aboutsummaryrefslogtreecommitdiffstats
path: root/net/mac80211/scan.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/mac80211/scan.c')
-rw-r--r--net/mac80211/scan.c388
1 files changed, 180 insertions, 208 deletions
diff --git a/net/mac80211/scan.c b/net/mac80211/scan.c
index f934c9620b73..872d7b6ef6b3 100644
--- a/net/mac80211/scan.c
+++ b/net/mac80211/scan.c
@@ -12,9 +12,11 @@
12 * published by the Free Software Foundation. 12 * published by the Free Software Foundation.
13 */ 13 */
14 14
15#include <linux/wireless.h>
16#include <linux/if_arp.h> 15#include <linux/if_arp.h>
17#include <linux/rtnetlink.h> 16#include <linux/rtnetlink.h>
17#include <linux/pm_qos_params.h>
18#include <net/sch_generic.h>
19#include <linux/slab.h>
18#include <net/mac80211.h> 20#include <net/mac80211.h>
19 21
20#include "ieee80211_i.h" 22#include "ieee80211_i.h"
@@ -29,16 +31,19 @@ struct ieee80211_bss *
29ieee80211_rx_bss_get(struct ieee80211_local *local, u8 *bssid, int freq, 31ieee80211_rx_bss_get(struct ieee80211_local *local, u8 *bssid, int freq,
30 u8 *ssid, u8 ssid_len) 32 u8 *ssid, u8 ssid_len)
31{ 33{
32 return (void *)cfg80211_get_bss(local->hw.wiphy, 34 struct cfg80211_bss *cbss;
33 ieee80211_get_channel(local->hw.wiphy, 35
34 freq), 36 cbss = cfg80211_get_bss(local->hw.wiphy,
35 bssid, ssid, ssid_len, 37 ieee80211_get_channel(local->hw.wiphy, freq),
36 0, 0); 38 bssid, ssid, ssid_len, 0, 0);
39 if (!cbss)
40 return NULL;
41 return (void *)cbss->priv;
37} 42}
38 43
39static void ieee80211_rx_bss_free(struct cfg80211_bss *cbss) 44static void ieee80211_rx_bss_free(struct cfg80211_bss *cbss)
40{ 45{
41 struct ieee80211_bss *bss = (void *)cbss; 46 struct ieee80211_bss *bss = (void *)cbss->priv;
42 47
43 kfree(bss_mesh_id(bss)); 48 kfree(bss_mesh_id(bss));
44 kfree(bss_mesh_cfg(bss)); 49 kfree(bss_mesh_cfg(bss));
@@ -47,7 +52,26 @@ static void ieee80211_rx_bss_free(struct cfg80211_bss *cbss)
47void ieee80211_rx_bss_put(struct ieee80211_local *local, 52void ieee80211_rx_bss_put(struct ieee80211_local *local,
48 struct ieee80211_bss *bss) 53 struct ieee80211_bss *bss)
49{ 54{
50 cfg80211_put_bss((struct cfg80211_bss *)bss); 55 if (!bss)
56 return;
57 cfg80211_put_bss(container_of((void *)bss, struct cfg80211_bss, priv));
58}
59
60static bool is_uapsd_supported(struct ieee802_11_elems *elems)
61{
62 u8 qos_info;
63
64 if (elems->wmm_info && elems->wmm_info_len == 7
65 && elems->wmm_info[5] == 1)
66 qos_info = elems->wmm_info[6];
67 else if (elems->wmm_param && elems->wmm_param_len == 24
68 && elems->wmm_param[5] == 1)
69 qos_info = elems->wmm_param[6];
70 else
71 /* no valid wmm information or parameter element found */
72 return false;
73
74 return qos_info & IEEE80211_WMM_IE_AP_QOSINFO_UAPSD;
51} 75}
52 76
53struct ieee80211_bss * 77struct ieee80211_bss *
@@ -59,8 +83,9 @@ ieee80211_bss_info_update(struct ieee80211_local *local,
59 struct ieee80211_channel *channel, 83 struct ieee80211_channel *channel,
60 bool beacon) 84 bool beacon)
61{ 85{
86 struct cfg80211_bss *cbss;
62 struct ieee80211_bss *bss; 87 struct ieee80211_bss *bss;
63 int clen; 88 int clen, srlen;
