search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
m68k: use KBUILD_DEFCONFIG
[linux-2.6/verdex.git] / net / mac80211 / ieee80211_sta.c
blobe0c72d04584b6be81b74fe7554b46f04afc4ad7b
1 /*
2 * BSS client mode implementation
3 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
4 * Copyright 2004, Instant802 Networks, Inc.
5 * Copyright 2005, Devicescape Software, Inc.
6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
7 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 2 as
11 * published by the Free Software Foundation.
12 */
13
14 /* TODO:
15 * order BSS list by RSSI(?) ("quality of AP")
16 * scan result table filtering (by capability (privacy, IBSS/BSS, WPA/RSN IE,
17 * SSID)
18 */
19 #include <linux/delay.h>
20 #include <linux/if_ether.h>
21 #include <linux/skbuff.h>
22 #include <linux/netdevice.h>
23 #include <linux/if_arp.h>
24 #include <linux/wireless.h>
25 #include <linux/random.h>
26 #include <linux/etherdevice.h>
27 #include <net/iw_handler.h>
28 #include <asm/types.h>
29
30 #include <net/mac80211.h>
31 #include "ieee80211_i.h"
32 #include "ieee80211_rate.h"
33 #include "ieee80211_led.h"
34
35 #define IEEE80211_AUTH_TIMEOUT (HZ / 5)
36 #define IEEE80211_AUTH_MAX_TRIES 3
37 #define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
38 #define IEEE80211_ASSOC_MAX_TRIES 3
39 #define IEEE80211_MONITORING_INTERVAL (2 * HZ)
40 #define IEEE80211_PROBE_INTERVAL (60 * HZ)
41 #define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ)
42 #define IEEE80211_SCAN_INTERVAL (2 * HZ)
43 #define IEEE80211_SCAN_INTERVAL_SLOW (15 * HZ)
44 #define IEEE80211_IBSS_JOIN_TIMEOUT (20 * HZ)
45
46 #define IEEE80211_PROBE_DELAY (HZ / 33)
47 #define IEEE80211_CHANNEL_TIME (HZ / 33)
48 #define IEEE80211_PASSIVE_CHANNEL_TIME (HZ / 5)
49 #define IEEE80211_SCAN_RESULT_EXPIRE (10 * HZ)
50 #define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
51 #define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
52
53 #define IEEE80211_IBSS_MAX_STA_ENTRIES 128
54
55
56 #define IEEE80211_FC(type, stype) cpu_to_le16(type | stype)
57
58 #define ERP_INFO_USE_PROTECTION BIT(1)
59
60 /* mgmt header + 1 byte action code */
61 #define IEEE80211_MIN_ACTION_SIZE (24 + 1)
62
63 #define IEEE80211_ADDBA_PARAM_POLICY_MASK 0x0002
64 #define IEEE80211_ADDBA_PARAM_TID_MASK 0x003C
65 #define IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK 0xFFA0
66 #define IEEE80211_DELBA_PARAM_TID_MASK 0xF000
67 #define IEEE80211_DELBA_PARAM_INITIATOR_MASK 0x0800
68
69 /* next values represent the buffer size for A-MPDU frame.
70 * According to IEEE802.11n spec size varies from 8K to 64K (in powers of 2) */
71 #define IEEE80211_MIN_AMPDU_BUF 0x8
72 #define IEEE80211_MAX_AMPDU_BUF 0x40
73
74 static void ieee80211_send_probe_req(struct net_device *dev, u8 *dst,
75 u8 *ssid, size_t ssid_len);
76 static struct ieee80211_sta_bss *
77 ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid, int channel,
78 u8 *ssid, u8 ssid_len);
79 static void ieee80211_rx_bss_put(struct net_device *dev,
80 struct ieee80211_sta_bss *bss);
81 static int ieee80211_sta_find_ibss(struct net_device *dev,
82 struct ieee80211_if_sta *ifsta);
83 static int ieee80211_sta_wep_configured(struct net_device *dev);
84 static int ieee80211_sta_start_scan(struct net_device *dev,
85 u8 *ssid, size_t ssid_len);
86 static int ieee80211_sta_config_auth(struct net_device *dev,
87 struct ieee80211_if_sta *ifsta);
88
89
90 /* Parsed Information Elements */
91 struct ieee802_11_elems {
92 /* pointers to IEs */
93 u8 *ssid;
94 u8 *supp_rates;
95 u8 *fh_params;
96 u8 *ds_params;
97 u8 *cf_params;
98 u8 *tim;
99 u8 *ibss_params;
100 u8 *challenge;
101 u8 *wpa;
102 u8 *rsn;
103 u8 *erp_info;
104 u8 *ext_supp_rates;
105 u8 *wmm_info;
106 u8 *wmm_param;
107 u8 *ht_cap_elem;
108 u8 *ht_info_elem;
109 /* length of them, respectively */
110 u8 ssid_len;
111 u8 supp_rates_len;
112 u8 fh_params_len;
113 u8 ds_params_len;
114 u8 cf_params_len;
115 u8 tim_len;
116 u8 ibss_params_len;
117 u8 challenge_len;
118 u8 wpa_len;
119 u8 rsn_len;
120 u8 erp_info_len;
121 u8 ext_supp_rates_len;
122 u8 wmm_info_len;
123 u8 wmm_param_len;
124 u8 ht_cap_elem_len;
125 u8 ht_info_elem_len;
126 };
127
128 static void ieee802_11_parse_elems(u8 *start, size_t len,
129 struct ieee802_11_elems *elems)
130 {
131 size_t left = len;
132 u8 *pos = start;
133
134 memset(elems, 0, sizeof(*elems));
135
136 while (left >= 2) {
137 u8 id, elen;
138
139 id = *pos++;
140 elen = *pos++;
141 left -= 2;
142
143 if (elen > left)
144 return;
145
146 switch (id) {
147 case WLAN_EID_SSID:
148 elems->ssid = pos;
149 elems->ssid_len = elen;
150 break;
151 case WLAN_EID_SUPP_RATES:
152 elems->supp_rates = pos;
153 elems->supp_rates_len = elen;
154 break;
155 case WLAN_EID_FH_PARAMS:
156 elems->fh_params = pos;
157 elems->fh_params_len = elen;
158 break;
159 case WLAN_EID_DS_PARAMS:
160 elems->ds_params = pos;
161 elems->ds_params_len = elen;
162 break;
163 case WLAN_EID_CF_PARAMS:
164 elems->cf_params = pos;
165 elems->cf_params_len = elen;
166 break;
167 case WLAN_EID_TIM:
168 elems->tim = pos;
169 elems->tim_len = elen;
170 break;
171 case WLAN_EID_IBSS_PARAMS:
172 elems->ibss_params = pos;
173 elems->ibss_params_len = elen;
174 break;
175 case WLAN_EID_CHALLENGE:
176 elems->challenge = pos;
177 elems->challenge_len = elen;
178 break;
179 case WLAN_EID_WPA:
180 if (elen >= 4 && pos[0] == 0x00 && pos[1] == 0x50 &&
