WORK_ROOT, addr: &ifmsh->wrkq_flags);
730	/ stop running timer /
731	del_timer_sync(timer: &ifmsh->mesh_path_root_timer);
732	}
733	}
734
735	static void
736	ieee80211_mesh_update_bss_params(struct ieee80211_sub_if_data *sdata,
737	u8 *ie, u8 ie_len)
738	{
739	struct ieee80211_supported_band *sband;
740	const struct element *cap;
741	const struct ieee80211_he_operation *he_oper = NULL;
742
743	sband = ieee80211_get_sband(sdata);
744	if (!sband)
745	return;
746
747	if (!ieee80211_get_he_iftype_cap(sband, iftype: NL80211_IFTYPE_MESH_POINT) \|\|
748	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_20_NOHT \|\|
749	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_5 \|\|
750	sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_10)
751	return;
752
753	sdata->vif.bss_conf.he_support = true;
754
755	cap = cfg80211_find_ext_elem(ext_eid: WLAN_EID_EXT_HE_OPERATION, ies: ie, len: ie_len);
756	if (cap && cap->datalen >= `1` + sizeof(*he_oper) &&
757	cap->datalen >= `1` + ieee80211_he_oper_size(he_oper_ie: cap->data + `1`))
758	he_oper = (void *)(cap->data + `1`);
759
760	if (he_oper)
761	sdata->vif.bss_conf.he_oper.params =
762	__le32_to_cpu(he_oper->he_oper_params);
763
764	sdata->vif.bss_conf.eht_support =
765	!!ieee80211_get_eht_iftype_cap(sband, iftype: NL80211_IFTYPE_MESH_POINT);
766	}
767
768	bool ieee80211_mesh_xmit_fast(struct ieee80211_sub_if_data *sdata,
769	struct sk_buff *skb, u32 ctrl_flags)
770	{
771	struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
772	struct ieee80211_mesh_fast_tx *entry;
773	struct ieee80211s_hdr *meshhdr;
774	u8 sa[ETH_ALEN] __aligned(`2`);
775	struct tid_ampdu_tx *tid_tx;
776	struct sta_info *sta;
777	bool copy_sa = false;
778	u16 ethertype;
779	u8 tid;
780
781	if (ctrl_flags & IEEE80211_TX_CTRL_SKIP_MPATH_LOOKUP)
782	return false;
783
784	if (ifmsh->mshcfg.dot11MeshNolearn)
785	return false;
786
787	/ Add support for these cases later /
788	if (ifmsh->ps_peers_light_sleep \|\| ifmsh->ps_peers_deep_sleep)
789	return false;
790
791	if (is_multicast_ether_addr(addr: skb->data))
792	return false;
793
794	ethertype = (skb->data[`12`] << `8`) \| skb->data[`13`];
795	if (ethertype < ETH_P_802_3_MIN)
796	return false;
797
798	if (skb->sk && skb_shinfo(skb)->tx_flags & SKBTX_WIFI_STATUS)
799	return false;
800
801	if (skb->ip_summed == CHECKSUM_PARTIAL) {
802	skb_set_transport_header(skb, offset: skb_checksum_start_offset(skb));
803	if (skb_checksum_help(skb))
804	return false;
805	}
806
807	entry = mesh_fast_tx_get(sdata, addr: skb->data);
808	if (!entry)
809	return false;
810
811	if (skb_headroom(skb) < entry->hdrlen + entry->fast_tx.hdr_len)
812	return false;
813
814	sta = rcu_dereference(entry->mpath->next_hop);
815	if (!sta)
816	return false;
817
818	tid = skb->priority & IEEE80211_QOS_CTL_TAG1D_MASK;
819	tid_tx = rcu_dereference(sta->ampdu_mlme.tid_tx[tid]);
820	if (tid_tx) {
821	if (!test_bit(HT_AGG_STATE_OPERATIONAL, &tid_tx->state))
822	return false;
823	if (tid_tx->timeout)
824	tid_tx->last_tx = jiffies;
825	}
826
827	skb = skb_share_check(skb, GFP_ATOMIC);
828	if (!skb)
829	return true;
830
831	skb_set_queue_mapping(skb, queue_mapping: ieee80211_select_queue(sdata, sta, skb));
832
833	meshhdr = (struct ieee80211s_hdr *)entry->hdr;
834	if ((meshhdr->flags & MESH_FLAGS_AE) == MESH_FLAGS_AE_A5_A6) {
835	/ preserve SA from eth header for 6-addr frames /
836	ether_addr_copy(dst: sa, src: skb->data + ETH_ALEN);
837	copy_sa = true;
838	}
839
840	memcpy(skb_push(skb, entry->hdrlen - `2` * ETH_ALEN), entry->hdr,
841	entry->hdrlen);
842
843	meshhdr = (struct ieee80211s_hdr *)skb->data;
844	put_unaligned_le32(val: atomic_inc_return(v: &sdata->u.mesh.mesh_seqnum),
845	p: &meshhdr->seqnum);
846	meshhdr->ttl = sdata->u.mesh.mshcfg.dot11MeshTTL;
847	if (copy_sa)
848	ether_addr_copy(dst: meshhdr->eaddr2, src: sa);
849
850	skb_push(skb, len: `2` * ETH_ALEN);
851	__ieee80211_xmit_fast(sdata, sta, fast_tx: &entry->fast_tx, skb, ampdu: tid_tx,
852	da: entry->mpath->dst, sa: sdata->vif.addr);
853
854	return true;
855	}
856
857	/**
858	* ieee80211_fill_mesh_addresses - fill addresses of a locally originated mesh frame
859	* @hdr: 802.11 frame header
860	* @fc: frame control field
861	* @meshda: destination address in the mesh
862	* @meshsa: source address in the mesh. Same as TA, as frame is
863	* locally originated.