64 s32 signal = 0; 89 s32 signal = 0;
65 90
66 if (local->hw.flags & IEEE80211_HW_SIGNAL_DBM) 91 if (local->hw.flags & IEEE80211_HW_SIGNAL_DBM)
@@ -68,13 +93,14 @@ ieee80211_bss_info_update(struct ieee80211_local *local,
68 else if (local->hw.flags & IEEE80211_HW_SIGNAL_UNSPEC) 93 else if (local->hw.flags & IEEE80211_HW_SIGNAL_UNSPEC)
69 signal = (rx_status->signal * 100) / local->hw.max_signal; 94 signal = (rx_status->signal * 100) / local->hw.max_signal;
70 95
71 bss = (void *)cfg80211_inform_bss_frame(local->hw.wiphy, channel, 96 cbss = cfg80211_inform_bss_frame(local->hw.wiphy, channel,
72 mgmt, len, signal, GFP_ATOMIC); 97 mgmt, len, signal, GFP_ATOMIC);
73 98
74 if (!bss) 99 if (!cbss)
75 return NULL; 100 return NULL;
76 101
77 bss->cbss.free_priv = ieee80211_rx_bss_free; 102 cbss->free_priv = ieee80211_rx_bss_free;
103 bss = (void *)cbss->priv;
78 104
79 /* save the ERP value so that it is available at association time */ 105 /* save the ERP value so that it is available at association time */
80 if (elems->erp_info && elems->erp_info_len >= 1) { 106 if (elems->erp_info && elems->erp_info_len >= 1) {
@@ -88,29 +114,31 @@ ieee80211_bss_info_update(struct ieee80211_local *local,
88 bss->dtim_period = tim_ie->dtim_period; 114 bss->dtim_period = tim_ie->dtim_period;
89 } 115 }
90 116
91 /* set default value for buggy AP/no TIM element */ 117 /* If the beacon had no TIM IE, or it was invalid, use 1 */
92 if (bss->dtim_period == 0) 118 if (beacon && !bss->dtim_period)
93 bss->dtim_period = 1; 119 bss->dtim_period = 1;
94 120
95 bss->supp_rates_len = 0; 121 /* replace old supported rates if we get new values */
122 srlen = 0;
96 if (elems->supp_rates) { 123 if (elems->supp_rates) {
97 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len; 124 clen = IEEE80211_MAX_SUPP_RATES;
98 if (clen > elems->supp_rates_len) 125 if (clen > elems->supp_rates_len)
99 clen = elems->supp_rates_len; 126 clen = elems->supp_rates_len;
100 memcpy(&bss->supp_rates[bss->supp_rates_len], elems->supp_rates, 127 memcpy(bss->supp_rates, elems->supp_rates, clen);
101 clen); 128 srlen += clen;
102 bss->supp_rates_len += clen;
103 } 129 }
104 if (elems->ext_supp_rates) { 130 if (elems->ext_supp_rates) {
105 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len; 131 clen = IEEE80211_MAX_SUPP_RATES - srlen;
106 if (clen > elems->ext_supp_rates_len) 132 if (clen > elems->ext_supp_rates_len)
107 clen = elems->ext_supp_rates_len; 133 clen = elems->ext_supp_rates_len;
108 memcpy(&bss->supp_rates[bss->supp_rates_len], 134 memcpy(bss->supp_rates + srlen, elems->ext_supp_rates, clen);
109 elems->ext_supp_rates, clen); 135 srlen += clen;
110 bss->supp_rates_len += clen;
111 } 136 }
137 if (srlen)
138 bss->supp_rates_len = srlen;
112 139
113 bss->wmm_used = elems->wmm_param || elems->wmm_info; 140 bss->wmm_used = elems->wmm_param || elems->wmm_info;
141 bss->uapsd_supported = is_uapsd_supported(elems);
114 142
115 if (!beacon) 143 if (!beacon)
116 bss->last_probe_resp = jiffies; 144 bss->last_probe_resp = jiffies;
@@ -147,7 +175,7 @@ ieee80211_scan_rx(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb)