181 pos[2] == 0xf2) {
182 /* Microsoft OUI (00:50:F2) */
183 if (pos[3] == 1) {
184 /* OUI Type 1 - WPA IE */
185 elems->wpa = pos;
186 elems->wpa_len = elen;
187 } else if (elen >= 5 && pos[3] == 2) {
188 if (pos[4] == 0) {
189 elems->wmm_info = pos;
190 elems->wmm_info_len = elen;
191 } else if (pos[4] == 1) {
192 elems->wmm_param = pos;
193 elems->wmm_param_len = elen;
194 }
195 }
196 }
197 break;
198 case WLAN_EID_RSN:
199 elems->rsn = pos;
200 elems->rsn_len = elen;
201 break;
202 case WLAN_EID_ERP_INFO:
203 elems->erp_info = pos;
204 elems->erp_info_len = elen;
205 break;
206 case WLAN_EID_EXT_SUPP_RATES:
207 elems->ext_supp_rates = pos;
208 elems->ext_supp_rates_len = elen;
209 break;
210 case WLAN_EID_HT_CAPABILITY:
211 elems->ht_cap_elem = pos;
212 elems->ht_cap_elem_len = elen;
213 break;
214 case WLAN_EID_HT_EXTRA_INFO:
215 elems->ht_info_elem = pos;
216 elems->ht_info_elem_len = elen;
217 break;
218 default:
219 break;
220 }
221
222 left -= elen;
223 pos += elen;
224 }
225 }
226
227
228 static int ecw2cw(int ecw)
229 {
230 int cw = 1;
231 while (ecw > 0) {
232 cw <<= 1;
233 ecw--;
234 }
235 return cw - 1;
236 }
237
238 static void ieee80211_sta_wmm_params(struct net_device *dev,
239 struct ieee80211_if_sta *ifsta,
240 u8 *wmm_param, size_t wmm_param_len)
241 {
242 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
243 struct ieee80211_tx_queue_params params;
244 size_t left;
245 int count;
246 u8 *pos;
247
248 if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1)
249 return;
250 count = wmm_param[6] & 0x0f;
251 if (count == ifsta->wmm_last_param_set)
252 return;
253 ifsta->wmm_last_param_set = count;
254
255 pos = wmm_param + 8;
256 left = wmm_param_len - 8;
257
258 memset(&params, 0, sizeof(params));
259
260 if (!local->ops->conf_tx)
261 return;
262
263 local->wmm_acm = 0;
264 for (; left >= 4; left -= 4, pos += 4) {
265 int aci = (pos[0] >> 5) & 0x03;
266 int acm = (pos[0] >> 4) & 0x01;
267 int queue;
268
269 switch (aci) {
270 case 1:
271 queue = IEEE80211_TX_QUEUE_DATA3;
272 if (acm) {
273 local->wmm_acm |= BIT(0) | BIT(3);
274 }
275 break;
276 case 2:
277 queue = IEEE80211_TX_QUEUE_DATA1;
278 if (acm) {
279 local->wmm_acm |= BIT(4) | BIT(5);
280 }
281 break;
282 case 3:
283 queue = IEEE80211_TX_QUEUE_DATA0;
284 if (acm) {
285 local->wmm_acm |= BIT(6) | BIT(7);
286 }
287 break;
288 case 0:
289 default:
290 queue = IEEE80211_TX_QUEUE_DATA2;
291 if (acm) {
292 local->wmm_acm |= BIT(1) | BIT(2);
293 }
294 break;
295 }
296
297 params.aifs = pos[0] & 0x0f;
298 params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4);
299 params.cw_min = ecw2cw(pos[1] & 0x0f);
300 /* TXOP is in units of 32 usec; burst_time in 0.1 ms */
301 params.burst_time = (pos[2] | (pos[3] << 8)) * 32 / 100;
302 printk(KERN_DEBUG "%s: WMM queue=%d aci=%d acm=%d aifs=%d "
303 "cWmin=%d cWmax=%d burst=%d\n",
304 dev->name, queue, aci, acm, params.aifs, params.cw_min,
305 params.cw_max, params.burst_time);
306 /* TODO: handle ACM (block TX, fallback to next lowest allowed
307 * AC for now) */
308 if (local->ops->conf_tx(local_to_hw(local), queue, &params)) {
309 printk(KERN_DEBUG "%s: failed to set TX queue "
310 "parameters for queue %d\n", dev->name, queue);
311 }
312 }
313 }
314
315
316 static u32 ieee80211_handle_erp_ie(struct ieee80211_sub_if_data *sdata,
317 u8 erp_value)
318 {
319 struct ieee80211_bss_conf *bss_conf = &sdata->bss_conf;
320 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
321 bool use_protection = (erp_value & WLAN_ERP_USE_PROTECTION) != 0;
322 bool use_short_preamble = (erp_value & WLAN_ERP_BARKER_PREAMBLE) == 0;
323 DECLARE_MAC_BUF(mac);
324 u32 changed = 0;
325
326 if (use_protection != bss_conf->use_cts_prot) {
327 if (net_ratelimit()) {
328 printk(KERN_DEBUG "%s: CTS protection %s (BSSID="
329 "%s)\n",
330 sdata->dev->name,
331 use_protection ? "enabled" : "disabled",
332 print_mac(mac, ifsta->bssid));
333 }
334 bss_conf->use_cts_prot = use_protection;
335 changed |= BSS_CHANGED_ERP_CTS_PROT;
336 }
337
338 if (use_short_preamble != bss_conf->use_short_preamble) {
339 if (net_ratelimit()) {
340 printk(KERN_DEBUG "%s: switched to %s barker preamble"
341 " (BSSID=%s)\n",
342 sdata->dev->name,
343 use_short_preamble ? "short" : "long",
344 print_mac(mac, ifsta->bssid));
345 }
346 bss_conf->use_short_preamble = use_short_preamble;
347 changed |= BSS_CHANGED_ERP_PREAMBLE;
348 }
349
350 return changed;
351 }
352
353 int ieee80211_ht_cap_ie_to_ht_info(struct ieee80211_ht_cap *ht_cap_ie,
354 struct ieee80211_ht_info *ht_info)
355 {
356
357 if (ht_info == NULL)
358 return -EINVAL;
359
360 memset(ht_info, 0, sizeof(*ht_info));
361
362 if (ht_cap_ie) {
363 u8 ampdu_info = ht_cap_ie->ampdu_params_info;
364
365 ht_info->ht_supported = 1;
366 ht_info->cap = le16_to_cpu(ht_cap_ie->cap_info);
367 ht_info->ampdu_factor =
368 ampdu_info & IEEE80211_HT_CAP_AMPDU_FACTOR;
369 ht_info->ampdu_density =
370 (ampdu_info & IEEE80211_HT_CAP_AMPDU_DENSITY) >> 2;
371 memcpy(ht_info->supp_mcs_set, ht_cap_ie->supp_mcs_set, 16);
372 } else
373 ht_info->ht_supported = 0;
374
375 return 0;
376 }
377
378 int ieee80211_ht_addt_info_ie_to_ht_bss_info(
379 struct ieee80211_ht_addt_info *ht_add_info_ie,
380 struct ieee80211_ht_bss_info *bss_info)
381 {
382 if (bss_info == NULL)
383 return -EINVAL;
384
385 memset(bss_info, 0, sizeof(*bss_info));
386
387 if (ht_add_info_ie) {
388 u16 op_mode;