864	*
865	* Returns: the length of the 802.11 frame header (excludes mesh control header)
866	*/
867	int ieee80211_fill_mesh_addresses(struct ieee80211_hdr hdr, __le16 fc,
868	const u8 meshda, const* u8 *meshsa)
869	{
870	if (is_multicast_ether_addr(addr: meshda)) {
871	*fc \|= cpu_to_le16(IEEE80211_FCTL_FROMDS);
872	/ DA TA SA /
873	memcpy(hdr->addr1, meshda, ETH_ALEN);
874	memcpy(hdr->addr2, meshsa, ETH_ALEN);
875	memcpy(hdr->addr3, meshsa, ETH_ALEN);
876	return `24`;
877	} else {
878	*fc \|= cpu_to_le16(IEEE80211_FCTL_FROMDS \| IEEE80211_FCTL_TODS);
879	/ RA TA DA SA /
880	eth_zero_addr(addr: hdr->addr1); / RA is resolved later /
881	memcpy(hdr->addr2, meshsa, ETH_ALEN);
882	memcpy(hdr->addr3, meshda, ETH_ALEN);
883	memcpy(hdr->addr4, meshsa, ETH_ALEN);
884	return `30`;
885	}
886	}
887
888	/**
889	* ieee80211_new_mesh_header - create a new mesh header
890	* @sdata: mesh interface to be used
891	* @meshhdr: uninitialized mesh header
892	* @addr4or5: 1st address in the ae header, which may correspond to address 4
893	* (if addr6 is NULL) or address 5 (if addr6 is present). It may
894	* be NULL.
895	* @addr6: 2nd address in the ae header, which corresponds to addr6 of the
896	* mesh frame
897	*
898	* Returns: the header length
899	*/
900	unsigned int ieee80211_new_mesh_header(struct ieee80211_sub_if_data *sdata,
901	struct ieee80211s_hdr *meshhdr,
902	const char addr4or5, const* char *addr6)
903	{
904	if (WARN_ON(!addr4or5 && addr6))
905	return `0`;
906
907	memset(meshhdr, `0`, sizeof(*meshhdr));
908
909	meshhdr->ttl = sdata->u.mesh.mshcfg.dot11MeshTTL;
910
911	put_unaligned_le32(val: atomic_inc_return(v: &sdata->u.mesh.mesh_seqnum),
912	p: &meshhdr->seqnum);
913	if (addr4or5 && !addr6) {
914	meshhdr->flags \|= MESH_FLAGS_AE_A4;
915	memcpy(meshhdr->eaddr1, addr4or5, ETH_ALEN);
916	return `2` * ETH_ALEN;
917	} else if (addr4or5 && addr6) {
918	meshhdr->flags \|= MESH_FLAGS_AE_A5_A6;
919	memcpy(meshhdr->eaddr1, addr4or5, ETH_ALEN);
920	memcpy(meshhdr->eaddr2, addr6, ETH_ALEN);
921	return `3` * ETH_ALEN;
922	}
923
924	return ETH_ALEN;
925	}
926
927	static void ieee80211_mesh_housekeeping(struct ieee80211_sub_if_data *sdata)
928	{
929	struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
930	u64 changed;
931
932	if (ifmsh->mshcfg.plink_timeout > `0`)
933	ieee80211_sta_expire(sdata, exp_time: ifmsh->mshcfg.plink_timeout * HZ);
934	mesh_path_expire(sdata);
935
936	changed = mesh_accept_plinks_update(sdata);
937	ieee80211_mbss_info_change_notify(sdata, changed);
938
939	mesh_fast_tx_gc(sdata);
940
941	mod_timer(timer: &ifmsh->housekeeping_timer,
942	expires: round_jiffies(j: jiffies +
943	IEEE80211_MESH_HOUSEKEEPING_INTERVAL));
944	}
945
946	static void ieee80211_mesh_rootpath(struct ieee80211_sub_if_data *sdata)
947	{
948	struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
949	u32 interval;
950
951	mesh_path_tx_root_frame(sdata);
952
953	if (ifmsh->mshcfg.dot11MeshHWMPRootMode == IEEE80211_PROACTIVE_RANN)
954	interval = ifmsh->mshcfg.dot11MeshHWMPRannInterval;
955	else
956	interval = ifmsh->mshcfg.dot11MeshHWMProotInterval;
957
958	mod_timer(timer: &ifmsh->mesh_path_root_timer,
959	expires: round_jiffies(TU_TO_EXP_TIME(interval)));
960	}
961
962	static int
963	ieee80211_mesh_build_beacon(struct ieee80211_if_mesh *ifmsh)
964	{
965	struct beacon_data *bcn;
966	int head_len, tail_len;
967	struct sk_buff *skb;
968	struct ieee80211_mgmt *mgmt;
969	struct ieee80211_chanctx_conf *chanctx_conf;
970	struct mesh_csa_settings *csa;
971	enum nl80211_band band;
972	u8 ie_len_he_cap, ie_len_eht_cap;
973	u8 *pos;
974	struct ieee80211_sub_if_data *sdata;
975	int hdr_len = offsetofend(struct ieee80211_mgmt, u.beacon);
976
977	sdata = container_of(ifmsh, struct ieee80211_sub_if_data, u.mesh);
978	rcu_read_lock();
979	chanctx_conf = rcu_dereference(sdata->vif.bss_conf.chanctx_conf);
980	band = chanctx_conf->def.chan->band;
981	rcu_read_unlock();
982
983	ie_len_he_cap = ieee80211_ie_len_he_cap(sdata,
984	iftype: NL80211_IFTYPE_MESH_POINT);
985	ie_len_eht_cap = ieee80211_ie_len_eht_cap(sdata,
986	iftype: NL80211_IFTYPE_MESH_POINT);
987	head_len = hdr_len +
988	`2` + / NULL SSID /
989	/ Channel Switch Announcement /
990	`2` + sizeof(struct ieee80211_channel_sw_ie) +
991	/ Mesh Channel Switch Parameters /
992	`2` + sizeof(struct ieee80211_mesh_chansw_params_ie) +
993	/ Channel Switch Wrapper + Wide Bandwidth CSA IE /
994	`2` + `2` + sizeof(struct ieee80211_wide_bw_chansw_ie) +
995	`2` + sizeof(struct ieee80211_sec_chan_offs_ie) +
996	`2` + `8` + / supported rates /
997	`2` + `3`; / DS params /
998	tail_len = `2` + (IEEE80211_MAX_SUPP_RATES - `8`) +
999	`2` + sizeof(struct ieee80211_ht_cap) +
1000	`2` + sizeof(struct ieee80211_ht_operation) +
1001	`2` + ifmsh->mesh_id_len +
1002	`2` + sizeof(struct ieee80211_meshconf_ie) +