147 presp = ieee80211_is_probe_resp(fc); 175 presp = ieee80211_is_probe_resp(fc);
148 if (presp) { 176 if (presp) {
149 /* ignore ProbeResp to foreign address */ 177 /* ignore ProbeResp to foreign address */
150 if (memcmp(mgmt->da, sdata->dev->dev_addr, ETH_ALEN)) 178 if (memcmp(mgmt->da, sdata->vif.addr, ETH_ALEN))
151 return RX_DROP_MONITOR; 179 return RX_DROP_MONITOR;
152 180
153 presp = true; 181 presp = true;
@@ -220,84 +248,13 @@ static bool ieee80211_prep_hw_scan(struct ieee80211_local *local)
220 return true; 248 return true;
221} 249}
222 250
223/*
224 * inform AP that we will go to sleep so that it will buffer the frames
225 * while we scan
226 */
227static void ieee80211_scan_ps_enable(struct ieee80211_sub_if_data *sdata)
228{
229 struct ieee80211_local *local = sdata->local;
230
231 local->scan_ps_enabled = false;
232
233 /* FIXME: what to do when local->pspolling is true? */
234
235 del_timer_sync(&local->dynamic_ps_timer);
236 cancel_work_sync(&local->dynamic_ps_enable_work);
237
238 if (local->hw.conf.flags & IEEE80211_CONF_PS) {
239 local->scan_ps_enabled = true;
240 local->hw.conf.flags &= ~IEEE80211_CONF_PS;
241 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
242 }
243
244 if (!(local->scan_ps_enabled) ||
245 !(local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK))
246 /*
247 * If power save was enabled, no need to send a nullfunc
248 * frame because AP knows that we are sleeping. But if the
249 * hardware is creating the nullfunc frame for power save
250 * status (ie. IEEE80211_HW_PS_NULLFUNC_STACK is not
251 * enabled) and power save was enabled, the firmware just
252 * sent a null frame with power save disabled. So we need
253 * to send a new nullfunc frame to inform the AP that we
254 * are again sleeping.
255 */
256 ieee80211_send_nullfunc(local, sdata, 1);
257}
258
259/* inform AP that we are awake again, unless power save is enabled */
260static void ieee80211_scan_ps_disable(struct ieee80211_sub_if_data *sdata)
261{
262 struct ieee80211_local *local = sdata->local;
263
264 if (!local->ps_sdata)
265 ieee80211_send_nullfunc(local, sdata, 0);
266 else if (local->scan_ps_enabled) {
267 /*
268 * In !IEEE80211_HW_PS_NULLFUNC_STACK case the hardware
269 * will send a nullfunc frame with the powersave bit set
270 * even though the AP already knows that we are sleeping.
271 * This could be avoided by sending a null frame with power
272 * save bit disabled before enabling the power save, but
273 * this doesn't gain anything.
274 *
275 * When IEEE80211_HW_PS_NULLFUNC_STACK is enabled, no need
276 * to send a nullfunc frame because AP already knows that
277 * we are sleeping, let's just enable power save mode in
278 * hardware.
279 */
280 local->hw.conf.flags |= IEEE80211_CONF_PS;
281 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
282 } else if (local->hw.conf.dynamic_ps_timeout > 0) {
283 /*
284 * If IEEE80211_CONF_PS was not set and the dynamic_ps_timer
285 * had been running before leaving the operating channel,
286 * restart the timer now and send a nullfunc frame to inform
287 * the AP that we are awake.