389 op_mode = le16_to_cpu(ht_add_info_ie->operation_mode);
390
391 bss_info->primary_channel = ht_add_info_ie->control_chan;
392 bss_info->bss_cap = ht_add_info_ie->ht_param;
393 bss_info->bss_op_mode = (u8)(op_mode & 0xff);
394 }
395
396 return 0;
397 }
398
399 static void ieee80211_sta_send_associnfo(struct net_device *dev,
400 struct ieee80211_if_sta *ifsta)
401 {
402 char *buf;
403 size_t len;
404 int i;
405 union iwreq_data wrqu;
406
407 if (!ifsta->assocreq_ies && !ifsta->assocresp_ies)
408 return;
409
410 buf = kmalloc(50 + 2 * (ifsta->assocreq_ies_len +
411 ifsta->assocresp_ies_len), GFP_KERNEL);
412 if (!buf)
413 return;
414
415 len = sprintf(buf, "ASSOCINFO(");
416 if (ifsta->assocreq_ies) {
417 len += sprintf(buf + len, "ReqIEs=");
418 for (i = 0; i < ifsta->assocreq_ies_len; i++) {
419 len += sprintf(buf + len, "%02x",
420 ifsta->assocreq_ies[i]);
421 }
422 }
423 if (ifsta->assocresp_ies) {
424 if (ifsta->assocreq_ies)
425 len += sprintf(buf + len, " ");
426 len += sprintf(buf + len, "RespIEs=");
427 for (i = 0; i < ifsta->assocresp_ies_len; i++) {
428 len += sprintf(buf + len, "%02x",
429 ifsta->assocresp_ies[i]);
430 }
431 }
432 len += sprintf(buf + len, ")");
433
434 if (len > IW_CUSTOM_MAX) {
435 len = sprintf(buf, "ASSOCRESPIE=");
436 for (i = 0; i < ifsta->assocresp_ies_len; i++) {
437 len += sprintf(buf + len, "%02x",
438 ifsta->assocresp_ies[i]);
439 }
440 }
441
442 memset(&wrqu, 0, sizeof(wrqu));
443 wrqu.data.length = len;
444 wireless_send_event(dev, IWEVCUSTOM, &wrqu, buf);
445
446 kfree(buf);
447 }
448
449
450 static void ieee80211_set_associated(struct net_device *dev,
451 struct ieee80211_if_sta *ifsta,
452 bool assoc)
453 {
454 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
455 struct ieee80211_local *local = sdata->local;
456 union iwreq_data wrqu;
457 u32 changed = BSS_CHANGED_ASSOC;
458
459 if (assoc) {
460 struct ieee80211_sta_bss *bss;
461
462 ifsta->flags |= IEEE80211_STA_ASSOCIATED;
463
464 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
465 return;
466
467 bss = ieee80211_rx_bss_get(dev, ifsta->bssid,
468 local->hw.conf.channel,
469 ifsta->ssid, ifsta->ssid_len);
470 if (bss) {
471 if (bss->has_erp_value)
472 changed |= ieee80211_handle_erp_ie(
473 sdata, bss->erp_value);
474 ieee80211_rx_bss_put(dev, bss);
475 }
476
477 netif_carrier_on(dev);
478 ifsta->flags |= IEEE80211_STA_PREV_BSSID_SET;
479 memcpy(ifsta->prev_bssid, sdata->u.sta.bssid, ETH_ALEN);
480 memcpy(wrqu.ap_addr.sa_data, sdata->u.sta.bssid, ETH_ALEN);
481 ieee80211_sta_send_associnfo(dev, ifsta);
482 } else {
483 ifsta->flags &= ~IEEE80211_STA_ASSOCIATED;
484
485 netif_carrier_off(dev);
486 ieee80211_reset_erp_info(dev);
487 memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
488 }
489 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
490 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
491 ifsta->last_probe = jiffies;
492 ieee80211_led_assoc(local, assoc);
493
494 ieee80211_bss_info_change_notify(sdata, changed);
495 }
496
497 static void ieee80211_set_disassoc(struct net_device *dev,
498 struct ieee80211_if_sta *ifsta, int deauth)
499 {
500 if (deauth)
501 ifsta->auth_tries = 0;
502 ifsta->assoc_tries = 0;
503 ieee80211_set_associated(dev, ifsta, 0);
504 }
505
506 static void ieee80211_sta_tx(struct net_device *dev, struct sk_buff *skb,
507 int encrypt)
508 {
509 struct ieee80211_sub_if_data *sdata;
510 struct ieee80211_tx_packet_data *pkt_data;
511
512 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
513 skb->dev = sdata->local->mdev;
514 skb_set_mac_header(skb, 0);
515 skb_set_network_header(skb, 0);
516 skb_set_transport_header(skb, 0);
517
518 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb;
519 memset(pkt_data, 0, sizeof(struct ieee80211_tx_packet_data));
520 pkt_data->ifindex = sdata->dev->ifindex;
521 if (!encrypt)
522 pkt_data->flags |= IEEE80211_TXPD_DO_NOT_ENCRYPT;
523
524 dev_queue_xmit(skb);
525 }
526
527
528 static void ieee80211_send_auth(struct net_device *dev,
529 struct ieee80211_if_sta *ifsta,
530 int transaction, u8 *extra, size_t extra_len,
531 int encrypt)
532 {
533 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
534 struct sk_buff *skb;
535 struct ieee80211_mgmt *mgmt;
536
537 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
538 sizeof(*mgmt) + 6 + extra_len);
539 if (!skb) {
540 printk(KERN_DEBUG "%s: failed to allocate buffer for auth "
541 "frame\n", dev->name);
542 return;
543 }
544 skb_reserve(skb, local->hw.extra_tx_headroom);
545
546 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24 + 6);
547 memset(mgmt, 0, 24 + 6);
548 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
549 IEEE80211_STYPE_AUTH);
550 if (encrypt)
551 mgmt->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
552 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
553 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
554 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
555 mgmt->u.auth.auth_alg = cpu_to_le16(ifsta->auth_alg);
556 mgmt->u.auth.auth_transaction = cpu_to_le16(transaction);
557 ifsta->auth_transaction = transaction + 1;
558 mgmt->u.auth.status_code = cpu_to_le16(0);
559 if (extra)
560 memcpy(skb_put(skb, extra_len), extra, extra_len);
561
562 ieee80211_sta_tx(dev, skb, encrypt);
563 }
564
565
566 static void ieee80211_authenticate(struct net_device *dev,
567 struct ieee80211_if_sta *ifsta)
568 {
569 DECLARE_MAC_BUF(mac);
570