1003	`2` + sizeof(__le16) + / awake window /
1004	`2` + sizeof(struct ieee80211_vht_cap) +
1005	`2` + sizeof(struct ieee80211_vht_operation) +
1006	ie_len_he_cap +
1007	`2` + `1` + sizeof(struct ieee80211_he_operation) +
1008	sizeof(struct ieee80211_he_6ghz_oper) +
1009	`2` + `1` + sizeof(struct ieee80211_he_6ghz_capa) +
1010	ie_len_eht_cap +
1011	`2` + `1` + offsetof(struct ieee80211_eht_operation, optional) +
1012	offsetof(struct ieee80211_eht_operation_info, optional) +
1013	ifmsh->ie_len;
1014
1015	bcn = kzalloc(size: sizeof(*bcn) + head_len + tail_len, GFP_KERNEL);
1016	/ need an skb for IE builders to operate on /
1017	skb = __dev_alloc_skb(max(head_len, tail_len), GFP_KERNEL);
1018
1019	if (!bcn \|\| !skb)
1020	goto out_free;
1021
1022	/*
1023	* pointers go into the block we allocated,
1024	* memory is \| beacon_data \| head \| tail \|
1025	*/
1026	bcn->head = ((u8 ) bcn) + sizeof(bcn);
1027
1028	/ fill in the head /
1029	mgmt = skb_put_zero(skb, len: hdr_len);
1030	mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT \|
1031	IEEE80211_STYPE_BEACON);
1032	eth_broadcast_addr(addr: mgmt->da);
1033	memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
1034	memcpy(mgmt->bssid, sdata->vif.addr, ETH_ALEN);
1035	ieee80211_mps_set_frame_flags(sdata, NULL, hdr: (void *) mgmt);
1036	mgmt->u.beacon.beacon_int =
1037	cpu_to_le16(sdata->vif.bss_conf.beacon_int);
1038	mgmt->u.beacon.capab_info \|= cpu_to_le16(
1039	sdata->u.mesh.security ? WLAN_CAPABILITY_PRIVACY : `0`);
1040
1041	pos = skb_put(skb, len: `2`);
1042	*pos++ = WLAN_EID_SSID;
1043	*pos++ = `0x0`;
1044
1045	rcu_read_lock();
1046	csa = rcu_dereference(ifmsh->csa);
1047	if (csa) {
1048	enum nl80211_channel_type ct;
1049	struct cfg80211_chan_def *chandef;
1050	int ie_len = `2` + sizeof(struct ieee80211_channel_sw_ie) +
1051	`2` + sizeof(struct ieee80211_mesh_chansw_params_ie);
1052
1053	pos = skb_put_zero(skb, len: ie_len);
1054	*pos++ = WLAN_EID_CHANNEL_SWITCH;
1055	*pos++ = `3`;
1056	*pos++ = `0x0`;
1057	*pos++ = ieee80211_frequency_to_channel(
1058	freq: csa->settings.chandef.chan->center_freq);
1059	bcn->cntdwn_current_counter = csa->settings.count;
1060	bcn->cntdwn_counter_offsets[`0`] = hdr_len + `6`;
1061	*pos++ = csa->settings.count;
1062	*pos++ = WLAN_EID_CHAN_SWITCH_PARAM;
1063	*pos++ = `6`;
1064	if (ifmsh->csa_role == IEEE80211_MESH_CSA_ROLE_INIT) {
1065	*pos++ = ifmsh->mshcfg.dot11MeshTTL;
1066	*pos \|= WLAN_EID_CHAN_SWITCH_PARAM_INITIATOR;
1067	} else {
1068	*pos++ = ifmsh->chsw_ttl;
1069	}
1070	*pos++ \|= csa->settings.block_tx ?
1071	WLAN_EID_CHAN_SWITCH_PARAM_TX_RESTRICT : `0x00`;
1072	put_unaligned_le16(val: WLAN_REASON_MESH_CHAN, p: pos);
1073	pos += `2`;
1074	put_unaligned_le16(val: ifmsh->pre_value, p: pos);
1075	pos += `2`;
1076
1077	switch (csa->settings.chandef.width) {
1078	case NL80211_CHAN_WIDTH_40:
1079	ie_len = `2` + sizeof(struct ieee80211_sec_chan_offs_ie);
1080	pos = skb_put_zero(skb, len: ie_len);
1081
1082	pos++ = WLAN_EID_SECONDARY_CHANNEL_OFFSET; /* EID /
1083	pos++ = `1`; /* len /
1084	ct = cfg80211_get_chandef_type(chandef: &csa->settings.chandef);
1085	if (ct == NL80211_CHAN_HT40PLUS)
1086	*pos++ = IEEE80211_HT_PARAM_CHA_SEC_ABOVE;
1087	else
1088	*pos++ = IEEE80211_HT_PARAM_CHA_SEC_BELOW;
1089	break;
1090	case NL80211_CHAN_WIDTH_80:
1091	case NL80211_CHAN_WIDTH_80P80:
1092	case NL80211_CHAN_WIDTH_160:
1093	/ Channel Switch Wrapper + Wide Bandwidth CSA IE /
1094	ie_len = `2` + `2` +
1095	sizeof(struct ieee80211_wide_bw_chansw_ie);
1096	pos = skb_put_zero(skb, len: ie_len);
1097
1098	pos++ = WLAN_EID_CHANNEL_SWITCH_WRAPPER; /* EID /
1099	pos++ = `5`; /* len /
1100	/ put sub IE /
1101	chandef = &csa->settings.chandef;
1102	ieee80211_ie_build_wide_bw_cs(pos, chandef);
1103	break;
1104	default:
1105	break;
1106	}
1107	}
1108	rcu_read_unlock();
1109
1110	if (ieee80211_add_srates_ie(sdata, skb, need_basic: true, band) \|\|
1111	mesh_add_ds_params_ie(sdata, skb))
1112	goto out_free;
1113
1114	bcn->head_len = skb->len;
1115	memcpy(bcn->head, skb->data, bcn->head_len);
1116
1117	/ now the tail /
1118	skb_trim(skb, len: `0`);
1119	bcn->tail = bcn->head + bcn->head_len;
1120
1121	if (ieee80211_add_ext_srates_ie(sdata, skb, need_basic: true, band) \|\|
1122	mesh_add_rsn_ie(sdata, skb) \|\|
1123	mesh_add_ht_cap_ie(sdata, skb) \|\|
1124	mesh_add_ht_oper_ie(sdata, skb) \|\|
1125	mesh_add_meshid_ie(sdata, skb) \|\|
1126	mesh_add_meshconf_ie(sdata, skb) \|\|
1127	mesh_add_awake_window_ie(sdata, skb) \|\|
1128	mesh_add_vht_cap_ie(sdata, skb) \|\|
1129	mesh_add_vht_oper_ie(sdata, skb) \|\|
1130	mesh_add_he_cap_ie(sdata, skb, ie_len: ie_len_he_cap) \|\|
1131	mesh_add_he_oper_ie(sdata, skb) \|\|
1132	mesh_add_he_6ghz_cap_ie(sdata, skb) \|\|
1133	mesh_add_eht_cap_ie(sdata, skb, ie_len: ie_len_eht_cap) \|\|
1134	mesh_add_eht_oper_ie(sdata, skb) \|\|