288 */
289 ieee80211_send_nullfunc(local, sdata, 0);
290 mod_timer(&local->dynamic_ps_timer, jiffies +
291 msecs_to_jiffies(local->hw.conf.dynamic_ps_timeout));
292 }
293}
294
295void ieee80211_scan_completed(struct ieee80211_hw *hw, bool aborted) 251void ieee80211_scan_completed(struct ieee80211_hw *hw, bool aborted)
296{ 252{
297 struct ieee80211_local *local = hw_to_local(hw); 253 struct ieee80211_local *local = hw_to_local(hw);
298 struct ieee80211_sub_if_data *sdata;
299 bool was_hw_scan; 254 bool was_hw_scan;
300 255
256 trace_api_scan_completed(local, aborted);
257
301 mutex_lock(&local->scan_mtx); 258 mutex_lock(&local->scan_mtx);
302 259
303 /* 260 /*
@@ -344,41 +301,19 @@ void ieee80211_scan_completed(struct ieee80211_hw *hw, bool aborted)
344 301
345 drv_sw_scan_complete(local); 302 drv_sw_scan_complete(local);
346 303
347 mutex_lock(&local->iflist_mtx); 304 ieee80211_offchannel_return(local, true);
348 list_for_each_entry(sdata, &local->interfaces, list) {
349 if (!netif_running(sdata->dev))
350 continue;
351
352 /* Tell AP we're back */
353 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
354 if (sdata->u.mgd.associated) {
355 ieee80211_scan_ps_disable(sdata);
356 netif_tx_wake_all_queues(sdata->dev);
357 }
358 } else
359 netif_tx_wake_all_queues(sdata->dev);
360
361 /* re-enable beaconing */
362 if (sdata->vif.type == NL80211_IFTYPE_AP ||
363 sdata->vif.type == NL80211_IFTYPE_ADHOC ||
364 sdata->vif.type == NL80211_IFTYPE_MESH_POINT)
365 ieee80211_bss_info_change_notify(
366 sdata, BSS_CHANGED_BEACON_ENABLED);
367 }
368 mutex_unlock(&local->iflist_mtx);
369 305
370 done: 306 done:
371 ieee80211_recalc_idle(local); 307 ieee80211_recalc_idle(local);
372 ieee80211_mlme_notify_scan_completed(local); 308 ieee80211_mlme_notify_scan_completed(local);
373 ieee80211_ibss_notify_scan_completed(local); 309 ieee80211_ibss_notify_scan_completed(local);
374 ieee80211_mesh_notify_scan_completed(local); 310 ieee80211_mesh_notify_scan_completed(local);
311 ieee80211_queue_work(&local->hw, &local->work_work);
375} 312}
376EXPORT_SYMBOL(ieee80211_scan_completed); 313EXPORT_SYMBOL(ieee80211_scan_completed);
377 314
378static int ieee80211_start_sw_scan(struct ieee80211_local *local) 315static int ieee80211_start_sw_scan(struct ieee80211_local *local)
379{ 316{
380 struct ieee80211_sub_if_data *sdata;
381
382 /* 317 /*
383 * Hardware/driver doesn't support hw_scan, so use software 318 * Hardware/driver doesn't support hw_scan, so use software
384 * scanning instead. First send a nullfunc frame with power save 319 * scanning instead. First send a nullfunc frame with power save
@@ -394,33 +329,16 @@ static int ieee80211_start_sw_scan(struct ieee80211_local *local)
394 */ 329 */
395 drv_sw_scan_start(local); 330 drv_sw_scan_start(local);
396 331
397 mutex_lock(&local->iflist_mtx); 332 ieee80211_offchannel_stop_beaconing(local);
398 list_for_each_entry(sdata, &local->interfaces, list) {
399 if (!netif_running(sdata->dev))
400 continue;
401
402 /* disable beaconing */
403 if (sdata->vif.type == NL80211_IFTYPE_AP ||
404 sdata->vif.type == NL80211_IFTYPE_ADHOC ||
405 sdata->vif.type == NL80211_IFTYPE_MESH_POINT)
