mesh_hwmp.c (38572B)
1// SPDX-License-Identifier: GPL-2.0-only 2/* 3 * Copyright (c) 2008, 2009 open80211s Ltd. 4 * Copyright (C) 2019, 2021 Intel Corporation 5 * Author: Luis Carlos Cobo <luisca@cozybit.com> 6 */ 7 8#include <linux/slab.h> 9#include <linux/etherdevice.h> 10#include <asm/unaligned.h> 11#include "wme.h" 12#include "mesh.h" 13 14#define TEST_FRAME_LEN 8192 15#define MAX_METRIC 0xffffffff 16#define ARITH_SHIFT 8 17#define LINK_FAIL_THRESH 95 18 19#define MAX_PREQ_QUEUE_LEN 64 20 21static void mesh_queue_preq(struct mesh_path *, u8); 22 23static inline u32 u32_field_get(const u8 *preq_elem, int offset, bool ae) 24{ 25 if (ae) 26 offset += 6; 27 return get_unaligned_le32(preq_elem + offset); 28} 29 30static inline u16 u16_field_get(const u8 *preq_elem, int offset, bool ae) 31{ 32 if (ae) 33 offset += 6; 34 return get_unaligned_le16(preq_elem + offset); 35} 36 37/* HWMP IE processing macros */ 38#define AE_F (1<<6) 39#define AE_F_SET(x) (*x & AE_F) 40#define PREQ_IE_FLAGS(x) (*(x)) 41#define PREQ_IE_HOPCOUNT(x) (*(x + 1)) 42#define PREQ_IE_TTL(x) (*(x + 2)) 43#define PREQ_IE_PREQ_ID(x) u32_field_get(x, 3, 0) 44#define PREQ_IE_ORIG_ADDR(x) (x + 7) 45#define PREQ_IE_ORIG_SN(x) u32_field_get(x, 13, 0) 46#define PREQ_IE_LIFETIME(x) u32_field_get(x, 17, AE_F_SET(x)) 47#define PREQ_IE_METRIC(x) u32_field_get(x, 21, AE_F_SET(x)) 48#define PREQ_IE_TARGET_F(x) (*(AE_F_SET(x) ? x + 32 : x + 26)) 49#define PREQ_IE_TARGET_ADDR(x) (AE_F_SET(x) ? x + 33 : x + 27) 50#define PREQ_IE_TARGET_SN(x) u32_field_get(x, 33, AE_F_SET(x)) 51 52 53#define PREP_IE_FLAGS(x) PREQ_IE_FLAGS(x) 54#define PREP_IE_HOPCOUNT(x) PREQ_IE_HOPCOUNT(x) 55#define PREP_IE_TTL(x) PREQ_IE_TTL(x) 56#define PREP_IE_ORIG_ADDR(x) (AE_F_SET(x) ? x + 27 : x + 21) 57#define PREP_IE_ORIG_SN(x) u32_field_get(x, 27, AE_F_SET(x)) 58#define PREP_IE_LIFETIME(x) u32_field_get(x, 13, AE_F_SET(x)) 59#define PREP_IE_METRIC(x) u32_field_get(x, 17, AE_F_SET(x)) 60#define PREP_IE_TARGET_ADDR(x) (x + 3) 61#define PREP_IE_TARGET_SN(x) u32_field_get(x, 9, 0) 62 63#define PERR_IE_TTL(x) (*(x)) 64#define PERR_IE_TARGET_FLAGS(x) (*(x + 2)) 65#define PERR_IE_TARGET_ADDR(x) (x + 3) 66#define PERR_IE_TARGET_SN(x) u32_field_get(x, 9, 0) 67#define PERR_IE_TARGET_RCODE(x) u16_field_get(x, 13, 0) 68 69#define MSEC_TO_TU(x) (x*1000/1024) 70#define SN_GT(x, y) ((s32)(y - x) < 0) 71#define SN_LT(x, y) ((s32)(x - y) < 0) 72#define MAX_SANE_SN_DELTA 32 73 74static inline u32 SN_DELTA(u32 x, u32 y) 75{ 76 return x >= y ? x - y : y - x; 77} 78 79#define net_traversal_jiffies(s) \ 80 msecs_to_jiffies(s->u.mesh.mshcfg.dot11MeshHWMPnetDiameterTraversalTime) 81#define default_lifetime(s) \ 82 MSEC_TO_TU(s->u.mesh.mshcfg.dot11MeshHWMPactivePathTimeout) 83#define min_preq_int_jiff(s) \ 84 (msecs_to_jiffies(s->u.mesh.mshcfg.dot11MeshHWMPpreqMinInterval)) 85#define max_preq_retries(s) (s->u.mesh.mshcfg.dot11MeshHWMPmaxPREQretries) 86#define disc_timeout_jiff(s) \ 87 msecs_to_jiffies(sdata->u.mesh.mshcfg.min_discovery_timeout) 88#define root_path_confirmation_jiffies(s) \ 89 msecs_to_jiffies(sdata->u.mesh.mshcfg.dot11MeshHWMPconfirmationInterval) 90 91enum mpath_frame_type { 92 MPATH_PREQ = 0, 93 MPATH_PREP, 94 MPATH_PERR, 95 MPATH_RANN 96}; 97 98static const u8 broadcast_addr[ETH_ALEN] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff}; 99 100static int mesh_path_sel_frame_tx(enum mpath_frame_type action, u8 flags, 101 const u8 *orig_addr, u32 orig_sn, 102 u8 target_flags, const u8 *target, 103 u32 target_sn, const u8 *da, 104 u8 hop_count, u8 ttl, 105 u32 lifetime, u32 metric, u32 preq_id, 106 struct ieee80211_sub_if_data *sdata) 107{ 108 struct ieee80211_local *local = sdata->local; 109 struct sk_buff *skb; 110 struct ieee80211_mgmt *mgmt; 111 u8 *pos, ie_len; 112 int hdr_len = offsetofend(struct ieee80211_mgmt, 113 u.action.u.mesh_action); 114 115 skb = dev_alloc_skb(local->tx_headroom + 116 hdr_len + 117 2 + 37); /* max HWMP IE */ 118 if (!skb) 119 return -1; 120 skb_reserve(skb, local->tx_headroom); 121 mgmt = skb_put_zero(skb, hdr_len); 122 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 123 IEEE80211_STYPE_ACTION); 124 125 memcpy(mgmt->da, da, ETH_ALEN); 126 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN); 127 /* BSSID == SA */ 128 memcpy(mgmt->bssid, sdata->vif.addr, ETH_ALEN); 129 mgmt->u.action.category = WLAN_CATEGORY_MESH_ACTION; 130 mgmt->u.action.u.mesh_action.action_code = 131 WLAN_MESH_ACTION_HWMP_PATH_SELECTION; 132 133 switch (action) { 134 case MPATH_PREQ: 135 mhwmp_dbg(sdata, "sending PREQ to %pM\n", target); 136 ie_len = 37; 137 pos = skb_put(skb, 2 + ie_len); 138 *pos++ = WLAN_EID_PREQ; 139 break; 140 case MPATH_PREP: 141 mhwmp_dbg(sdata, "sending PREP to %pM\n", orig_addr); 142 ie_len = 31; 143 pos = skb_put(skb, 2 + ie_len); 144 *pos++ = WLAN_EID_PREP; 145 break; 146 case MPATH_RANN: 147 mhwmp_dbg(sdata, "sending RANN from %pM\n", orig_addr); 148 ie_len = sizeof(struct ieee80211_rann_ie); 149 pos = skb_put(skb, 2 + ie_len); 150 *pos++ = WLAN_EID_RANN; 151 break; 152 default: 153 kfree_skb(skb); 154 return -ENOTSUPP; 155 } 156 *pos++ = ie_len; 157 *pos++ = flags; 158 *pos++ = hop_count; 159 *pos++ = ttl; 160 if (action == MPATH_PREP) { 161 memcpy(pos, target, ETH_ALEN); 162 pos += ETH_ALEN; 163 put_unaligned_le32(target_sn, pos); 164 pos += 4; 165 } else { 166 if (action == MPATH_PREQ) { 167 put_unaligned_le32(preq_id, pos); 168 pos += 4; 169 } 170 memcpy(pos, orig_addr, ETH_ALEN); 171 pos += ETH_ALEN; 172 put_unaligned_le32(orig_sn, pos); 173 pos += 4; 174 } 175 put_unaligned_le32(lifetime, pos); /* interval for RANN */ 176 pos += 4; 177 put_unaligned_le32(metric, pos); 178 pos += 4; 179 if (action == MPATH_PREQ) { 180 *pos++ = 1; /* destination count */ 181 *pos++ = target_flags; 182 memcpy(pos, target, ETH_ALEN); 183 pos += ETH_ALEN; 184 put_unaligned_le32(target_sn, pos); 185 pos += 4; 186 } else if (action == MPATH_PREP) { 187 memcpy(pos, orig_addr, ETH_ALEN); 188 pos += ETH_ALEN; 189 put_unaligned_le32(orig_sn, pos); 190 pos += 4; 191 } 192 193 ieee80211_tx_skb(sdata, skb); 194 return 0; 195} 196 197 198/* Headroom is not adjusted. Caller should ensure that skb has sufficient 199 * headroom in case the frame is encrypted. */ 200static void prepare_frame_for_deferred_tx(struct ieee80211_sub_if_data *sdata, 201 struct sk_buff *skb) 202{ 203 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 204 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 205 206 skb_reset_mac_header(skb); 207 skb_reset_network_header(skb); 208 skb_reset_transport_header(skb); 209 210 /* Send all internal mgmt frames on VO. Accordingly set TID to 7. */ 211 skb_set_queue_mapping(skb, IEEE80211_AC_VO); 212 skb->priority = 7; 213 214 info->control.vif = &sdata->vif; 215 info->control.flags |= IEEE80211_TX_INTCFL_NEED_TXPROCESSING; 216 ieee80211_set_qos_hdr(sdata, skb); 217 ieee80211_mps_set_frame_flags(sdata, NULL, hdr); 218} 219 220/** 221 * mesh_path_error_tx - Sends a PERR mesh management frame 222 * 223 * @ttl: allowed remaining hops 224 * @target: broken destination 225 * @target_sn: SN of the broken destination 226 * @target_rcode: reason code for this PERR 227 * @ra: node this frame is addressed to 228 * @sdata: local mesh subif 229 * 230 * Note: This function may be called with driver locks taken that the driver 231 * also acquires in the TX path. To avoid a deadlock we don't transmit the 232 * frame directly but add it to the pending queue instead. 233 */ 234int mesh_path_error_tx(struct ieee80211_sub_if_data *sdata, 235 u8 ttl, const u8 *target, u32 target_sn, 236 u16 target_rcode, const u8 *ra) 237{ 238 struct ieee80211_local *local = sdata->local; 239 struct sk_buff *skb; 240 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; 241 struct ieee80211_mgmt *mgmt; 242 u8 *pos, ie_len; 243 int hdr_len = offsetofend(struct ieee80211_mgmt, 244 u.action.u.mesh_action); 245 246 if (time_before(jiffies, ifmsh->next_perr)) 247 return -EAGAIN; 248 249 skb = dev_alloc_skb(local->tx_headroom + 250 sdata->encrypt_headroom + 251 IEEE80211_ENCRYPT_TAILROOM + 252 hdr_len + 253 2 + 15 /* PERR IE */); 254 if (!skb) 255 return -1; 256 skb_reserve(skb, local->tx_headroom + sdata->encrypt_headroom); 257 mgmt = skb_put_zero(skb, hdr_len); 258 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 259 IEEE80211_STYPE_ACTION); 260 261 memcpy(mgmt->da, ra, ETH_ALEN); 262 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN); 263 /* BSSID == SA */ 264 memcpy(mgmt->bssid, sdata->vif.addr, ETH_ALEN); 265 mgmt->u.action.category = WLAN_CATEGORY_MESH_ACTION; 266 mgmt->u.action.u.mesh_action.action_code = 267 WLAN_MESH_ACTION_HWMP_PATH_SELECTION; 268 ie_len = 15; 269 pos = skb_put(skb, 2 + ie_len); 270 *pos++ = WLAN_EID_PERR; 271 *pos++ = ie_len; 272 /* ttl */ 273 *pos++ = ttl; 274 /* number of destinations */ 275 *pos++ = 1; 276 /* Flags field has AE bit only as defined in 277 * sec 8.4.2.117 IEEE802.11-2012 278 */ 279 *pos = 0; 280 pos++; 281 memcpy(pos, target, ETH_ALEN); 282 pos += ETH_ALEN; 283 put_unaligned_le32(target_sn, pos); 284 pos += 4; 285 put_unaligned_le16(target_rcode, pos); 286 287 /* see note in function header */ 288 prepare_frame_for_deferred_tx(sdata, skb); 289 ifmsh->next_perr = TU_TO_EXP_TIME( 290 ifmsh->mshcfg.dot11MeshHWMPperrMinInterval); 291 ieee80211_add_pending_skb(local, skb); 292 return 0; 293} 294 295void ieee80211s_update_metric(struct ieee80211_local *local, 296 struct sta_info *sta, 297 struct ieee80211_tx_status *st) 298{ 299 struct ieee80211_tx_info *txinfo = st->info; 300 int failed; 301 struct rate_info rinfo; 302 303 failed = !(txinfo->flags & IEEE80211_TX_STAT_ACK); 304 305 /* moving average, scaled to 100. 306 * feed failure as 100 and success as 0 307 */ 308 ewma_mesh_fail_avg_add(&sta->mesh->fail_avg, failed * 100); 309 if (ewma_mesh_fail_avg_read(&sta->mesh->fail_avg) > 310 LINK_FAIL_THRESH) 311 mesh_plink_broken(sta); 312 313 sta_set_rate_info_tx(sta, &sta->deflink.tx_stats.last_rate, &rinfo); 314 ewma_mesh_tx_rate_avg_add(&sta->mesh->tx_rate_avg, 315 cfg80211_calculate_bitrate(&rinfo)); 316} 317 318u32 airtime_link_metric_get(struct ieee80211_local *local, 319 struct sta_info *sta) 320{ 321 /* This should be adjusted for each device */ 322 int device_constant = 1 << ARITH_SHIFT; 323 int test_frame_len = TEST_FRAME_LEN << ARITH_SHIFT; 324 int s_unit = 1 << ARITH_SHIFT; 325 int rate, err; 326 u32 tx_time, estimated_retx; 327 u64 result; 328 unsigned long fail_avg = 329 ewma_mesh_fail_avg_read(&sta->mesh->fail_avg); 330 331 if (sta->mesh->plink_state != NL80211_PLINK_ESTAB) 332 return MAX_METRIC; 333 334 /* Try to get rate based on HW/SW RC algorithm. 