1135	mesh_add_vendor_ies(sdata, skb))
1136	goto out_free;
1137
1138	bcn->tail_len = skb->len;
1139	memcpy(bcn->tail, skb->data, bcn->tail_len);
1140	ieee80211_mesh_update_bss_params(sdata, ie: bcn->tail, ie_len: bcn->tail_len);
1141	bcn->meshconf = (struct ieee80211_meshconf_ie *)
1142	(bcn->tail + ifmsh->meshconf_offset);
1143
1144	dev_kfree_skb(skb);
1145	rcu_assign_pointer(ifmsh->beacon, bcn);
1146	return `0`;
1147	out_free:
1148	kfree(objp: bcn);
1149	dev_kfree_skb(skb);
1150	return -ENOMEM;
1151	}
1152
1153	static int
1154	ieee80211_mesh_rebuild_beacon(struct ieee80211_sub_if_data *sdata)
1155	{
1156	struct beacon_data *old_bcn;
1157	int ret;
1158
1159	old_bcn = sdata_dereference(sdata->u.mesh.beacon, sdata);
1160	ret = ieee80211_mesh_build_beacon(ifmsh: &sdata->u.mesh);
1161	if (ret)
1162	/ just reuse old beacon /
1163	return ret;
1164
1165	if (old_bcn)
1166	kfree_rcu(old_bcn, rcu_head);
1167	return `0`;
1168	}
1169
1170	void ieee80211_mbss_info_change_notify(struct ieee80211_sub_if_data *sdata,
1171	u64 changed)
1172	{
1173	struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
1174	unsigned long bits = changed;
1175	u32 bit;
1176
1177	if (!bits)
1178	return;
1179
1180	/ if we race with running work, worst case this work becomes a noop /
1181	for_each_set_bit(bit, &bits, sizeof(changed) * BITS_PER_BYTE)
1182	set_bit(nr: bit, addr: ifmsh->mbss_changed);
1183	set_bit(nr: MESH_WORK_MBSS_CHANGED, addr: &ifmsh->wrkq_flags);
1184	wiphy_work_queue(wiphy: sdata->local->hw.wiphy, work: &sdata->work);
1185	}
1186
1187	int ieee80211_start_mesh(struct ieee80211_sub_if_data *sdata)
1188	{
1189	struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
1190	struct ieee80211_local *local = sdata->local;
1191	u64 changed = BSS_CHANGED_BEACON \|
1192	BSS_CHANGED_BEACON_ENABLED \|
1193	BSS_CHANGED_HT \|
1194	BSS_CHANGED_BASIC_RATES \|
1195	BSS_CHANGED_BEACON_INT \|
1196	BSS_CHANGED_MCAST_RATE;
1197
1198	local->fif_other_bss++;
1199	/ mesh ifaces must set allmulti to forward mcast traffic /
1200	atomic_inc(v: &local->iff_allmultis);
1201	ieee80211_configure_filter(local);
1202
1203	ifmsh->mesh_cc_id = `0`; / Disabled /
1204	/ register sync ops from extensible synchronization framework /
1205	ifmsh->sync_ops = ieee80211_mesh_sync_ops_get(method: ifmsh->mesh_sp_id);
1206	ifmsh->sync_offset_clockdrift_max = `0`;
1207	set_bit(nr: MESH_WORK_HOUSEKEEPING, addr: &ifmsh->wrkq_flags);
1208	ieee80211_mesh_root_setup(ifmsh);
1209	wiphy_work_queue(wiphy: local->hw.wiphy, work: &sdata->work);
1210	sdata->vif.bss_conf.ht_operation_mode =
1211	ifmsh->mshcfg.ht_opmode;
1212	sdata->vif.bss_conf.enable_beacon = true;
1213
1214	changed \|= ieee80211_mps_local_status_update(sdata);
1215
1216	if (ieee80211_mesh_build_beacon(ifmsh)) {
1217	ieee80211_stop_mesh(sdata);
1218	return -ENOMEM;
1219	}
1220
1221	ieee80211_recalc_dtim(local, sdata);
1222	ieee80211_link_info_change_notify(sdata, link: &sdata->deflink, changed);
1223
1224	netif_carrier_on(dev: sdata->dev);
1225	return `0`;
1226	}
1227
1228	void ieee80211_stop_mesh(struct ieee80211_sub_if_data *sdata)
1229	{
1230	struct ieee80211_local *local = sdata->local;
1231	struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
1232	struct beacon_data *bcn;
1233
1234	netif_carrier_off(dev: sdata->dev);
1235
1236	/ flush STAs and mpaths on this iface /
1237	sta_info_flush(sdata);
1238	ieee80211_free_keys(sdata, force_synchronize: true);
1239	mesh_path_flush_by_iface(sdata);
1240
1241	/ stop the beacon /
1242	ifmsh->mesh_id_len = `0`;
1243	sdata->vif.bss_conf.enable_beacon = false;
1244	sdata->beacon_rate_set = false;
1245	clear_bit(nr: SDATA_STATE_OFFCHANNEL_BEACON_STOPPED, addr: &sdata->state);
1246	ieee80211_link_info_change_notify(sdata, link: &sdata->deflink,
1247	changed: BSS_CHANGED_BEACON_ENABLED);
1248
1249	/ remove beacon /
1250	bcn = sdata_dereference(ifmsh->beacon, sdata);
1251	RCU_INIT_POINTER(ifmsh->beacon, NULL);
1252	kfree_rcu(bcn, rcu_head);
1253
1254	/ free all potentially still buffered group-addressed frames /
1255	local->total_ps_buffered -= skb_queue_len(list_: &ifmsh->ps.bc_buf);
1256	skb_queue_purge(list: &ifmsh->ps.bc_buf);
1257
1258	del_timer_sync(timer: &sdata->u.mesh.housekeeping_timer);
1259	del_timer_sync(timer: &sdata->u.mesh.mesh_path_root_timer);
1260	del_timer_sync(timer: &sdata->u.mesh.mesh_path_timer);
1261
1262	/ clear any mesh work (for next join) we may have accrued /
1263	ifmsh->wrkq_flags = `0`;
1264	memset(ifmsh->mbss_changed, `0`, sizeof(ifmsh->mbss_changed));
1265
1266	local->fif_other_bss--;
1267	atomic_dec(v: &local->iff_allmultis);
1268	ieee80211_configure_filter(local);
1269	}
1270
1271	static void ieee80211_mesh_csa_mark_radar(struct ieee80211_sub_if_data *sdata)
1272	{
1273	int err;
1274
1275	/ if the current channel is a DFS channel, mark the channel as*
1276	* unavailable.