406 ieee80211_bss_info_change_notify(
407 sdata, BSS_CHANGED_BEACON_ENABLED);
408
409 /*
410 * only handle non-STA interfaces here, STA interfaces
411 * are handled in the scan state machine
412 */
413 if (sdata->vif.type != NL80211_IFTYPE_STATION)
414 netif_tx_stop_all_queues(sdata->dev);
415 }
416 mutex_unlock(&local->iflist_mtx);
417 333
334 local->leave_oper_channel_time = 0;
418 local->next_scan_state = SCAN_DECISION; 335 local->next_scan_state = SCAN_DECISION;
419 local->scan_channel_idx = 0; 336 local->scan_channel_idx = 0;
420 337
338 drv_flush(local, false);
339
421 ieee80211_configure_filter(local); 340 ieee80211_configure_filter(local);
422 341
423 /* TODO: start scan as soon as all nullfunc frames are ACKed */
424 ieee80211_queue_delayed_work(&local->hw, 342 ieee80211_queue_delayed_work(&local->hw,
425 &local->scan_work, 343 &local->scan_work,
426 IEEE80211_CHANNEL_TIME); 344 IEEE80211_CHANNEL_TIME);
@@ -433,12 +351,18 @@ static int __ieee80211_start_scan(struct ieee80211_sub_if_data *sdata,
433 struct cfg80211_scan_request *req) 351 struct cfg80211_scan_request *req)
434{ 352{
435 struct ieee80211_local *local = sdata->local; 353 struct ieee80211_local *local = sdata->local;
436 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
437 int rc; 354 int rc;
438 355
439 if (local->scan_req) 356 if (local->scan_req)
440 return -EBUSY; 357 return -EBUSY;
441 358
359 if (!list_empty(&local->work_list)) {
360 /* wait for the work to finish/time out */
361 local->scan_req = req;
362 local->scan_sdata = sdata;
363 return 0;
364 }
365
442 if (local->ops->hw_scan) { 366 if (local->ops->hw_scan) {
443 u8 *ies; 367 u8 *ies;
444 368
@@ -458,45 +382,32 @@ static int __ieee80211_start_scan(struct ieee80211_sub_if_data *sdata,
458 local->hw_scan_req->ie = ies; 382 local->hw_scan_req->ie = ies;
459 383
460 local->hw_scan_band = 0; 384 local->hw_scan_band = 0;
385
386 /*
387 * After allocating local->hw_scan_req, we must
388 * go through until ieee80211_prep_hw_scan(), so
389 * anything that might be changed here and leave
390 * this function early must not go after this
391 * allocation.
392 */
461 } 393 }
462 394
463 local->scan_req = req; 395 local->scan_req = req;
464 local->scan_sdata = sdata; 396 local->scan_sdata = sdata;
465 397
466 if (req != local->int_scan_req &&
467 sdata->vif.type == NL80211_IFTYPE_STATION &&
468 !list_empty(&ifmgd->work_list)) {
469 /* actually wait for the work it's doing to finish/time out */
470 set_bit(IEEE80211_STA_REQ_SCAN, &ifmgd->request);
471 return 0;
472 }
473
474 if (local->ops->hw_scan) 398 if (local->ops->hw_scan)
475 __set_bit(SCAN_HW_SCANNING, &local->scanning); 399 __set_bit(SCAN_HW_SCANNING, &local->scanning);
476 else 400 else
477 __set_bit(SCAN_SW_SCANNING, &local->scanning); 401 __set_bit(SCAN_SW_SCANNING, &local->scanning);
478 /*
479 * Kicking off the scan need not be protected,
480 * only the scan variable stuff, since now
481 * local->scan_req is assigned and other callers
482 * will abort their scan attempts.
483 *
484 * This avoids getting a scan_mtx -> iflist_mtx
485 * dependency, so that the scan completed calls
486 * have more locking freedom.