571 ifsta->auth_tries++;
572 if (ifsta->auth_tries > IEEE80211_AUTH_MAX_TRIES) {
573 printk(KERN_DEBUG "%s: authentication with AP %s"
574 " timed out\n",
575 dev->name, print_mac(mac, ifsta->bssid));
576 ifsta->state = IEEE80211_DISABLED;
577 return;
578 }
579
580 ifsta->state = IEEE80211_AUTHENTICATE;
581 printk(KERN_DEBUG "%s: authenticate with AP %s\n",
582 dev->name, print_mac(mac, ifsta->bssid));
583
584 ieee80211_send_auth(dev, ifsta, 1, NULL, 0, 0);
585
586 mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
587 }
588
589
590 static void ieee80211_send_assoc(struct net_device *dev,
591 struct ieee80211_if_sta *ifsta)
592 {
593 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
594 struct ieee80211_hw_mode *mode;
595 struct sk_buff *skb;
596 struct ieee80211_mgmt *mgmt;
597 u8 *pos, *ies;
598 int i, len;
599 u16 capab;
600 struct ieee80211_sta_bss *bss;
601 int wmm = 0;
602
603 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
604 sizeof(*mgmt) + 200 + ifsta->extra_ie_len +
605 ifsta->ssid_len);
606 if (!skb) {
607 printk(KERN_DEBUG "%s: failed to allocate buffer for assoc "
608 "frame\n", dev->name);
609 return;
610 }
611 skb_reserve(skb, local->hw.extra_tx_headroom);
612
613 mode = local->oper_hw_mode;
614 capab = ifsta->capab;
615 if (mode->mode == MODE_IEEE80211G) {
616 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME |
617 WLAN_CAPABILITY_SHORT_PREAMBLE;
618 }
619 bss = ieee80211_rx_bss_get(dev, ifsta->bssid, local->hw.conf.channel,
620 ifsta->ssid, ifsta->ssid_len);
621 if (bss) {
622 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
623 capab |= WLAN_CAPABILITY_PRIVACY;
624 if (bss->wmm_ie) {
625 wmm = 1;
626 }
627 ieee80211_rx_bss_put(dev, bss);
628 }
629
630 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
631 memset(mgmt, 0, 24);
632 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
633 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
634 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
635
636 if (ifsta->flags & IEEE80211_STA_PREV_BSSID_SET) {
637 skb_put(skb, 10);
638 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
639 IEEE80211_STYPE_REASSOC_REQ);
640 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
641 mgmt->u.reassoc_req.listen_interval = cpu_to_le16(1);
642 memcpy(mgmt->u.reassoc_req.current_ap, ifsta->prev_bssid,
643 ETH_ALEN);
644 } else {
645 skb_put(skb, 4);
646 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
647 IEEE80211_STYPE_ASSOC_REQ);
648 mgmt->u.assoc_req.capab_info = cpu_to_le16(capab);
649 mgmt->u.assoc_req.listen_interval = cpu_to_le16(1);
650 }
651
652 /* SSID */
653 ies = pos = skb_put(skb, 2 + ifsta->ssid_len);
654 *pos++ = WLAN_EID_SSID;
655 *pos++ = ifsta->ssid_len;
656 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
657
658 len = mode->num_rates;
659 if (len > 8)
660 len = 8;
661 pos = skb_put(skb, len + 2);
662 *pos++ = WLAN_EID_SUPP_RATES;
663 *pos++ = len;
664 for (i = 0; i < len; i++) {
665 int rate = mode->rates[i].rate;
666 *pos++ = (u8) (rate / 5);
667 }
668
669 if (mode->num_rates > len) {
670 pos = skb_put(skb, mode->num_rates - len + 2);
671 *pos++ = WLAN_EID_EXT_SUPP_RATES;
672 *pos++ = mode->num_rates - len;
673 for (i = len; i < mode->num_rates; i++) {
674 int rate = mode->rates[i].rate;
675 *pos++ = (u8) (rate / 5);
676 }
677 }
678
679 if (ifsta->extra_ie) {
680 pos = skb_put(skb, ifsta->extra_ie_len);
681 memcpy(pos, ifsta->extra_ie, ifsta->extra_ie_len);
682 }
683
684 if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
685 pos = skb_put(skb, 9);
686 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
687 *pos++ = 7; /* len */
688 *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */
689 *pos++ = 0x50;
690 *pos++ = 0xf2;
691 *pos++ = 2; /* WME */
692 *pos++ = 0; /* WME info */
693 *pos++ = 1; /* WME ver */
694 *pos++ = 0;
695 }
696 /* wmm support is a must to HT */
697 if (wmm && mode->ht_info.ht_supported) {
698 __le16 tmp = cpu_to_le16(mode->ht_info.cap);
699 pos = skb_put(skb, sizeof(struct ieee80211_ht_cap)+2);
700 *pos++ = WLAN_EID_HT_CAPABILITY;
701 *pos++ = sizeof(struct ieee80211_ht_cap);
702 memset(pos, 0, sizeof(struct ieee80211_ht_cap));
703 memcpy(pos, &tmp, sizeof(u16));
704 pos += sizeof(u16);
705 *pos++ = (mode->ht_info.ampdu_factor |
706 (mode->ht_info.ampdu_density << 2));
707 memcpy(pos, mode->ht_info.supp_mcs_set, 16);
708 }
709
710 kfree(ifsta->assocreq_ies);
711 ifsta->assocreq_ies_len = (skb->data + skb->len) - ies;
712 ifsta->assocreq_ies = kmalloc(ifsta->assocreq_ies_len, GFP_KERNEL);
713 if (ifsta->assocreq_ies)
714 memcpy(ifsta->assocreq_ies, ies, ifsta->assocreq_ies_len);
715
716 ieee80211_sta_tx(dev, skb, 0);
717 }
718
719
720 static void ieee80211_send_deauth(struct net_device *dev,
721 struct ieee80211_if_sta *ifsta, u16 reason)
722 {
723 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
724 struct sk_buff *skb;
725 struct ieee80211_mgmt *mgmt;
726
727 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
728 if (!skb) {
729 printk(KERN_DEBUG "%s: failed to allocate buffer for deauth "
730 "frame\n", dev->name);
731 return;
732 }
733 skb_reserve(skb, local->hw.extra_tx_headroom);
734
735 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
736 memset(mgmt, 0, 24);
737 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
738 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
739 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