335 * Rate is returned in units of Kbps, correct this 336 * to comply with airtime calculation units 337 * Round up in case we get rate < 100Kbps 338 */ 339 rate = DIV_ROUND_UP(sta_get_expected_throughput(sta), 100); 340 341 if (rate) { 342 err = 0; 343 } else { 344 if (fail_avg > LINK_FAIL_THRESH) 345 return MAX_METRIC; 346 347 rate = ewma_mesh_tx_rate_avg_read(&sta->mesh->tx_rate_avg); 348 if (WARN_ON(!rate)) 349 return MAX_METRIC; 350 351 err = (fail_avg << ARITH_SHIFT) / 100; 352 } 353 354 /* bitrate is in units of 100 Kbps, while we need rate in units of 355 * 1Mbps. This will be corrected on tx_time computation. 356 */ 357 tx_time = (device_constant + 10 * test_frame_len / rate); 358 estimated_retx = ((1 << (2 * ARITH_SHIFT)) / (s_unit - err)); 359 result = ((u64)tx_time * estimated_retx) >> (2 * ARITH_SHIFT); 360 return (u32)result; 361} 362 363/** 364 * hwmp_route_info_get - Update routing info to originator and transmitter 365 * 366 * @sdata: local mesh subif 367 * @mgmt: mesh management frame 368 * @hwmp_ie: hwmp information element (PREP or PREQ) 369 * @action: type of hwmp ie 370 * 371 * This function updates the path routing information to the originator and the 372 * transmitter of a HWMP PREQ or PREP frame. 373 * 374 * Returns: metric to frame originator or 0 if the frame should not be further 375 * processed 376 * 377 * Notes: this function is the only place (besides user-provided info) where 378 * path routing information is updated. 379 */ 380static u32 hwmp_route_info_get(struct ieee80211_sub_if_data *sdata, 381 struct ieee80211_mgmt *mgmt, 382 const u8 *hwmp_ie, enum mpath_frame_type action) 383{ 384 struct ieee80211_local *local = sdata->local; 385 struct mesh_path *mpath; 386 struct sta_info *sta; 387 bool fresh_info; 388 const u8 *orig_addr, *ta; 389 u32 orig_sn, orig_metric; 390 unsigned long orig_lifetime, exp_time; 391 u32 last_hop_metric, new_metric; 392 bool process = true; 393 u8 hopcount; 394 395 rcu_read_lock(); 396 sta = sta_info_get(sdata, mgmt->sa); 397 if (!sta) { 398 rcu_read_unlock(); 399 return 0; 400 } 401 402 last_hop_metric = airtime_link_metric_get(local, sta); 403 /* Update and check originator routing info */ 404 fresh_info = true; 405 406 switch (action) { 407 case MPATH_PREQ: 408 orig_addr = PREQ_IE_ORIG_ADDR(hwmp_ie); 409 orig_sn = PREQ_IE_ORIG_SN(hwmp_ie); 410 orig_lifetime = PREQ_IE_LIFETIME(hwmp_ie); 411 orig_metric = PREQ_IE_METRIC(hwmp_ie); 412 hopcount = PREQ_IE_HOPCOUNT(hwmp_ie) + 1; 413 break; 414 case MPATH_PREP: 415 /* Originator here refers to the MP that was the target in the 416 * Path Request. We divert from the nomenclature in the draft 417 * so that we can easily use a single function to gather path 418 * information from both PREQ and PREP frames. 419 */ 420 orig_addr = PREP_IE_TARGET_ADDR(hwmp_ie); 421 orig_sn = PREP_IE_TARGET_SN(hwmp_ie); 422 orig_lifetime = PREP_IE_LIFETIME(hwmp_ie); 423 orig_metric = PREP_IE_METRIC(hwmp_ie); 424 hopcount = PREP_IE_HOPCOUNT(hwmp_ie) + 1; 425 break; 426 default: 427 rcu_read_unlock(); 428 return 0; 429 } 430 new_metric = orig_metric + last_hop_metric; 431 if (new_metric < orig_metric) 432 new_metric = MAX_METRIC; 433 exp_time = TU_TO_EXP_TIME(orig_lifetime); 434 435 if (ether_addr_equal(orig_addr, sdata->vif.addr)) { 436 /* This MP is the originator, we are not interested in this 437 * frame, except for updating transmitter's path info. 438 */ 439 process = false; 440 fresh_info = false; 441 } else { 442 mpath = mesh_path_lookup(sdata, orig_addr); 443 if (mpath) { 444 spin_lock_bh(&mpath->state_lock); 445 if (mpath->flags & MESH_PATH_FIXED) 446 fresh_info = false; 447 else if ((mpath->flags & MESH_PATH_ACTIVE) && 448 (mpath->flags & MESH_PATH_SN_VALID)) { 449 if (SN_GT(mpath->sn, orig_sn) || 450 (mpath->sn == orig_sn && 451 (rcu_access_pointer(mpath->next_hop) != 452 sta ? 453 mult_frac(new_metric, 10, 9) : 454 new_metric) >= mpath->metric)) { 455 process = false; 456 fresh_info = false; 457 } 458 } else if (!(mpath->flags & MESH_PATH_ACTIVE)) { 459 bool have_sn, newer_sn, bounced; 460 461 have_sn = mpath->flags & MESH_PATH_SN_VALID; 462 newer_sn = have_sn && SN_GT(orig_sn, mpath->sn); 463 bounced = have_sn && 464 (SN_DELTA(orig_sn, mpath->sn) > 465 MAX_SANE_SN_DELTA); 466 467 if (!have_sn || newer_sn) { 468 /* if SN is newer than what we had 469 * then we can take it */; 470 } else if (bounced) { 471 /* if SN is way different than what 472 * we had then assume the other side 473 * rebooted or restarted */; 474 } else { 475 process = false; 476 fresh_info = false; 477 } 478 } 479 } else { 480 mpath = mesh_path_add(sdata, orig_addr); 481 if (IS_ERR(mpath)) { 482 rcu_read_unlock(); 483 return 0; 484 } 485 spin_lock_bh(&mpath->state_lock); 486 } 487 488 if (fresh_info) { 489 if (rcu_access_pointer(mpath->next_hop) != sta) 490 mpath->path_change_count++; 491 mesh_path_assign_nexthop(mpath, sta); 492 mpath->flags |= MESH_PATH_SN_VALID; 