1277	*/
1278	err = cfg80211_chandef_dfs_required(wiphy: sdata->local->hw.wiphy,
1279	chandef: &sdata->vif.bss_conf.chandef,
1280	iftype: NL80211_IFTYPE_MESH_POINT);
1281	if (err > `0`)
1282	cfg80211_radar_event(wiphy: sdata->local->hw.wiphy,
1283	chandef: &sdata->vif.bss_conf.chandef, GFP_ATOMIC);
1284	}
1285
1286	static bool
1287	ieee80211_mesh_process_chnswitch(struct ieee80211_sub_if_data *sdata,
1288	struct ieee802_11_elems *elems, bool beacon)
1289	{
1290	struct cfg80211_csa_settings params;
1291	struct ieee80211_csa_ie csa_ie;
1292	struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
1293	struct ieee80211_supported_band *sband;
1294	int err;
1295	ieee80211_conn_flags_t conn_flags = `0`;
1296	u32 vht_cap_info = `0`;
1297
1298	lockdep_assert_wiphy(sdata->local->hw.wiphy);
1299
1300	sband = ieee80211_get_sband(sdata);
1301	if (!sband)
1302	return false;
1303
1304	switch (sdata->vif.bss_conf.chandef.width) {
1305	case NL80211_CHAN_WIDTH_20_NOHT:
1306	conn_flags \|= IEEE80211_CONN_DISABLE_HT;
1307	fallthrough;
1308	case NL80211_CHAN_WIDTH_20:
1309	conn_flags \|= IEEE80211_CONN_DISABLE_40MHZ;
1310	fallthrough;
1311	case NL80211_CHAN_WIDTH_40:
1312	conn_flags \|= IEEE80211_CONN_DISABLE_VHT;
1313	break;
1314	default:
1315	break;
1316	}
1317
1318	if (elems->vht_cap_elem)
1319	vht_cap_info =
1320	le32_to_cpu(elems->vht_cap_elem->vht_cap_info);
1321
1322	memset(&params, `0`, sizeof(params));
1323	err = ieee80211_parse_ch_switch_ie(sdata, elems, current_band: sband->band,
1324	vht_cap_info,
1325	conn_flags, bssid: sdata->vif.addr,
1326	csa_ie: &csa_ie);
1327	if (err < `0`)
1328	return false;
1329	if (err)
1330	return false;
1331
1332	/ Mark the channel unavailable if the reason for the switch is*
1333	* regulatory.
1334	*/
1335	if (csa_ie.reason_code == WLAN_REASON_MESH_CHAN_REGULATORY)
1336	ieee80211_mesh_csa_mark_radar(sdata);
1337
1338	params.chandef = csa_ie.chandef;
1339	params.count = csa_ie.count;
1340
1341	if (!cfg80211_chandef_usable(wiphy: sdata->local->hw.wiphy, chandef: &params.chandef,
1342	prohibited_flags: IEEE80211_CHAN_DISABLED) \|\|
1343	!cfg80211_reg_can_beacon(wiphy: sdata->local->hw.wiphy, chandef: &params.chandef,
1344	iftype: NL80211_IFTYPE_MESH_POINT)) {
1345	sdata_info(sdata,
1346	"mesh STA %pM switches to unsupported channel (%d MHz, width:%d, CF1/2: %d/%d MHz), aborting\n",
1347	sdata->vif.addr,
1348	params.chandef.chan->center_freq,
1349	params.chandef.width,
1350	params.chandef.center_freq1,
1351	params.chandef.center_freq2);
1352	return false;
1353	}
1354
1355	err = cfg80211_chandef_dfs_required(wiphy: sdata->local->hw.wiphy,
1356	chandef: &params.chandef,
1357	iftype: NL80211_IFTYPE_MESH_POINT);
1358	if (err < `0`)
1359	return false;
1360	if (err > `0` && !ifmsh->userspace_handles_dfs) {
1361	sdata_info(sdata,
1362	"mesh STA %pM switches to channel requiring DFS (%d MHz, width:%d, CF1/2: %d/%d MHz), aborting\n",
1363	sdata->vif.addr,
1364	params.chandef.chan->center_freq,
1365	params.chandef.width,
1366	params.chandef.center_freq1,
1367	params.chandef.center_freq2);
1368	return false;
1369	}
1370
1371	params.radar_required = err;
1372
1373	if (cfg80211_chandef_identical(chandef1: &params.chandef,
1374	chandef2: &sdata->vif.bss_conf.chandef)) {
1375	mcsa_dbg(sdata,
1376	"received csa with an identical chandef, ignoring\n");
1377	return true;
1378	}
1379
1380	mcsa_dbg(sdata,
1381	"received channel switch announcement to go to channel %d MHz\n",
1382	params.chandef.chan->center_freq);
1383
1384	params.block_tx = csa_ie.mode & WLAN_EID_CHAN_SWITCH_PARAM_TX_RESTRICT;
1385	if (beacon) {
1386	ifmsh->chsw_ttl = csa_ie.ttl - `1`;
1387	if (ifmsh->pre_value >= csa_ie.pre_value)
1388	return false;
1389	ifmsh->pre_value = csa_ie.pre_value;
1390	}
1391
1392	if (ifmsh->chsw_ttl >= ifmsh->mshcfg.dot11MeshTTL)
1393	return false;
1394
1395	ifmsh->csa_role = IEEE80211_MESH_CSA_ROLE_REPEATER;
1396
1397	if (ieee80211_channel_switch(wiphy: sdata->local->hw.wiphy, dev: sdata->dev,
1398	params: &params) < `0`)
1399	return false;
1400
1401	return true;
1402	}
1403
1404	static void
1405	ieee80211_mesh_rx_probe_req(struct ieee80211_sub_if_data *sdata,
1406	struct ieee80211_mgmt *mgmt, size_t len)
1407	{
1408	struct ieee80211_local *local = sdata->local;
1409	struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