740 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
741 IEEE80211_STYPE_DEAUTH);
742 skb_put(skb, 2);
743 mgmt->u.deauth.reason_code = cpu_to_le16(reason);
744
745 ieee80211_sta_tx(dev, skb, 0);
746 }
747
748
749 static void ieee80211_send_disassoc(struct net_device *dev,
750 struct ieee80211_if_sta *ifsta, u16 reason)
751 {
752 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
753 struct sk_buff *skb;
754 struct ieee80211_mgmt *mgmt;
755
756 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
757 if (!skb) {
758 printk(KERN_DEBUG "%s: failed to allocate buffer for disassoc "
759 "frame\n", dev->name);
760 return;
761 }
762 skb_reserve(skb, local->hw.extra_tx_headroom);
763
764 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
765 memset(mgmt, 0, 24);
766 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
767 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
768 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
769 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
770 IEEE80211_STYPE_DISASSOC);
771 skb_put(skb, 2);
772 mgmt->u.disassoc.reason_code = cpu_to_le16(reason);
773
774 ieee80211_sta_tx(dev, skb, 0);
775 }
776
777
778 static int ieee80211_privacy_mismatch(struct net_device *dev,
779 struct ieee80211_if_sta *ifsta)
780 {
781 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
782 struct ieee80211_sta_bss *bss;
783 int bss_privacy;
784 int wep_privacy;
785 int privacy_invoked;
786
787 if (!ifsta || (ifsta->flags & IEEE80211_STA_MIXED_CELL))
788 return 0;
789
790 bss = ieee80211_rx_bss_get(dev, ifsta->bssid, local->hw.conf.channel,
791 ifsta->ssid, ifsta->ssid_len);
792 if (!bss)
793 return 0;
794
795 bss_privacy = !!(bss->capability & WLAN_CAPABILITY_PRIVACY);
796 wep_privacy = !!ieee80211_sta_wep_configured(dev);
797 privacy_invoked = !!(ifsta->flags & IEEE80211_STA_PRIVACY_INVOKED);
798
799 ieee80211_rx_bss_put(dev, bss);
800
801 if ((bss_privacy == wep_privacy) || (bss_privacy == privacy_invoked))
802 return 0;
803
804 return 1;
805 }
806
807
808 static void ieee80211_associate(struct net_device *dev,
809 struct ieee80211_if_sta *ifsta)
810 {
811 DECLARE_MAC_BUF(mac);
812
813 ifsta->assoc_tries++;
814 if (ifsta->assoc_tries > IEEE80211_ASSOC_MAX_TRIES) {
815 printk(KERN_DEBUG "%s: association with AP %s"
816 " timed out\n",
817 dev->name, print_mac(mac, ifsta->bssid));
818 ifsta->state = IEEE80211_DISABLED;
819 return;
820 }
821
822 ifsta->state = IEEE80211_ASSOCIATE;
823 printk(KERN_DEBUG "%s: associate with AP %s\n",
824 dev->name, print_mac(mac, ifsta->bssid));
825 if (ieee80211_privacy_mismatch(dev, ifsta)) {
826 printk(KERN_DEBUG "%s: mismatch in privacy configuration and "
827 "mixed-cell disabled - abort association\n", dev->name);
828 ifsta->state = IEEE80211_DISABLED;
829 return;
830 }
831
832 ieee80211_send_assoc(dev, ifsta);
833
834 mod_timer(&ifsta->timer, jiffies + IEEE80211_ASSOC_TIMEOUT);
835 }
836
837
838 static void ieee80211_associated(struct net_device *dev,
839 struct ieee80211_if_sta *ifsta)
840 {
841 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
842 struct sta_info *sta;
843 int disassoc;
844 DECLARE_MAC_BUF(mac);
845
846 /* TODO: start monitoring current AP signal quality and number of
847 * missed beacons. Scan other channels every now and then and search
848 * for better APs. */
849 /* TODO: remove expired BSSes */
850
851 ifsta->state = IEEE80211_ASSOCIATED;
852
853 sta = sta_info_get(local, ifsta->bssid);
854 if (!sta) {
855 printk(KERN_DEBUG "%s: No STA entry for own AP %s\n",
856 dev->name, print_mac(mac, ifsta->bssid));
857 disassoc = 1;
858 } else {
859 disassoc = 0;
860 if (time_after(jiffies,
861 sta->last_rx + IEEE80211_MONITORING_INTERVAL)) {
862 if (ifsta->flags & IEEE80211_STA_PROBEREQ_POLL) {
863 printk(KERN_DEBUG "%s: No ProbeResp from "
864 "current AP %s - assume out of "
865 "range\n",
866 dev->name, print_mac(mac, ifsta->bssid));
867 disassoc = 1;
868 sta_info_free(sta);
869 } else
870 ieee80211_send_probe_req(dev, ifsta->bssid,
871 local->scan_ssid,
872 local->scan_ssid_len);
873 ifsta->flags ^= IEEE80211_STA_PROBEREQ_POLL;
874 } else {
875 ifsta->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
876 if (time_after(jiffies, ifsta->last_probe +
877 IEEE80211_PROBE_INTERVAL)) {
878 ifsta->last_probe = jiffies;
879 ieee80211_send_probe_req(dev, ifsta->bssid,
880 ifsta->ssid,
881 ifsta->ssid_len);
882 }
883 }
884 sta_info_put(sta);
885 }
886 if (disassoc) {
887 ifsta->state = IEEE80211_DISABLED;
888 ieee80211_set_associated(dev, ifsta, 0);
889 } else {
890 mod_timer(&ifsta->timer, jiffies +
891 IEEE80211_MONITORING_INTERVAL);
892 }
893 }
894
895
896 static void ieee80211_send_probe_req(struct net_device *dev, u8 *dst,
897 u8 *ssid, size_t ssid_len)
898 {
899 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
900 struct ieee80211_hw_mode *mode;
901 struct sk_buff *skb;
902 struct ieee80211_mgmt *mgmt;
903 u8 *pos, *supp_rates, *esupp_rates = NULL;
904 int i;
905
906 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) + 200);
907 if (!skb) {
908 printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
909 "request\n", dev->name);
910 return;
911 }
912 skb_reserve(skb, local->hw.extra_tx_headroom);
913
914 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
915 memset(mgmt, 0, 24);
916 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
917 IEEE80211_STYPE_PROBE_REQ);