493 mpath->metric = new_metric; 494 mpath->sn = orig_sn; 495 mpath->exp_time = time_after(mpath->exp_time, exp_time) 496 ? mpath->exp_time : exp_time; 497 mpath->hop_count = hopcount; 498 mesh_path_activate(mpath); 499 spin_unlock_bh(&mpath->state_lock); 500 ewma_mesh_fail_avg_init(&sta->mesh->fail_avg); 501 /* init it at a low value - 0 start is tricky */ 502 ewma_mesh_fail_avg_add(&sta->mesh->fail_avg, 1); 503 mesh_path_tx_pending(mpath); 504 /* draft says preq_id should be saved to, but there does 505 * not seem to be any use for it, skipping by now 506 */ 507 } else 508 spin_unlock_bh(&mpath->state_lock); 509 } 510 511 /* Update and check transmitter routing info */ 512 ta = mgmt->sa; 513 if (ether_addr_equal(orig_addr, ta)) 514 fresh_info = false; 515 else { 516 fresh_info = true; 517 518 mpath = mesh_path_lookup(sdata, ta); 519 if (mpath) { 520 spin_lock_bh(&mpath->state_lock); 521 if ((mpath->flags & MESH_PATH_FIXED) || 522 ((mpath->flags & MESH_PATH_ACTIVE) && 523 ((rcu_access_pointer(mpath->next_hop) != sta ? 524 mult_frac(last_hop_metric, 10, 9) : 525 last_hop_metric) > mpath->metric))) 526 fresh_info = false; 527 } else { 528 mpath = mesh_path_add(sdata, ta); 529 if (IS_ERR(mpath)) { 530 rcu_read_unlock(); 531 return 0; 532 } 533 spin_lock_bh(&mpath->state_lock); 534 } 535 536 if (fresh_info) { 537 if (rcu_access_pointer(mpath->next_hop) != sta) 538 mpath->path_change_count++; 539 mesh_path_assign_nexthop(mpath, sta); 540 mpath->metric = last_hop_metric; 541 mpath->exp_time = time_after(mpath->exp_time, exp_time) 542 ? mpath->exp_time : exp_time; 543 mpath->hop_count = 1; 544 mesh_path_activate(mpath); 545 spin_unlock_bh(&mpath->state_lock); 546 ewma_mesh_fail_avg_init(&sta->mesh->fail_avg); 547 /* init it at a low value - 0 start is tricky */ 548 ewma_mesh_fail_avg_add(&sta->mesh->fail_avg, 1); 549 mesh_path_tx_pending(mpath); 550 } else 551 spin_unlock_bh(&mpath->state_lock); 552 } 553 554 rcu_read_unlock(); 555 556 return process ? new_metric : 0; 557} 558 559static void hwmp_preq_frame_process(struct ieee80211_sub_if_data *sdata, 560 struct ieee80211_mgmt *mgmt, 561 const u8 *preq_elem, u32 orig_metric) 562{ 563 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; 564 struct mesh_path *mpath = NULL; 565 const u8 *target_addr, *orig_addr; 566 const u8 *da; 567 u8 target_flags, ttl, flags; 568 u32 orig_sn, target_sn, lifetime, target_metric = 0; 569 bool reply = false; 570 bool forward = true; 571 bool root_is_gate; 572 573 /* Update target SN, if present */ 574 target_addr = PREQ_IE_TARGET_ADDR(preq_elem); 575 orig_addr = PREQ_IE_ORIG_ADDR(preq_elem); 576 target_sn = PREQ_IE_TARGET_SN(preq_elem); 577 orig_sn = PREQ_IE_ORIG_SN(preq_elem); 578 target_flags = PREQ_IE_TARGET_F(preq_elem); 579 /* Proactive PREQ gate announcements */ 580 flags = PREQ_IE_FLAGS(preq_elem); 581 root_is_gate = !!(flags & RANN_FLAG_IS_GATE); 582 583 mhwmp_dbg(sdata, "received PREQ from %pM\n", orig_addr); 584 585 if (ether_addr_equal(target_addr, sdata->vif.addr)) { 586 mhwmp_dbg(sdata, "PREQ is for us\n"); 587 forward = false; 588 reply = true; 589 target_metric = 0; 590 591 if (SN_GT(target_sn, ifmsh->sn)) 592 ifmsh->sn = target_sn; 593 594 if (time_after(jiffies, ifmsh->last_sn_update + 595 net_traversal_jiffies(sdata)) || 596 time_before(jiffies, ifmsh->last_sn_update)) { 597 ++ifmsh->sn; 598 ifmsh->last_sn_update = jiffies; 599 } 600 target_sn = ifmsh->sn; 601 } else if (is_broadcast_ether_addr(target_addr) && 602 (target_flags & IEEE80211_PREQ_TO_FLAG)) { 603 rcu_read_lock(); 604 mpath = mesh_path_lookup(sdata, orig_addr); 605 if (mpath) { 606 if (flags & IEEE80211_PREQ_PROACTIVE_PREP_FLAG) { 607 reply = true; 608 target_addr = sdata->vif.addr; 609 target_sn = ++ifmsh->sn; 610 target_metric = 0; 611 ifmsh->last_sn_update = jiffies; 612 } 613 if (root_is_gate) 614 mesh_path_add_gate(mpath); 615 } 616 rcu_read_unlock(); 617 } else { 618 rcu_read_lock(); 619 mpath = mesh_path_lookup(sdata, target_addr); 620 if (mpath) { 621 if ((!(mpath->flags & MESH_PATH_SN_VALID)) || 622 SN_LT(mpath->sn, target_sn)) { 623 mpath->sn = target_sn; 624 mpath->flags |= MESH_PATH_SN_VALID; 625 } else if ((!(target_flags & IEEE80211_PREQ_TO_FLAG)) && 626 (mpath->flags & MESH_PATH_ACTIVE)) { 627 reply = true; 628 target_metric = mpath->metric; 629 target_sn = mpath->sn; 630 /* Case E2 of sec 13.10.9.3 IEEE 802.11-2012*/ 631 target_flags |= IEEE80211_PREQ_TO_FLAG; 632 } 633 } 634 rcu_read_unlock(); 635 } 636 637 if (reply) { 638 lifetime = PREQ_IE_LIFETIME(preq_elem); 639 ttl = ifmsh->mshcfg.element_ttl; 640 if (ttl != 0) { 641 mhwmp_dbg(sdata, "replying to the PREQ\n"); 642 mesh_path_sel_frame_tx(MPATH_PREP, 0, orig_addr, 643 orig_sn, 0, target_addr, 644 target_sn, mgmt->sa, 0, ttl, 645 lifetime, target_metric, 0, 646 sdata); 647 } else { 648 ifmsh->mshstats.dropped_frames_ttl++; 649 } 650 } 651 652 if (forward && ifmsh->mshcfg.dot11MeshForwarding) { 653 u32 preq_id; 654 u8 hopcount; 655 656 ttl = PREQ_IE_TTL(preq_elem); 657 lifetime = PREQ_IE_LIFETIME(preq_elem); 658 if (ttl <= 1) { 659 ifmsh->mshstats.dropped_frames_ttl++; 660 return; 661 } 662 mhwmp_dbg(sdata, "forwarding the PREQ from %pM\n", orig_addr); 663 --ttl; 664 preq_id = PREQ_IE_PREQ_ID(preq_elem); 665 hopcount = PREQ_IE_HOPCOUNT(preq_elem) + 1; 666 da = (mpath && mpath->is_root) ? 