487 */
488 402
489 ieee80211_recalc_idle(local); 403 ieee80211_recalc_idle(local);
490 mutex_unlock(&local->scan_mtx);
491 404
492 if (local->ops->hw_scan) { 405 if (local->ops->hw_scan) {
493 WARN_ON(!ieee80211_prep_hw_scan(local)); 406 WARN_ON(!ieee80211_prep_hw_scan(local));
494 rc = drv_hw_scan(local, local->hw_scan_req); 407 rc = drv_hw_scan(local, sdata, local->hw_scan_req);
495 } else 408 } else
496 rc = ieee80211_start_sw_scan(local); 409 rc = ieee80211_start_sw_scan(local);
497 410
498 mutex_lock(&local->scan_mtx);
499
500 if (rc) { 411 if (rc) {
501 kfree(local->hw_scan_req); 412 kfree(local->hw_scan_req);
502 local->hw_scan_req = NULL; 413 local->hw_scan_req = NULL;
@@ -511,11 +422,28 @@ static int __ieee80211_start_scan(struct ieee80211_sub_if_data *sdata,
511 return rc; 422 return rc;
512} 423}
513 424
425static unsigned long
426ieee80211_scan_get_channel_time(struct ieee80211_channel *chan)
427{
428 /*
429 * TODO: channel switching also consumes quite some time,
430 * add that delay as well to get a better estimation
431 */
432 if (chan->flags & IEEE80211_CHAN_PASSIVE_SCAN)
433 return IEEE80211_PASSIVE_CHANNEL_TIME;
434 return IEEE80211_PROBE_DELAY + IEEE80211_CHANNEL_TIME;
435}
436
514static int ieee80211_scan_state_decision(struct ieee80211_local *local, 437static int ieee80211_scan_state_decision(struct ieee80211_local *local,
515 unsigned long *next_delay) 438 unsigned long *next_delay)
516{ 439{
517 bool associated = false; 440 bool associated = false;
441 bool tx_empty = true;
442 bool bad_latency;
443 bool listen_int_exceeded;
444 unsigned long min_beacon_int = 0;
518 struct ieee80211_sub_if_data *sdata; 445 struct ieee80211_sub_if_data *sdata;
446 struct ieee80211_channel *next_chan;
519 447
520 /* if no more bands/channels left, complete scan and advance to the idle state */ 448 /* if no more bands/channels left, complete scan and advance to the idle state */
521 if (local->scan_channel_idx >= local->scan_req->n_channels) { 449 if (local->scan_channel_idx >= local->scan_req->n_channels) {
@@ -523,16 +451,29 @@ static int ieee80211_scan_state_decision(struct ieee80211_local *local,
523 return 1; 451 return 1;
524 } 452 }
525 453
526 /* check if at least one STA interface is associated */ 454 /*
455 * check if at least one STA interface is associated,
456 * check if at least one STA interface has pending tx frames
457 * and grab the lowest used beacon interval
458 */
527 mutex_lock(&local->iflist_mtx); 459 mutex_lock(&local->iflist_mtx);
528 list_for_each_entry(sdata, &local->interfaces, list) { 460 list_for_each_entry(sdata, &local->interfaces, list) {
529 if (!netif_running(sdata->dev)) 461 if (!ieee80211_sdata_running(sdata))
530 continue; 462 continue;
531 463
532 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 464 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
533 if (sdata->u.mgd.associated) { 465 if (sdata->u.mgd.associated) {
534 associated = true; 466 associated = true;
535 break; 467
468 if (sdata->vif.bss_conf.beacon_int <
469 min_beacon_int || min_beacon_int == 0)
470 min_beacon_int =
471 sdata->vif.bss_conf.beacon_int;
472
473 if (!qdisc_all_tx_empty(sdata->dev)) {
474 tx_empty = false;
475 break;
476 }
536 } 477 }
537 } 478 }
538 } 479 }
@@ -541,11 +482,34 @@ static int ieee80211_scan_state_decision(struct ieee80211_local *local,
541 if (local->scan_channel) { 482 if (local->scan_channel) {
542 /* 483 /*
543 * we're currently scanning a different channel, let's 484 * we're currently scanning a different channel, let's
544 * switch back to the operating channel now if at least 485 * see if we can scan another channel without interfering
545 * one interface is associated. Otherwise just scan the 486 * with the current traffic situation.