918 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
919 if (dst) {
920 memcpy(mgmt->da, dst, ETH_ALEN);
921 memcpy(mgmt->bssid, dst, ETH_ALEN);
922 } else {
923 memset(mgmt->da, 0xff, ETH_ALEN);
924 memset(mgmt->bssid, 0xff, ETH_ALEN);
925 }
926 pos = skb_put(skb, 2 + ssid_len);
927 *pos++ = WLAN_EID_SSID;
928 *pos++ = ssid_len;
929 memcpy(pos, ssid, ssid_len);
930
931 supp_rates = skb_put(skb, 2);
932 supp_rates[0] = WLAN_EID_SUPP_RATES;
933 supp_rates[1] = 0;
934 mode = local->oper_hw_mode;
935 for (i = 0; i < mode->num_rates; i++) {
936 struct ieee80211_rate *rate = &mode->rates[i];
937 if (!(rate->flags & IEEE80211_RATE_SUPPORTED))
938 continue;
939 if (esupp_rates) {
940 pos = skb_put(skb, 1);
941 esupp_rates[1]++;
942 } else if (supp_rates[1] == 8) {
943 esupp_rates = skb_put(skb, 3);
944 esupp_rates[0] = WLAN_EID_EXT_SUPP_RATES;
945 esupp_rates[1] = 1;
946 pos = &esupp_rates[2];
947 } else {
948 pos = skb_put(skb, 1);
949 supp_rates[1]++;
950 }
951 *pos = rate->rate / 5;
952 }
953
954 ieee80211_sta_tx(dev, skb, 0);
955 }
956
957
958 static int ieee80211_sta_wep_configured(struct net_device *dev)
959 {
960 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
961 if (!sdata || !sdata->default_key ||
962 sdata->default_key->conf.alg != ALG_WEP)
963 return 0;
964 return 1;
965 }
966
967
968 static void ieee80211_auth_completed(struct net_device *dev,
969 struct ieee80211_if_sta *ifsta)
970 {
971 printk(KERN_DEBUG "%s: authenticated\n", dev->name);
972 ifsta->flags |= IEEE80211_STA_AUTHENTICATED;
973 ieee80211_associate(dev, ifsta);
974 }
975
976
977 static void ieee80211_auth_challenge(struct net_device *dev,
978 struct ieee80211_if_sta *ifsta,
979 struct ieee80211_mgmt *mgmt,
980 size_t len)
981 {
982 u8 *pos;
983 struct ieee802_11_elems elems;
984
985 printk(KERN_DEBUG "%s: replying to auth challenge\n", dev->name);
986 pos = mgmt->u.auth.variable;
987 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
988 if (!elems.challenge) {
989 printk(KERN_DEBUG "%s: no challenge IE in shared key auth "
990 "frame\n", dev->name);
991 return;
992 }
993 ieee80211_send_auth(dev, ifsta, 3, elems.challenge - 2,
994 elems.challenge_len + 2, 1);
995 }
996
997 static void ieee80211_send_addba_resp(struct net_device *dev, u8 *da, u16 tid,
998 u8 dialog_token, u16 status, u16 policy,
999 u16 buf_size, u16 timeout)
1000 {
1001 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1002 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
1003 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1004 struct sk_buff *skb;
1005 struct ieee80211_mgmt *mgmt;
1006 u16 capab;
1007
1008 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom + 1 +
1009 sizeof(mgmt->u.action.u.addba_resp));
1010 if (!skb) {
1011 printk(KERN_DEBUG "%s: failed to allocate buffer "
1012 "for addba resp frame\n", dev->name);
1013 return;
1014 }
1015
1016 skb_reserve(skb, local->hw.extra_tx_headroom);
1017 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
1018 memset(mgmt, 0, 24);
1019 memcpy(mgmt->da, da, ETH_ALEN);
1020 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
1021 if (sdata->vif.type == IEEE80211_IF_TYPE_AP)
1022 memcpy(mgmt->bssid, dev->dev_addr, ETH_ALEN);
1023 else
1024 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1025 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
1026 IEEE80211_STYPE_ACTION);
1027
1028 skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_resp));
1029 mgmt->u.action.category = WLAN_CATEGORY_BACK;
1030 mgmt->u.action.u.addba_resp.action_code = WLAN_ACTION_ADDBA_RESP;
1031 mgmt->u.action.u.addba_resp.dialog_token = dialog_token;
1032
1033 capab = (u16)(policy << 1); /* bit 1 aggregation policy */
1034 capab |= (u16)(tid << 2); /* bit 5:2 TID number */
1035 capab |= (u16)(buf_size << 6); /* bit 15:6 max size of aggregation */
1036
1037 mgmt->u.action.u.addba_resp.capab = cpu_to_le16(capab);
1038 mgmt->u.action.u.addba_resp.timeout = cpu_to_le16(timeout);
1039 mgmt->u.action.u.addba_resp.status = cpu_to_le16(status);
1040
1041 ieee80211_sta_tx(dev, skb, 0);
1042
1043 return;
1044 }
1045
1046 static void ieee80211_sta_process_addba_request(struct net_device *dev,
1047 struct ieee80211_mgmt *mgmt,
1048 size_t len)
1049 {
1050 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1051 struct ieee80211_hw *hw = &local->hw;
1052 struct ieee80211_conf *conf = &hw->conf;
1053 struct sta_info *sta;
1054 struct tid_ampdu_rx *tid_agg_rx;
1055 u16 capab, tid, timeout, ba_policy, buf_size, start_seq_num, status;
1056 u8 dialog_token;
1057 int ret = -EOPNOTSUPP;
1058 DECLARE_MAC_BUF(mac);
1059
1060 sta = sta_info_get(local, mgmt->sa);
1061 if (!sta)
1062 return;
1063
1064 /* extract session parameters from addba request frame */
1065 dialog_token = mgmt->u.action.u.addba_req.dialog_token;
1066 timeout = le16_to_cpu(mgmt->u.action.u.addba_req.timeout);
1067 start_seq_num =
1068 le16_to_cpu(mgmt->u.action.u.addba_req.start_seq_num) >> 4;
1069
1070 capab = le16_to_cpu(mgmt->u.action.u.addba_req.capab);
1071 ba_policy = (capab & IEEE80211_ADDBA_PARAM_POLICY_MASK) >> 1;
1072 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
1073 buf_size = (capab & IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK) >> 6;
1074
1075 status = WLAN_STATUS_REQUEST_DECLINED;
1076
1077 /* sanity check for incoming parameters:
1078 * check if configuration can support the BA policy
1079 * and if buffer size does not exceeds max value */