667 mpath->rann_snd_addr : broadcast_addr; 668 669 if (flags & IEEE80211_PREQ_PROACTIVE_PREP_FLAG) { 670 target_addr = PREQ_IE_TARGET_ADDR(preq_elem); 671 target_sn = PREQ_IE_TARGET_SN(preq_elem); 672 } 673 674 mesh_path_sel_frame_tx(MPATH_PREQ, flags, orig_addr, 675 orig_sn, target_flags, target_addr, 676 target_sn, da, hopcount, ttl, lifetime, 677 orig_metric, preq_id, sdata); 678 if (!is_multicast_ether_addr(da)) 679 ifmsh->mshstats.fwded_unicast++; 680 else 681 ifmsh->mshstats.fwded_mcast++; 682 ifmsh->mshstats.fwded_frames++; 683 } 684} 685 686 687static inline struct sta_info * 688next_hop_deref_protected(struct mesh_path *mpath) 689{ 690 return rcu_dereference_protected(mpath->next_hop, 691 lockdep_is_held(&mpath->state_lock)); 692} 693 694 695static void hwmp_prep_frame_process(struct ieee80211_sub_if_data *sdata, 696 struct ieee80211_mgmt *mgmt, 697 const u8 *prep_elem, u32 metric) 698{ 699 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; 700 struct mesh_path *mpath; 701 const u8 *target_addr, *orig_addr; 702 u8 ttl, hopcount, flags; 703 u8 next_hop[ETH_ALEN]; 704 u32 target_sn, orig_sn, lifetime; 705 706 mhwmp_dbg(sdata, "received PREP from %pM\n", 707 PREP_IE_TARGET_ADDR(prep_elem)); 708 709 orig_addr = PREP_IE_ORIG_ADDR(prep_elem); 710 if (ether_addr_equal(orig_addr, sdata->vif.addr)) 711 /* destination, no forwarding required */ 712 return; 713 714 if (!ifmsh->mshcfg.dot11MeshForwarding) 715 return; 716 717 ttl = PREP_IE_TTL(prep_elem); 718 if (ttl <= 1) { 719 sdata->u.mesh.mshstats.dropped_frames_ttl++; 720 return; 721 } 722 723 rcu_read_lock(); 724 mpath = mesh_path_lookup(sdata, orig_addr); 725 if (mpath) 726 spin_lock_bh(&mpath->state_lock); 727 else 728 goto fail; 729 if (!(mpath->flags & MESH_PATH_ACTIVE)) { 730 spin_unlock_bh(&mpath->state_lock); 731 goto fail; 732 } 733 memcpy(next_hop, next_hop_deref_protected(mpath)->sta.addr, ETH_ALEN); 734 spin_unlock_bh(&mpath->state_lock); 735 --ttl; 736 flags = PREP_IE_FLAGS(prep_elem); 737 lifetime = PREP_IE_LIFETIME(prep_elem); 738 hopcount = PREP_IE_HOPCOUNT(prep_elem) + 1; 739 target_addr = PREP_IE_TARGET_ADDR(prep_elem); 740 target_sn = PREP_IE_TARGET_SN(prep_elem); 741 orig_sn = PREP_IE_ORIG_SN(prep_elem); 742 743 mesh_path_sel_frame_tx(MPATH_PREP, flags, orig_addr, orig_sn, 0, 744 target_addr, target_sn, next_hop, hopcount, 745 ttl, lifetime, metric, 0, sdata); 746 rcu_read_unlock(); 747 748 sdata->u.mesh.mshstats.fwded_unicast++; 749 sdata->u.mesh.mshstats.fwded_frames++; 750 return; 751 752fail: 753 rcu_read_unlock(); 754 sdata->u.mesh.mshstats.dropped_frames_no_route++; 755} 756 757static void hwmp_perr_frame_process(struct ieee80211_sub_if_data *sdata, 758 struct ieee80211_mgmt *mgmt, 759 const u8 *perr_elem) 760{ 761 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; 762 struct mesh_path *mpath; 763 u8 ttl; 764 const u8 *ta, *target_addr; 765 u32 target_sn; 766 u16 target_rcode; 767 768 ta = mgmt->sa; 769 ttl = PERR_IE_TTL(perr_elem); 770 if (ttl <= 1) { 771 ifmsh->mshstats.dropped_frames_ttl++; 772 return; 773 } 774 ttl--; 775 target_addr = PERR_IE_TARGET_ADDR(perr_elem); 776 target_sn = PERR_IE_TARGET_SN(perr_elem); 777 target_rcode = PERR_IE_TARGET_RCODE(perr_elem); 778 779 rcu_read_lock(); 780 mpath = mesh_path_lookup(sdata, target_addr); 781 if (mpath) { 782 struct sta_info *sta; 783 784 spin_lock_bh(&mpath->state_lock); 785 sta = next_hop_deref_protected(mpath); 786 if (mpath->flags & MESH_PATH_ACTIVE && 787 ether_addr_equal(ta, sta->sta.addr) && 788 !(mpath->flags & MESH_PATH_FIXED) && 789 (!(mpath->flags & MESH_PATH_SN_VALID) || 790 SN_GT(target_sn, mpath->sn) || target_sn == 0)) { 791 mpath->flags &= ~MESH_PATH_ACTIVE; 792 if (target_sn != 0) 793 mpath->sn = target_sn; 794 else 795 mpath->sn += 1; 796 spin_unlock_bh(&mpath->state_lock); 797 if (!ifmsh->mshcfg.dot11MeshForwarding) 798 goto endperr; 799 mesh_path_error_tx(sdata, ttl, target_addr, 800 target_sn, target_rcode, 801 broadcast_addr); 802 } else 803 spin_unlock_bh(&mpath->state_lock); 804 } 805endperr: 806 rcu_read_unlock(); 807} 808 809static void hwmp_rann_frame_process(struct ieee80211_sub_if_data *sdata, 810 struct ieee80211_mgmt *mgmt, 811 const struct ieee80211_rann_ie *rann) 812{ 813 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; 814 struct ieee80211_local *local = sdata->local; 815 struct sta_info *sta; 816 struct mesh_path *mpath; 817 u8 ttl, flags, hopcount; 818 const u8 *orig_addr; 819 u32 orig_sn, new_metric, orig_metric, last_hop_metric, interval; 820 bool root_is_gate; 821 822 ttl = rann->rann_ttl; 823 flags = rann->rann_flags; 824 root_is_gate = !!