546 * next channel 487 *
488 * Since we don't know if the AP has pending frames for us
489 * we can only check for our tx queues and use the current
490 * pm_qos requirements for rx. Hence, if no tx traffic occurs
491 * at all we will scan as many channels in a row as the pm_qos
492 * latency allows us to. Additionally we also check for the
493 * currently negotiated listen interval to prevent losing
494 * frames unnecessarily.
495 *
496 * Otherwise switch back to the operating channel.
547 */ 497 */
548 if (associated) 498 next_chan = local->scan_req->channels[local->scan_channel_idx];
499
500 bad_latency = time_after(jiffies +
501 ieee80211_scan_get_channel_time(next_chan),
502 local->leave_oper_channel_time +
503 usecs_to_jiffies(pm_qos_request(PM_QOS_NETWORK_LATENCY)));
504
505 listen_int_exceeded = time_after(jiffies +
506 ieee80211_scan_get_channel_time(next_chan),
507 local->leave_oper_channel_time +
508 usecs_to_jiffies(min_beacon_int * 1024) *
509 local->hw.conf.listen_interval);
510
511 if (associated && ( !tx_empty || bad_latency ||
512 listen_int_exceeded))
549 local->next_scan_state = SCAN_ENTER_OPER_CHANNEL; 513 local->next_scan_state = SCAN_ENTER_OPER_CHANNEL;
550 else 514 else
551 local->next_scan_state = SCAN_SET_CHANNEL; 515 local->next_scan_state = SCAN_SET_CHANNEL;
@@ -564,56 +528,38 @@ static int ieee80211_scan_state_decision(struct ieee80211_local *local,
564static void ieee80211_scan_state_leave_oper_channel(struct ieee80211_local *local, 528static void ieee80211_scan_state_leave_oper_channel(struct ieee80211_local *local,
565 unsigned long *next_delay) 529 unsigned long *next_delay)
566{ 530{
567 struct ieee80211_sub_if_data *sdata; 531 ieee80211_offchannel_stop_station(local);
532
533 __set_bit(SCAN_OFF_CHANNEL, &local->scanning);
568 534
569 /* 535 /*
570 * notify the AP about us leaving the channel and stop all STA interfaces 536 * What if the nullfunc frames didn't arrive?
571 */ 537 */
572 mutex_lock(&local->iflist_mtx); 538 drv_flush(local, false);
573 list_for_each_entry(sdata, &local->interfaces, list) { 539 if (local->ops->flush)
574 if (!netif_running(sdata->dev)) 540 *next_delay = 0;
575 continue; 541 else
576 542 *next_delay = HZ / 10;
577 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
578 netif_tx_stop_all_queues(sdata->dev);
579 if (sdata->u.mgd.associated)
580 ieee80211_scan_ps_enable(sdata);
581 }
582 }
583 mutex_unlock(&local->iflist_mtx);
584 543
585 __set_bit(SCAN_OFF_CHANNEL, &local->scanning); 544 /* remember when we left the operating channel */
545 local->leave_oper_channel_time = jiffies;
586 546
587 /* advance to the next channel to be scanned */ 547 /* advance to the next channel to be scanned */
588 *next_delay = HZ / 10;
589 local->next_scan_state = SCAN_SET_CHANNEL; 548 local->next_scan_state = SCAN_SET_CHANNEL;
590} 549}
591 550
592static void ieee80211_scan_state_enter_oper_channel(struct ieee80211_local *local, 551static void ieee80211_scan_state_enter_oper_channel(struct ieee80211_local *local,
593 unsigned long *next_delay) 552 unsigned long *next_delay)
594{ 553{
595 struct ieee80211_sub_if_data *sdata = local->scan_sdata;
596
597 /* switch back to the operating channel */ 554 /* switch back to the operating channel */
598 local->scan_channel = NULL; 555 local->scan_channel = NULL;
599 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL); 556 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL);
600 557
601 /* 558 /*
602 * notify the AP about us being back and restart all STA interfaces 559 * Only re-enable station mode interface now; beaconing will be
560 * re-enabled once the full scan has been completed.