1080 if (((ba_policy != 1)
1081 && (!(conf->ht_conf.cap & IEEE80211_HT_CAP_DELAY_BA)))
1082 || (buf_size > IEEE80211_MAX_AMPDU_BUF)) {
1083 status = WLAN_STATUS_INVALID_QOS_PARAM;
1084 #ifdef CONFIG_MAC80211_HT_DEBUG
1085 if (net_ratelimit())
1086 printk(KERN_DEBUG "Block Ack Req with bad params from "
1087 "%s on tid %u. policy %d, buffer size %d\n",
1088 print_mac(mac, mgmt->sa), tid, ba_policy,
1089 buf_size);
1090 #endif /* CONFIG_MAC80211_HT_DEBUG */
1091 goto end_no_lock;
1092 }
1093 /* determine default buffer size */
1094 if (buf_size == 0) {
1095 struct ieee80211_hw_mode *mode = conf->mode;
1096 buf_size = IEEE80211_MIN_AMPDU_BUF;
1097 buf_size = buf_size << mode->ht_info.ampdu_factor;
1098 }
1099
1100 tid_agg_rx = &sta->ampdu_mlme.tid_rx[tid];
1101
1102 /* examine state machine */
1103 spin_lock_bh(&sta->ampdu_mlme.ampdu_rx);
1104
1105 if (tid_agg_rx->state != HT_AGG_STATE_IDLE) {
1106 #ifdef CONFIG_MAC80211_HT_DEBUG
1107 if (net_ratelimit())
1108 printk(KERN_DEBUG "unexpected Block Ack Req from "
1109 "%s on tid %u\n",
1110 print_mac(mac, mgmt->sa), tid);
1111 #endif /* CONFIG_MAC80211_HT_DEBUG */
1112 goto end;
1113 }
1114
1115 /* prepare reordering buffer */
1116 tid_agg_rx->reorder_buf =
1117 kmalloc(buf_size * sizeof(struct sk_buf *), GFP_ATOMIC);
1118 if (!tid_agg_rx->reorder_buf) {
1119 if (net_ratelimit())
1120 printk(KERN_ERR "can not allocate reordering buffer "
1121 "to tid %d\n", tid);
1122 goto end;
1123 }
1124 memset(tid_agg_rx->reorder_buf, 0,
1125 buf_size * sizeof(struct sk_buf *));
1126
1127 if (local->ops->ampdu_action)
1128 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_START,
1129 sta->addr, tid, start_seq_num);
1130 #ifdef CONFIG_MAC80211_HT_DEBUG
1131 printk(KERN_DEBUG "Rx A-MPDU on tid %d result %d", tid, ret);
1132 #endif /* CONFIG_MAC80211_HT_DEBUG */
1133
1134 if (ret) {
1135 kfree(tid_agg_rx->reorder_buf);
1136 goto end;
1137 }
1138
1139 /* change state and send addba resp */
1140 tid_agg_rx->state = HT_AGG_STATE_OPERATIONAL;
1141 tid_agg_rx->dialog_token = dialog_token;
1142 tid_agg_rx->ssn = start_seq_num;
1143 tid_agg_rx->head_seq_num = start_seq_num;
1144 tid_agg_rx->buf_size = buf_size;
1145 tid_agg_rx->timeout = timeout;
1146 tid_agg_rx->stored_mpdu_num = 0;
1147 status = WLAN_STATUS_SUCCESS;
1148 end:
1149 spin_unlock_bh(&sta->ampdu_mlme.ampdu_rx);
1150
1151 end_no_lock:
1152 ieee80211_send_addba_resp(sta->dev, sta->addr, tid, dialog_token,
1153 status, 1, buf_size, timeout);
1154 sta_info_put(sta);
1155 }
1156
1157 static void ieee80211_send_delba(struct net_device *dev, const u8 *da, u16 tid,
1158 u16 initiator, u16 reason_code)
1159 {
1160 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1161 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1162 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
1163 struct sk_buff *skb;
1164 struct ieee80211_mgmt *mgmt;
1165 u16 params;
1166
1167 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom + 1 +
1168 sizeof(mgmt->u.action.u.delba));
1169
1170 if (!skb) {
1171 printk(KERN_ERR "%s: failed to allocate buffer "
1172 "for delba frame\n", dev->name);
1173 return;
1174 }
1175
1176 skb_reserve(skb, local->hw.extra_tx_headroom);
1177 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
1178 memset(mgmt, 0, 24);
1179 memcpy(mgmt->da, da, ETH_ALEN);
1180 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
1181 if (sdata->vif.type == IEEE80211_IF_TYPE_AP)
1182 memcpy(mgmt->bssid, dev->dev_addr, ETH_ALEN);
1183 else
1184 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1185 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
1186 IEEE80211_STYPE_ACTION);
1187
1188 skb_put(skb, 1 + sizeof(mgmt->u.action.u.delba));
1189
1190 mgmt->u.action.category = WLAN_CATEGORY_BACK;
1191 mgmt->u.action.u.delba.action_code = WLAN_ACTION_DELBA;
1192 params = (u16)(initiator << 11); /* bit 11 initiator */
1193 params |= (u16)(tid << 12); /* bit 15:12 TID number */
1194
1195 mgmt->u.action.u.delba.params = cpu_to_le16(params);
1196 mgmt->u.action.u.delba.reason_code = cpu_to_le16(reason_code);
1197
1198 ieee80211_sta_tx(dev, skb, 0);
1199 }
1200
1201 void ieee80211_sta_stop_rx_ba_session(struct net_device *dev, u8 *ra, u16 tid,
1202 u16 initiator, u16 reason)
1203 {
1204 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1205 struct ieee80211_hw *hw = &local->hw;
1206 struct sta_info *sta;
1207 int ret, i;
1208
1209 sta = sta_info_get(local, ra);
1210 if (!sta)
1211 return;
1212
1213 /* check if TID is in operational state */
1214 spin_lock_bh(&sta->ampdu_mlme.ampdu_rx);
1215 if (sta->ampdu_mlme.tid_rx[tid].state
1216 != HT_AGG_STATE_OPERATIONAL) {
1217 spin_unlock_bh(&sta->ampdu_mlme.ampdu_rx);
1218 sta_info_put(sta);
1219 return;
1220 }
1221 sta->ampdu_mlme.tid_rx[tid].state =
1222 HT_AGG_STATE_REQ_STOP_BA_MSK |
1223 (initiator << HT_AGG_STATE_INITIATOR_SHIFT);
1224 spin_unlock_bh(&sta->ampdu_mlme.ampdu_rx);
1225
1226 /* stop HW Rx aggregation. ampdu_action existence
1227 * already verified in session init so we add the BUG_ON */
1228 BUG_ON(!local->ops->ampdu_action);
1229
1230 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_STOP,
1231 ra, tid, EINVAL);
1232 if (ret)
1233 printk(KERN_DEBUG "HW problem - can not stop rx "
1234 "aggergation for tid %d\n", tid);
1235
1236 /* shutdown timer has not expired */
1237 if (initiator != WLAN_BACK_TIMER)
1238 del_timer_sync(&sta->ampdu_mlme.tid_rx[tid].