(flags & RANN_FLAG_IS_GATE); 825 orig_addr = rann->rann_addr; 826 orig_sn = le32_to_cpu(rann->rann_seq); 827 interval = le32_to_cpu(rann->rann_interval); 828 hopcount = rann->rann_hopcount; 829 hopcount++; 830 orig_metric = le32_to_cpu(rann->rann_metric); 831 832 /* Ignore our own RANNs */ 833 if (ether_addr_equal(orig_addr, sdata->vif.addr)) 834 return; 835 836 mhwmp_dbg(sdata, 837 "received RANN from %pM via neighbour %pM (is_gate=%d)\n", 838 orig_addr, mgmt->sa, root_is_gate); 839 840 rcu_read_lock(); 841 sta = sta_info_get(sdata, mgmt->sa); 842 if (!sta) { 843 rcu_read_unlock(); 844 return; 845 } 846 847 last_hop_metric = airtime_link_metric_get(local, sta); 848 new_metric = orig_metric + last_hop_metric; 849 if (new_metric < orig_metric) 850 new_metric = MAX_METRIC; 851 852 mpath = mesh_path_lookup(sdata, orig_addr); 853 if (!mpath) { 854 mpath = mesh_path_add(sdata, orig_addr); 855 if (IS_ERR(mpath)) { 856 rcu_read_unlock(); 857 sdata->u.mesh.mshstats.dropped_frames_no_route++; 858 return; 859 } 860 } 861 862 if (!(SN_LT(mpath->sn, orig_sn)) && 863 !(mpath->sn == orig_sn && new_metric < mpath->rann_metric)) { 864 rcu_read_unlock(); 865 return; 866 } 867 868 if ((!(mpath->flags & (MESH_PATH_ACTIVE | MESH_PATH_RESOLVING)) || 869 (time_after(jiffies, mpath->last_preq_to_root + 870 root_path_confirmation_jiffies(sdata)) || 871 time_before(jiffies, mpath->last_preq_to_root))) && 872 !(mpath->flags & MESH_PATH_FIXED) && (ttl != 0)) { 873 mhwmp_dbg(sdata, 874 "time to refresh root mpath %pM\n", 875 orig_addr); 876 mesh_queue_preq(mpath, PREQ_Q_F_START | PREQ_Q_F_REFRESH); 877 mpath->last_preq_to_root = jiffies; 878 } 879 880 mpath->sn = orig_sn; 881 mpath->rann_metric = new_metric; 882 mpath->is_root = true; 883 /* Recording RANNs sender address to send individually 884 * addressed PREQs destined for root mesh STA */ 885 memcpy(mpath->rann_snd_addr, mgmt->sa, ETH_ALEN); 886 887 if (root_is_gate) 888 mesh_path_add_gate(mpath); 889 890 if (ttl <= 1) { 891 ifmsh->mshstats.dropped_frames_ttl++; 892 rcu_read_unlock(); 893 return; 894 } 895 ttl--; 896 897 if (ifmsh->mshcfg.dot11MeshForwarding) { 898 mesh_path_sel_frame_tx(MPATH_RANN, flags, orig_addr, 899 orig_sn, 0, NULL, 0, broadcast_addr, 900 hopcount, ttl, interval, 901 new_metric, 0, sdata); 902 } 903 904 rcu_read_unlock(); 905} 906 907 908void mesh_rx_path_sel_frame(struct ieee80211_sub_if_data *sdata, 909 struct ieee80211_mgmt *mgmt, size_t len) 910{ 911 struct ieee802_11_elems *elems; 912 size_t baselen; 913 u32 path_metric; 914 struct sta_info *sta; 915 916 /* need action_code */ 917 if (len < IEEE80211_MIN_ACTION_SIZE + 1) 918 return; 919 920 rcu_read_lock(); 921 sta = sta_info_get(sdata, mgmt->sa); 922 if (!sta || sta->mesh->plink_state != NL80211_PLINK_ESTAB) { 923 rcu_read_unlock(); 924 return; 925 } 926 rcu_read_unlock(); 927 928 baselen = (u8 *) mgmt->u.action.u.mesh_action.variable - (u8 *) mgmt; 929 elems = ieee802_11_parse_elems(mgmt->u.action.u.mesh_action.variable, 930 len - baselen, false, mgmt->bssid, NULL); 931 if (!elems) 932 return; 933 934 if (elems->preq) { 935 if (elems->preq_len != 37) 936 /* Right now we support just 1 destination and no AE */ 937 goto free; 938 path_metric = hwmp_route_info_get(sdata, mgmt, elems->preq, 939 MPATH_PREQ); 940 if (path_metric) 941 hwmp_preq_frame_process(sdata, mgmt, elems->preq, 942 path_metric); 943 } 944 if (elems->prep) { 945 if (elems->prep_len != 31) 946 /* Right now we support no AE */ 947 goto free; 948 path_metric = hwmp_route_info_get(sdata, mgmt, elems->prep, 949 MPATH_PREP); 950 if (path_metric) 951 hwmp_prep_frame_process(sdata, mgmt, elems->prep, 952 path_metric); 953 } 954 if (elems->perr) { 955 if (elems->perr_len != 15) 956 /* Right now we support only one destination per PERR */ 957 goto free; 958 hwmp_perr_frame_process(sdata, mgmt, elems->perr); 959 } 960 if (elems->rann) 961 hwmp_rann_frame_process(sdata, mgmt, elems->rann); 962free: 963 kfree(elems); 964} 965 966/** 967 * mesh_queue_preq - queue a PREQ to a given destination 968 * 969 * @mpath: mesh path to discover 970 * @flags: special attributes of the PREQ to be sent 971 * 972 * Locking: the function must be called from within a rcu read lock block. 973 * 974 */ 975static void mesh_queue_preq(struct mesh_path *mpath, u8 flags) 976{ 977 struct ieee80211_sub_if_data *sdata = mpath->sdata; 978 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; 979 struct mesh_preq_queue *preq_node; 980 981 preq_node = kmalloc(sizeof(struct mesh_preq_queue), GFP_ATOMIC); 982 if (!preq_node) { 983 mhwmp_dbg(sdata, "could not allocate PREQ node\n"); 984 return; 985 } 986 987 spin_lock_bh(&ifmsh->mesh_preq_queue_lock); 988 if (ifmsh->preq_queue_len == MAX_PREQ_QUEUE_LEN) { 989 spin_unlock_bh(&ifmsh->mesh_preq_queue_lock); 990 kfree(preq_node); 991 if (printk_ratelimit()) 992 mhwmp_dbg(sdata, "PREQ node queue full\n"); 993 return; 994 } 995 996 spin_lock(&mpath->state_lock); 997 if (mpath->flags & MESH_PATH_REQ_QUEUED) { 998 spin_unlock(&mpath->state_lock); 999 spin_unlock_bh(&ifmsh->mesh_preq_queue_lock); 1000 kfree(preq_node); 1001 return; 1002 } 1003 1004 memcpy(preq_node->dst, mpath->dst, ETH_ALEN); 1005 preq_node->flags = flags; 1006 1007 mpath->flags |= MESH_PATH_REQ_QUEUED; 1008 spin_unlock(&mpath->state_lock); 1009 1010 list_add_tail(&preq_node->list, &ifmsh->preq_queue.list); 1011 ++ifmsh->preq_queue_len; 1012 spin_unlock_bh(&ifmsh->mesh_preq_queue_lock); 1013 1014 if (time_after(jiffies, ifmsh->last_preq + min_preq_int_jiff(sdata))) 1015 ieee80211_queue_work(&sdata->local->hw, &sdata->work); 1016 1017 else if (time_before(jiffies, ifmsh->last_preq)) { 