1410	struct sk_buff *presp;
1411	struct beacon_data *bcn;
1412	struct ieee80211_mgmt *hdr;
1413	struct ieee802_11_elems *elems;
1414	size_t baselen;
1415	u8 *pos;
1416
1417	pos = mgmt->u.probe_req.variable;
1418	baselen = (u8 ) pos - (u8 ) mgmt;
1419	if (baselen > len)
1420	return;
1421
1422	elems = ieee802_11_parse_elems(start: pos, len: len - baselen, action: false, NULL);
1423	if (!elems)
1424	return;
1425
1426	if (!elems->mesh_id)
1427	goto free;
1428
1429	/ 802.11-2012 10.1.4.3.2 /
1430	if ((!ether_addr_equal(addr1: mgmt->da, addr2: sdata->vif.addr) &&
1431	!is_broadcast_ether_addr(addr: mgmt->da)) \|\|
1432	elems->ssid_len != `0`)
1433	goto free;
1434
1435	if (elems->mesh_id_len != `0` &&
1436	(elems->mesh_id_len != ifmsh->mesh_id_len \|\|
1437	memcmp(p: elems->mesh_id, q: ifmsh->mesh_id, size: ifmsh->mesh_id_len)))
1438	goto free;
1439
1440	rcu_read_lock();
1441	bcn = rcu_dereference(ifmsh->beacon);
1442
1443	if (!bcn)
1444	goto out;
1445
1446	presp = dev_alloc_skb(length: local->tx_headroom +
1447	bcn->head_len + bcn->tail_len);
1448	if (!presp)
1449	goto out;
1450
1451	skb_reserve(skb: presp, len: local->tx_headroom);
1452	skb_put_data(skb: presp, data: bcn->head, len: bcn->head_len);
1453	skb_put_data(skb: presp, data: bcn->tail, len: bcn->tail_len);
1454	hdr = (struct ieee80211_mgmt *) presp->data;
1455	hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT \|
1456	IEEE80211_STYPE_PROBE_RESP);
1457	memcpy(hdr->da, mgmt->sa, ETH_ALEN);
1458	IEEE80211_SKB_CB(skb: presp)->flags \|= IEEE80211_TX_INTFL_DONT_ENCRYPT;
1459	ieee80211_tx_skb(sdata, skb: presp);
1460	out:
1461	rcu_read_unlock();
1462	free:
1463	kfree(objp: elems);
1464	}
1465
1466	static void ieee80211_mesh_rx_bcn_presp(struct ieee80211_sub_if_data *sdata,
1467	u16 stype,
1468	struct ieee80211_mgmt *mgmt,
1469	size_t len,
1470	struct ieee80211_rx_status *rx_status)
1471	{
1472	struct ieee80211_local *local = sdata->local;
1473	struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
1474	struct ieee802_11_elems *elems;
1475	struct ieee80211_channel *channel;
1476	size_t baselen;
1477	int freq;
1478	enum nl80211_band band = rx_status->band;
1479
1480	/ ignore ProbeResp to foreign address /
1481	if (stype == IEEE80211_STYPE_PROBE_RESP &&
1482	!ether_addr_equal(addr1: mgmt->da, addr2: sdata->vif.addr))
1483	return;
1484
1485	baselen = (u8 ) mgmt->u.probe_resp.variable - (u8 ) mgmt;
1486	if (baselen > len)
1487	return;
1488
1489	elems = ieee802_11_parse_elems(start: mgmt->u.probe_resp.variable,
1490	len: len - baselen,
1491	action: false, NULL);
1492	if (!elems)
1493	return;
1494
1495	/ ignore non-mesh or secure / unsecure mismatch /
1496	if ((!elems->mesh_id \|\| !elems->mesh_config) \|\|
1497	(elems->rsn && sdata->u.mesh.security == IEEE80211_MESH_SEC_NONE) \|\|
1498	(!elems->rsn && sdata->u.mesh.security != IEEE80211_MESH_SEC_NONE))
1499	goto free;
1500
1501	if (elems->ds_params)
1502	freq = ieee80211_channel_to_frequency(chan: elems->ds_params[`0`], band);
1503	else
1504	freq = rx_status->freq;
1505
1506	channel = ieee80211_get_channel(wiphy: local->hw.wiphy, freq);
1507
1508	if (!channel \|\| channel->flags & IEEE80211_CHAN_DISABLED)
1509	goto free;
1510
1511	if (mesh_matches_local(sdata, ie: elems)) {
1512	mpl_dbg(sdata, "rssi_threshold=%d,rx_status->signal=%d\n",
1513	sdata->u.mesh.mshcfg.rssi_threshold, rx_status->signal);
1514	if (!sdata->u.mesh.user_mpm \|\|
1515	sdata->u.mesh.mshcfg.rssi_threshold == `0` \|\|
1516	sdata->u.mesh.mshcfg.rssi_threshold < rx_status->signal)
1517	mesh_neighbour_update(sdata, hw_addr: mgmt->sa, ie: elems,
1518	rx_status);
1519
1520	if (ifmsh->csa_role != IEEE80211_MESH_CSA_ROLE_INIT &&
1521	!sdata->vif.bss_conf.csa_active)
1522	ieee80211_mesh_process_chnswitch(sdata, elems, beacon: true);
1523	}
1524
1525	if (ifmsh->sync_ops)
1526	ifmsh->sync_ops->rx_bcn_presp(sdata, stype, mgmt, len,
1527	elems->mesh_config, rx_status);
1528	free:
1529	kfree(objp: elems);
1530	}
1531
1532	int ieee80211_mesh_finish_csa(struct ieee80211_sub_if_data sdata, u64 changed)
1533	{
1534	struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
1535	struct mesh_csa_settings *tmp_csa_settings;
1536	int ret = `0`;
1537
1538	/ Reset the TTL value and Initiator flag /
1539	ifmsh->csa_role = IEEE80211_MESH_CSA_ROLE_NONE;