603 */ 561 */
604 mutex_lock(&local->iflist_mtx); 562 ieee80211_offchannel_return(local, false);
605 list_for_each_entry(sdata, &local->interfaces, list) {
606 if (!netif_running(sdata->dev))
607 continue;
608
609 /* Tell AP we're back */
610 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
611 if (sdata->u.mgd.associated)
612 ieee80211_scan_ps_disable(sdata);
613 netif_tx_wake_all_queues(sdata->dev);
614 }
615 }
616 mutex_unlock(&local->iflist_mtx);
617 563
618 __clear_bit(SCAN_OFF_CHANNEL, &local->scanning); 564 __clear_bit(SCAN_OFF_CHANNEL, &local->scanning);
619 565
@@ -700,7 +646,7 @@ void ieee80211_scan_work(struct work_struct *work)
700 } 646 }
701 647
702 if (local->hw_scan_req) { 648 if (local->hw_scan_req) {
703 int rc = drv_hw_scan(local, local->hw_scan_req); 649 int rc = drv_hw_scan(local, sdata, local->hw_scan_req);
704 mutex_unlock(&local->scan_mtx); 650 mutex_unlock(&local->scan_mtx);
705 if (rc) 651 if (rc)
706 ieee80211_scan_completed(&local->hw, true); 652 ieee80211_scan_completed(&local->hw, true);
@@ -727,7 +673,7 @@ void ieee80211_scan_work(struct work_struct *work)
727 /* 673 /*
728 * Avoid re-scheduling when the sdata is going away. 674 * Avoid re-scheduling when the sdata is going away.
729 */ 675 */
730 if (!netif_running(sdata->dev)) { 676 if (!ieee80211_sdata_running(sdata)) {
731 ieee80211_scan_completed(&local->hw, true); 677 ieee80211_scan_completed(&local->hw, true);
732 return; 678 return;
733 } 679 }
@@ -773,10 +719,12 @@ int ieee80211_request_scan(struct ieee80211_sub_if_data *sdata,
773} 719}
774 720
775int ieee80211_request_internal_scan(struct ieee80211_sub_if_data *sdata, 721int ieee80211_request_internal_scan(struct ieee80211_sub_if_data *sdata,
776 const u8 *ssid, u8 ssid_len) 722 const u8 *ssid, u8 ssid_len,
723 struct ieee80211_channel *chan)
777{ 724{
778 struct ieee80211_local *local = sdata->local; 725 struct ieee80211_local *local = sdata->local;
779 int ret = -EBUSY; 726 int ret = -EBUSY;
727 enum ieee80211_band band;
780 728
781 mutex_lock(&local->scan_mtx); 729 mutex_lock(&local->scan_mtx);
782 730
@@ -784,6 +732,30 @@ int ieee80211_request_internal_scan(struct ieee80211_sub_if_data *sdata,
784 if (local->scan_req) 732 if (local->scan_req)
785 goto unlock; 733 goto unlock;
786 734
735 /* fill internal scan request */
736 if (!chan) {
737 int i, nchan = 0;
738
739 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
740 if (!local->hw.wiphy->bands[band])
741 continue;
742 for (i = 0;
743 i < local->hw.wiphy->bands[band]->n_channels;
744 i++) {
745 local->int_scan_req->channels[nchan] =
746 &local->hw.wiphy->bands[band]->channels[i];
747 nchan++;
748 }
749 }
750
751 local->int_scan_req->n_channels = nchan;
752 } else {
753 local->int_scan_req->channels[0] = chan;
754 local->int_scan_req->n_channels = 1;
755 }
756
757 local->int_scan_req->ssids = &local->scan_ssid;
758 local->int_scan_req->n_ssids = 1;
787 memcpy(local->int_scan_req->ssids[0].ssid, ssid, IEEE80211_MAX_SSID_LEN); 759 memcpy(local->int_scan_req->ssids[0].ssid, ssid, IEEE80211_MAX_SSID_LEN);
788 local->int_scan_req->ssids[0].ssid_len = ssid_len; 760 local->int_scan_req->ssids[0].ssid_len = ssid_len;
789 761
generated by cgit v1.2.2 (git 2.25.0) at 2025-12-10 23:05:50 -0500