1018 /* avoid long wait if did not send preqs for a long time 1019 * and jiffies wrapped around 1020 */ 1021 ifmsh->last_preq = jiffies - min_preq_int_jiff(sdata) - 1; 1022 ieee80211_queue_work(&sdata->local->hw, &sdata->work); 1023 } else 1024 mod_timer(&ifmsh->mesh_path_timer, ifmsh->last_preq + 1025 min_preq_int_jiff(sdata)); 1026} 1027 1028/** 1029 * mesh_path_start_discovery - launch a path discovery from the PREQ queue 1030 * 1031 * @sdata: local mesh subif 1032 */ 1033void mesh_path_start_discovery(struct ieee80211_sub_if_data *sdata) 1034{ 1035 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; 1036 struct mesh_preq_queue *preq_node; 1037 struct mesh_path *mpath; 1038 u8 ttl, target_flags = 0; 1039 const u8 *da; 1040 u32 lifetime; 1041 1042 spin_lock_bh(&ifmsh->mesh_preq_queue_lock); 1043 if (!ifmsh->preq_queue_len || 1044 time_before(jiffies, ifmsh->last_preq + 1045 min_preq_int_jiff(sdata))) { 1046 spin_unlock_bh(&ifmsh->mesh_preq_queue_lock); 1047 return; 1048 } 1049 1050 preq_node = list_first_entry(&ifmsh->preq_queue.list, 1051 struct mesh_preq_queue, list); 1052 list_del(&preq_node->list); 1053 --ifmsh->preq_queue_len; 1054 spin_unlock_bh(&ifmsh->mesh_preq_queue_lock); 1055 1056 rcu_read_lock(); 1057 mpath = mesh_path_lookup(sdata, preq_node->dst); 1058 if (!mpath) 1059 goto enddiscovery; 1060 1061 spin_lock_bh(&mpath->state_lock); 1062 if (mpath->flags & (MESH_PATH_DELETED | MESH_PATH_FIXED)) { 1063 spin_unlock_bh(&mpath->state_lock); 1064 goto enddiscovery; 1065 } 1066 mpath->flags &= ~MESH_PATH_REQ_QUEUED; 1067 if (preq_node->flags & PREQ_Q_F_START) { 1068 if (mpath->flags & MESH_PATH_RESOLVING) { 1069 spin_unlock_bh(&mpath->state_lock); 1070 goto enddiscovery; 1071 } else { 1072 mpath->flags &= ~MESH_PATH_RESOLVED; 1073 mpath->flags |= MESH_PATH_RESOLVING; 1074 mpath->discovery_retries = 0; 1075 mpath->discovery_timeout = disc_timeout_jiff(sdata); 1076 } 1077 } else if (!(mpath->flags & MESH_PATH_RESOLVING) || 1078 mpath->flags & MESH_PATH_RESOLVED) { 1079 mpath->flags &= ~MESH_PATH_RESOLVING; 1080 spin_unlock_bh(&mpath->state_lock); 1081 goto enddiscovery; 1082 } 1083 1084 ifmsh->last_preq = jiffies; 1085 1086 if (time_after(jiffies, ifmsh->last_sn_update + 1087 net_traversal_jiffies(sdata)) || 1088 time_before(jiffies, ifmsh->last_sn_update)) { 1089 ++ifmsh->sn; 1090 sdata->u.mesh.last_sn_update = jiffies; 1091 } 1092 lifetime = default_lifetime(sdata); 1093 ttl = sdata->u.mesh.mshcfg.element_ttl; 1094 if (ttl == 0) { 1095 sdata->u.mesh.mshstats.dropped_frames_ttl++; 1096 spin_unlock_bh(&mpath->state_lock); 1097 goto enddiscovery; 1098 } 1099 1100 if (preq_node->flags & PREQ_Q_F_REFRESH) 1101 target_flags |= IEEE80211_PREQ_TO_FLAG; 1102 else 1103 target_flags &= ~IEEE80211_PREQ_TO_FLAG; 1104 1105 spin_unlock_bh(&mpath->state_lock); 1106 da = (mpath->is_root) ? mpath->rann_snd_addr : broadcast_addr; 1107 mesh_path_sel_frame_tx(MPATH_PREQ, 0, sdata->vif.addr, ifmsh->sn, 1108 target_flags, mpath->dst, mpath->sn, da, 0, 1109 ttl, lifetime, 0, ifmsh->preq_id++, sdata); 1110 1111 spin_lock_bh(&mpath->state_lock); 1112 if (!(mpath->flags & MESH_PATH_DELETED)) 1113 mod_timer(&mpath->timer, jiffies + mpath->discovery_timeout); 1114 spin_unlock_bh(&mpath->state_lock); 1115 1116enddiscovery: 1117 rcu_read_unlock(); 1118 kfree(preq_node); 1119} 1120 1121/** 1122 * mesh_nexthop_resolve - lookup next hop; conditionally start path discovery 1123 * 1124 * @skb: 802.11 frame to be sent 1125 * @sdata: network subif the frame will be sent through 1126 * 1127 * Lookup next hop for given skb and start path discovery if no 1128 * forwarding information is found. 1129 * 1130 * Returns: 0 if the next hop was found and -ENOENT if the frame was queued. 1131 * skb is freed here if no mpath could be allocated. 1132 */ 1133int mesh_nexthop_resolve(struct ieee80211_sub_if_data *sdata, 1134 struct sk_buff *skb) 1135{ 1136 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 1137 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); 1138 struct mesh_path *mpath; 1139 struct sk_buff *skb_to_free = NULL; 1140 u8 *target_addr = hdr->addr3; 1141 1142 /* Nulls are only sent to peers for PS and should be pre-addressed */ 1143 if (ieee80211_is_qos_nullfunc(hdr->frame_control)) 1144 return 0; 1145 1146 /* Allow injected packets to bypass mesh routing */ 1147 if (info->control.flags & IEEE80211_TX_CTRL_SKIP_MPATH_LOOKUP) 1148 return 0; 1149 1150 if (!mesh_nexthop_lookup(sdata, skb)) 1151 return 0; 1152 1153 /* no nexthop found, start resolving */ 1154 mpath = mesh_path_lookup(sdata, target_addr); 1155 if (!mpath) { 1156 mpath = mesh_path_add(sdata, target_addr); 1157 if (IS_ERR(mpath)) { 1158 mesh_path_discard_frame(sdata, skb); 1159 return PTR_ERR(mpath); 1160 } 1161 } 1162 1163 if (!(mpath->flags & MESH_PATH_RESOLVING) && 1164 mesh_path_sel_is_hwmp(sdata)) 1165 mesh_queue_preq(mpath, PREQ_Q_F_START); 1166 1167 if (skb_queue_len(&mpath->frame_queue) >= MESH_FRAME_QUEUE_LEN) 1168 skb_to_free = skb_dequeue(&mpath->frame_queue); 1169 1170 info->control.flags |= IEEE80211_TX_INTCFL_NEED_TXPROCESSING; 1171 ieee80211_set_qos_hdr(sdata, skb); 1172 skb_queue_tail(&mpath->frame_queue, skb); 1173 if (skb_to_free) 1174 mesh_path_discard_frame(sdata, skb_to_free); 1175 1176 return -ENOENT; 1177} 1178 1179/** 1180 * mesh_nexthop_lookup_nolearn - try to set next hop without path discovery 1181 * @skb: 802.11 frame to be sent 1182 * @sdata: network subif the frame will be sent through 1183 * 1184 * Check if the meshDA (addr3) of a unicast frame is a direct neighbor. 