1540	ifmsh->chsw_ttl = `0`;
1541
1542	/ Remove the CSA and MCSP elements from the beacon /
1543	tmp_csa_settings = sdata_dereference(ifmsh->csa, sdata);
1544	RCU_INIT_POINTER(ifmsh->csa, NULL);
1545	if (tmp_csa_settings)
1546	kfree_rcu(tmp_csa_settings, rcu_head);
1547	ret = ieee80211_mesh_rebuild_beacon(sdata);
1548	if (ret)
1549	return -EINVAL;
1550
1551	*changed \|= BSS_CHANGED_BEACON;
1552
1553	mcsa_dbg(sdata, "complete switching to center freq %d MHz",
1554	sdata->vif.bss_conf.chandef.chan->center_freq);
1555	return `0`;
1556	}
1557
1558	int ieee80211_mesh_csa_beacon(struct ieee80211_sub_if_data *sdata,
1559	struct cfg80211_csa_settings *csa_settings,
1560	u64 *changed)
1561	{
1562	struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
1563	struct mesh_csa_settings *tmp_csa_settings;
1564	int ret = `0`;
1565
1566	lockdep_assert_wiphy(sdata->local->hw.wiphy);
1567
1568	tmp_csa_settings = kmalloc(size: sizeof(*tmp_csa_settings),
1569	GFP_ATOMIC);
1570	if (!tmp_csa_settings)
1571	return -ENOMEM;
1572
1573	memcpy(&tmp_csa_settings->settings, csa_settings,
1574	sizeof(struct cfg80211_csa_settings));
1575
1576	rcu_assign_pointer(ifmsh->csa, tmp_csa_settings);
1577
1578	ret = ieee80211_mesh_rebuild_beacon(sdata);
1579	if (ret) {
1580	tmp_csa_settings = rcu_dereference(ifmsh->csa);
1581	RCU_INIT_POINTER(ifmsh->csa, NULL);
1582	kfree_rcu(tmp_csa_settings, rcu_head);
1583	return ret;
1584	}
1585
1586	*changed \|= BSS_CHANGED_BEACON;
1587	return `0`;
1588	}
1589
1590	static int mesh_fwd_csa_frame(struct ieee80211_sub_if_data *sdata,
1591	struct ieee80211_mgmt *mgmt, size_t len,
1592	struct ieee802_11_elems *elems)
1593	{
1594	struct ieee80211_mgmt *mgmt_fwd;
1595	struct sk_buff *skb;
1596	struct ieee80211_local *local = sdata->local;
1597
1598	skb = dev_alloc_skb(length: local->tx_headroom + len);
1599	if (!skb)
1600	return -ENOMEM;
1601	skb_reserve(skb, len: local->tx_headroom);
1602	mgmt_fwd = skb_put(skb, len);
1603
1604	elems->mesh_chansw_params_ie->mesh_ttl--;
1605	elems->mesh_chansw_params_ie->mesh_flags &=
1606	~WLAN_EID_CHAN_SWITCH_PARAM_INITIATOR;
1607
1608	memcpy(mgmt_fwd, mgmt, len);
1609	eth_broadcast_addr(addr: mgmt_fwd->da);
1610	memcpy(mgmt_fwd->sa, sdata->vif.addr, ETH_ALEN);
1611	memcpy(mgmt_fwd->bssid, sdata->vif.addr, ETH_ALEN);
1612
1613	ieee80211_tx_skb(sdata, skb);
1614	return `0`;
1615	}
1616
1617	static void mesh_rx_csa_frame(struct ieee80211_sub_if_data *sdata,
1618	struct ieee80211_mgmt *mgmt, size_t len)
1619	{
1620	struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
1621	struct ieee802_11_elems *elems;
1622	u16 pre_value;
1623	bool fwd_csa = true;
1624	size_t baselen;
1625	u8 *pos;
1626
1627	if (mgmt->u.action.u.measurement.action_code !=
1628	WLAN_ACTION_SPCT_CHL_SWITCH)
1629	return;
1630
1631	pos = mgmt->u.action.u.chan_switch.variable;
1632	baselen = offsetof(struct ieee80211_mgmt,
1633	u.action.u.chan_switch.variable);
1634	elems = ieee802_11_parse_elems(start: pos, len: len - baselen, action: true, NULL);
1635	if (!elems)
1636	return;
1637
1638	if (!mesh_matches_local(sdata, ie: elems))
1639	goto free;
1640
1641	ifmsh->chsw_ttl = elems->mesh_chansw_params_ie->mesh_ttl;
1642	if (!--ifmsh->chsw_ttl)
1643	fwd_csa = false;
1644
1645	pre_value = le16_to_cpu(elems->mesh_chansw_params_ie->mesh_pre_value);
1646	if (ifmsh->pre_value >= pre_value)
1647	goto free;
1648
1649	ifmsh->pre_value = pre_value;
1650
1651	if (!sdata->vif.bss_conf.csa_active &&
1652	!ieee80211_mesh_process_chnswitch(sdata, elems, beacon: false)) {
1653	mcsa_dbg(sdata, "Failed to process CSA action frame");
1654	goto free;
1655	}
1656
1657	/ forward or re-broadcast the CSA frame /
1658	if (fwd_csa) {
1659	if (mesh_fwd_csa_frame(sdata, mgmt, len, elems) < `0`)
1660	mcsa_dbg(sdata, "Failed to forward the CSA frame");
1661	}
1662	free:
1663	kfree(objp: elems);
1664	}
1665
1666	static void ieee80211_mesh_rx_mgmt_action(struct ieee80211_sub_if_data *sdata,
1667	struct ieee80211_mgmt *mgmt,
1668	size_t len,
1669	struct ieee80211_rx_status *rx_status)
1670	{
1671	switch (mgmt->u.action.category) {
1672	case WLAN_CATEGORY_SELF_PROTECTED:
1673	switch (mgmt->u.action.u.self_prot.action_code) {
1674	case WLAN_SP_MESH_PEERING_OPEN:
1675	case WLAN_SP_MESH_PEERING_CLOSE:
1676	case WLAN_SP_MESH_PEERING_CONFIRM:
1677	mesh_rx_plink_frame(sdata, mgmt, len, rx_status);