1185 * And if so, set the RA (addr1) to it to transmit to this node directly, 1186 * avoiding PREQ/PREP path discovery. 1187 * 1188 * Returns: 0 if the next hop was found and -ENOENT otherwise. 1189 */ 1190static int mesh_nexthop_lookup_nolearn(struct ieee80211_sub_if_data *sdata, 1191 struct sk_buff *skb) 1192{ 1193 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; 1194 struct sta_info *sta; 1195 1196 if (is_multicast_ether_addr(hdr->addr1)) 1197 return -ENOENT; 1198 1199 rcu_read_lock(); 1200 sta = sta_info_get(sdata, hdr->addr3); 1201 1202 if (!sta || sta->mesh->plink_state != NL80211_PLINK_ESTAB) { 1203 rcu_read_unlock(); 1204 return -ENOENT; 1205 } 1206 rcu_read_unlock(); 1207 1208 memcpy(hdr->addr1, hdr->addr3, ETH_ALEN); 1209 memcpy(hdr->addr2, sdata->vif.addr, ETH_ALEN); 1210 return 0; 1211} 1212 1213/** 1214 * mesh_nexthop_lookup - put the appropriate next hop on a mesh frame. Calling 1215 * this function is considered "using" the associated mpath, so preempt a path 1216 * refresh if this mpath expires soon. 1217 * 1218 * @skb: 802.11 frame to be sent 1219 * @sdata: network subif the frame will be sent through 1220 * 1221 * Returns: 0 if the next hop was found. Nonzero otherwise. 1222 */ 1223int mesh_nexthop_lookup(struct ieee80211_sub_if_data *sdata, 1224 struct sk_buff *skb) 1225{ 1226 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; 1227 struct mesh_path *mpath; 1228 struct sta_info *next_hop; 1229 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; 1230 u8 *target_addr = hdr->addr3; 1231 1232 if (ifmsh->mshcfg.dot11MeshNolearn && 1233 !mesh_nexthop_lookup_nolearn(sdata, skb)) 1234 return 0; 1235 1236 mpath = mesh_path_lookup(sdata, target_addr); 1237 if (!mpath || !(mpath->flags & MESH_PATH_ACTIVE)) 1238 return -ENOENT; 1239 1240 if (time_after(jiffies, 1241 mpath->exp_time - 1242 msecs_to_jiffies(sdata->u.mesh.mshcfg.path_refresh_time)) && 1243 ether_addr_equal(sdata->vif.addr, hdr->addr4) && 1244 !(mpath->flags & MESH_PATH_RESOLVING) && 1245 !(mpath->flags & MESH_PATH_FIXED)) 1246 mesh_queue_preq(mpath, PREQ_Q_F_START | PREQ_Q_F_REFRESH); 1247 1248 next_hop = rcu_dereference(mpath->next_hop); 1249 if (next_hop) { 1250 memcpy(hdr->addr1, next_hop->sta.addr, ETH_ALEN); 1251 memcpy(hdr->addr2, sdata->vif.addr, ETH_ALEN); 1252 ieee80211_mps_set_frame_flags(sdata, next_hop, hdr); 1253 return 0; 1254 } 1255 1256 return -ENOENT; 1257} 1258 1259void mesh_path_timer(struct timer_list *t) 1260{ 1261 struct mesh_path *mpath = from_timer(mpath, t, timer); 1262 struct ieee80211_sub_if_data *sdata = mpath->sdata; 1263 int ret; 1264 1265 if (sdata->local->quiescing) 1266 return; 1267 1268 spin_lock_bh(&mpath->state_lock); 1269 if (mpath->flags & MESH_PATH_RESOLVED || 1270 (!(mpath->flags & MESH_PATH_RESOLVING))) { 1271 mpath->flags &= ~(MESH_PATH_RESOLVING | MESH_PATH_RESOLVED); 1272 spin_unlock_bh(&mpath->state_lock); 1273 } else if (mpath->discovery_retries < max_preq_retries(sdata)) { 1274 ++mpath->discovery_retries; 1275 mpath->discovery_timeout *= 2; 1276 mpath->flags &= ~MESH_PATH_REQ_QUEUED; 1277 spin_unlock_bh(&mpath->state_lock); 1278 mesh_queue_preq(mpath, 0); 1279 } else { 1280 mpath->flags &= ~(MESH_PATH_RESOLVING | 1281 MESH_PATH_RESOLVED | 1282 MESH_PATH_REQ_QUEUED); 1283 mpath->exp_time = jiffies; 1284 spin_unlock_bh(&mpath->state_lock); 1285 if (!mpath->is_gate && mesh_gate_num(sdata) > 0) { 1286 ret = mesh_path_send_to_gates(mpath); 1287 if (ret) 1288 mhwmp_dbg(sdata, "no gate was reachable\n"); 1289 } else 1290 mesh_path_flush_pending(mpath); 1291 } 1292} 1293 1294void mesh_path_tx_root_frame(struct ieee80211_sub_if_data *sdata) 1295{ 1296 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; 1297 u32 interval = ifmsh->mshcfg.dot11MeshHWMPRannInterval; 1298 u8 flags, target_flags = 0; 1299 1300 flags = (ifmsh->mshcfg.dot11MeshGateAnnouncementProtocol) 1301 ? RANN_FLAG_IS_GATE : 0; 1302 1303 switch (ifmsh->mshcfg.dot11MeshHWMPRootMode) { 1304 case IEEE80211_PROACTIVE_RANN: 1305 mesh_path_sel_frame_tx(MPATH_RANN, flags, sdata->vif.addr, 1306 ++ifmsh->sn, 0, NULL, 0, broadcast_addr, 1307 0, ifmsh->mshcfg.element_ttl, 1308 interval, 0, 0, sdata); 1309 break; 1310 case IEEE80211_PROACTIVE_PREQ_WITH_PREP: 1311 flags |= IEEE80211_PREQ_PROACTIVE_PREP_FLAG; 1312 fallthrough; 1313 case IEEE80211_PROACTIVE_PREQ_NO_PREP: 1314 interval = ifmsh->mshcfg.dot11MeshHWMPactivePathToRootTimeout; 1315 target_flags |= IEEE80211_PREQ_TO_FLAG | 1316 IEEE80211_PREQ_USN_FLAG; 1317 mesh_path_sel_frame_tx(MPATH_PREQ, flags, sdata->vif.addr, 1318 ++ifmsh->sn, target_flags, 1319 (u8 *) broadcast_addr, 0, broadcast_addr, 1320 0, ifmsh->mshcfg.element_ttl, interval, 1321 0, ifmsh->preq_id++, sdata); 1322 break; 1323 default: 1324 mhwmp_dbg(sdata, "Proactive mechanism not supported\n"); 1325 return; 1326 } 1327}