1678	break;
1679	}
1680	break;
1681	case WLAN_CATEGORY_MESH_ACTION:
1682	if (mesh_action_is_path_sel(mgmt))
1683	mesh_rx_path_sel_frame(sdata, mgmt, len);
1684	break;
1685	case WLAN_CATEGORY_SPECTRUM_MGMT:
1686	mesh_rx_csa_frame(sdata, mgmt, len);
1687	break;
1688	}
1689	}
1690
1691	void ieee80211_mesh_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
1692	struct sk_buff *skb)
1693	{
1694	struct ieee80211_rx_status *rx_status;
1695	struct ieee80211_mgmt *mgmt;
1696	u16 stype;
1697
1698	lockdep_assert_wiphy(sdata->local->hw.wiphy);
1699
1700	/ mesh already went down /
1701	if (!sdata->u.mesh.mesh_id_len)
1702	return;
1703
1704	rx_status = IEEE80211_SKB_RXCB(skb);
1705	mgmt = (struct ieee80211_mgmt *) skb->data;
1706	stype = le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE;
1707
1708	switch (stype) {
1709	case IEEE80211_STYPE_PROBE_RESP:
1710	case IEEE80211_STYPE_BEACON:
1711	ieee80211_mesh_rx_bcn_presp(sdata, stype, mgmt, len: skb->len,
1712	rx_status);
1713	break;
1714	case IEEE80211_STYPE_PROBE_REQ:
1715	ieee80211_mesh_rx_probe_req(sdata, mgmt, len: skb->len);
1716	break;
1717	case IEEE80211_STYPE_ACTION:
1718	ieee80211_mesh_rx_mgmt_action(sdata, mgmt, len: skb->len, rx_status);
1719	break;
1720	}
1721	}
1722
1723	static void mesh_bss_info_changed(struct ieee80211_sub_if_data *sdata)
1724	{
1725	struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
1726	u32 bit;
1727	u64 changed = `0`;
1728
1729	for_each_set_bit(bit, ifmsh->mbss_changed,
1730	sizeof(changed) * BITS_PER_BYTE) {
1731	clear_bit(nr: bit, addr: ifmsh->mbss_changed);
1732	changed \|= BIT(bit);
1733	}
1734
1735	if (sdata->vif.bss_conf.enable_beacon &&
1736	(changed & (BSS_CHANGED_BEACON \|
1737	BSS_CHANGED_HT \|
1738	BSS_CHANGED_BASIC_RATES \|
1739	BSS_CHANGED_BEACON_INT)))
1740	if (ieee80211_mesh_rebuild_beacon(sdata))
1741	return;
1742
1743	ieee80211_link_info_change_notify(sdata, link: &sdata->deflink, changed);
1744	}
1745
1746	void ieee80211_mesh_work(struct ieee80211_sub_if_data *sdata)
1747	{
1748	struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
1749
1750	lockdep_assert_wiphy(sdata->local->hw.wiphy);
1751
1752	/ mesh already went down /
1753	if (!sdata->u.mesh.mesh_id_len)
1754	return;
1755
1756	if (ifmsh->preq_queue_len &&
1757	time_after(jiffies,
1758	ifmsh->last_preq + msecs_to_jiffies(ifmsh->mshcfg.dot11MeshHWMPpreqMinInterval)))
1759	mesh_path_start_discovery(sdata);
1760
1761	if (test_and_clear_bit(nr: MESH_WORK_HOUSEKEEPING, addr: &ifmsh->wrkq_flags))
1762	ieee80211_mesh_housekeeping(sdata);
1763
1764	if (test_and_clear_bit(nr: MESH_WORK_ROOT, addr: &ifmsh->wrkq_flags))
1765	ieee80211_mesh_rootpath(sdata);
1766
1767	if (test_and_clear_bit(nr: MESH_WORK_DRIFT_ADJUST, addr: &ifmsh->wrkq_flags))
1768	mesh_sync_adjust_tsf(sdata);
1769
1770	if (test_and_clear_bit(nr: MESH_WORK_MBSS_CHANGED, addr: &ifmsh->wrkq_flags))
1771	mesh_bss_info_changed(sdata);
1772	}
1773
1774
1775	void ieee80211_mesh_init_sdata(struct ieee80211_sub_if_data *sdata)
1776	{
1777	struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
1778	static u8 zero_addr[ETH_ALEN] = {};
1779
1780	timer_setup(&ifmsh->housekeeping_timer,
1781	ieee80211_mesh_housekeeping_timer, `0`);
1782
1783	ifmsh->accepting_plinks = true;
1784	atomic_set(v: &ifmsh->mpaths, i: `0`);
1785	mesh_rmc_init(sdata);
1786	ifmsh->last_preq = jiffies;
1787	ifmsh->next_perr = jiffies;
1788	ifmsh->csa_role = IEEE80211_MESH_CSA_ROLE_NONE;
1789	/ Allocate all mesh structures when creating the first mesh interface. /
1790	if (!mesh_allocated)
1791	ieee80211s_init();
1792
1793	mesh_pathtbl_init(sdata);
1794
1795	timer_setup(&ifmsh->mesh_path_timer, ieee80211_mesh_path_timer, `0`);
1796	timer_setup(&ifmsh->mesh_path_root_timer,
1797	ieee80211_mesh_path_root_timer, `0`);
1798	INIT_LIST_HEAD(list: &ifmsh->preq_queue.list);
1799	skb_queue_head_init(list: &ifmsh->ps.bc_buf);
1800	spin_lock_init(&ifmsh->mesh_preq_queue_lock);
1801	spin_lock_init(&ifmsh->sync_offset_lock);
1802	RCU_INIT_POINTER(ifmsh->beacon, NULL);
1803
1804	sdata->vif.bss_conf.bssid = zero_addr;
1805	}
1806
1807	void ieee80211_mesh_teardown_sdata(struct ieee80211_sub_if_data *sdata)
1808	{
1809	mesh_rmc_free(sdata);
1810	mesh_pathtbl_unregister(sdata);
1811	}
1812

source code of linux/net/mac80211/mesh.c