1239 session_timer);
1240
1241 /* check if this is a self generated aggregation halt */
1242 if (initiator == WLAN_BACK_RECIPIENT || initiator == WLAN_BACK_TIMER)
1243 ieee80211_send_delba(dev, ra, tid, 0, reason);
1244
1245 /* free the reordering buffer */
1246 for (i = 0; i < sta->ampdu_mlme.tid_rx[tid].buf_size; i++) {
1247 if (sta->ampdu_mlme.tid_rx[tid].reorder_buf[i]) {
1248 /* release the reordered frames */
1249 dev_kfree_skb(sta->ampdu_mlme.tid_rx[tid].reorder_buf[i]);
1250 sta->ampdu_mlme.tid_rx[tid].stored_mpdu_num--;
1251 sta->ampdu_mlme.tid_rx[tid].reorder_buf[i] = NULL;
1252 }
1253 }
1254 kfree(sta->ampdu_mlme.tid_rx[tid].reorder_buf);
1255
1256 sta->ampdu_mlme.tid_rx[tid].state = HT_AGG_STATE_IDLE;
1257 sta_info_put(sta);
1258 }
1259
1260 static void ieee80211_sta_process_delba(struct net_device *dev,
1261 struct ieee80211_mgmt *mgmt, size_t len)
1262 {
1263 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1264 struct sta_info *sta;
1265 u16 tid, params;
1266 u16 initiator;
1267 DECLARE_MAC_BUF(mac);
1268
1269 sta = sta_info_get(local, mgmt->sa);
1270 if (!sta)
1271 return;
1272
1273 params = le16_to_cpu(mgmt->u.action.u.delba.params);
1274 tid = (params & IEEE80211_DELBA_PARAM_TID_MASK) >> 12;
1275 initiator = (params & IEEE80211_DELBA_PARAM_INITIATOR_MASK) >> 11;
1276
1277 #ifdef CONFIG_MAC80211_HT_DEBUG
1278 if (net_ratelimit())
1279 printk(KERN_DEBUG "delba from %s on tid %d reason code %d\n",
1280 print_mac(mac, mgmt->sa), tid,
1281 mgmt->u.action.u.delba.reason_code);
1282 #endif /* CONFIG_MAC80211_HT_DEBUG */
1283
1284 if (initiator == WLAN_BACK_INITIATOR)
1285 ieee80211_sta_stop_rx_ba_session(dev, sta->addr, tid,
1286 WLAN_BACK_INITIATOR, 0);
1287 sta_info_put(sta);
1288 }
1289
1290 /*
1291 * After receiving Block Ack Request (BAR) we activated a
1292 * timer after each frame arrives from the originator.
1293 * if this timer expires ieee80211_sta_stop_rx_ba_session will be executed.
1294 */
1295 void sta_rx_agg_session_timer_expired(unsigned long data)
1296 {
1297 /* not an elegant detour, but there is no choice as the timer passes
1298 * only one argument, and verious sta_info are needed here, so init
1299 * flow in sta_info_add gives the TID as data, while the timer_to_id
1300 * array gives the sta through container_of */
1301 u8 *ptid = (u8 *)data;
1302 u8 *timer_to_id = ptid - *ptid;
1303 struct sta_info *sta = container_of(timer_to_id, struct sta_info,
1304 timer_to_tid[0]);
1305
1306 printk(KERN_DEBUG "rx session timer expired on tid %d\n", (u16)*ptid);
1307 ieee80211_sta_stop_rx_ba_session(sta->dev, sta->addr, (u16)*ptid,
1308 WLAN_BACK_TIMER,
1309 WLAN_REASON_QSTA_TIMEOUT);
1310 }
1311
1312
1313 static void ieee80211_rx_mgmt_auth(struct net_device *dev,
1314 struct ieee80211_if_sta *ifsta,
1315 struct ieee80211_mgmt *mgmt,
1316 size_t len)
1317 {
1318 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1319 u16 auth_alg, auth_transaction, status_code;
1320 DECLARE_MAC_BUF(mac);
1321
1322 if (ifsta->state != IEEE80211_AUTHENTICATE &&
1323 sdata->vif.type != IEEE80211_IF_TYPE_IBSS) {
1324 printk(KERN_DEBUG "%s: authentication frame received from "
1325 "%s, but not in authenticate state - ignored\n",
1326 dev->name, print_mac(mac, mgmt->sa));
1327 return;
1328 }
1329
1330 if (len < 24 + 6) {
1331 printk(KERN_DEBUG "%s: too short (%zd) authentication frame "
1332 "received from %s - ignored\n",
1333 dev->name, len, print_mac(mac, mgmt->sa));
1334 return;
1335 }
1336
1337 if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
1338 memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1339 printk(KERN_DEBUG "%s: authentication frame received from "
1340 "unknown AP (SA=%s BSSID=%s) - "
1341 "ignored\n", dev->name, print_mac(mac, mgmt->sa),
1342 print_mac(mac, mgmt->bssid));
1343 return;
1344 }
1345
1346 if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
1347 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0) {
1348 printk(KERN_DEBUG "%s: authentication frame received from "
1349 "unknown BSSID (SA=%s BSSID=%s) - "
1350 "ignored\n", dev->name, print_mac(mac, mgmt->sa),
1351 print_mac(mac, mgmt->bssid));
1352 return;
1353 }
1354
1355 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
1356 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
1357 status_code = le16_to_cpu(mgmt->u.auth.status_code);
1358
1359 printk(KERN_DEBUG "%s: RX authentication from %s (alg=%d "
1360 "transaction=%d status=%d)\n",
1361 dev->name, print_mac(mac, mgmt->sa), auth_alg,
1362 auth_transaction, status_code);
1363
1364 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS) {
1365 /* IEEE 802.11 standard does not require authentication in IBSS
1366 * networks and most implementations do not seem to use it.
1367 * However, try to reply to authentication attempts if someone
1368 * has actually implemented this.
1369 * TODO: Could implement shared key authentication. */
1370 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1) {
1371 printk(KERN_DEBUG "%s: unexpected IBSS authentication "
1372 "frame (alg=%d transaction=%d)\n",
1373 dev->name, auth_alg, auth_transaction);
1374 return;
1375 }
1376 ieee80211_send_auth(dev, ifsta, 2, NULL, 0, 0);
1377 }
1378
1379 if (auth_alg != ifsta->auth_alg ||
1380 auth_transaction != ifsta->auth_transaction) {
1381 printk(KERN_DEBUG "%s: unexpected authentication frame "
1382 "(alg=%d transaction=%d)\n",
1383 dev->name, auth_alg, auth_transaction);
1384 return;
1385 }
1386
1387 if (status_code != WLAN_STATUS_SUCCESS) {
1388 printk(KERN_DEBUG "%s: AP denied authentication (auth_alg=%d "
1389 "code=%d)\n", dev->name, ifsta->auth_alg, status_code);
1390 if (status_code == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) {
1391 u8 algs[3];
1392 const int num_algs = ARRAY_SIZE(algs);
1393 int i, pos;
1394 algs[0] = algs[1] = algs[2] = 0xff;
1395 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN)
1396 algs[0] = WLAN_AUTH_OPEN;
1397 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
1398 algs[1] = WLAN_AUTH_SHARED_KEY;
1399 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP)
1400 algs[2] = WLAN_AUTH_LEAP;
1401 if (ifsta->auth_alg == WLAN_AUTH_OPEN)
1402 pos = 0;
1403 else if (ifsta->auth_alg == WLAN_AUTH_SHARED_KEY)
1404 pos = 1;
1405 else
1406 pos = 2;
1407 for (i = 0; i < num_algs; i++) {
1408 pos++;
1409 if (pos >= num_algs)
1410 pos = 0;
1411 if (algs[pos] == ifsta->auth_alg ||
1412 algs[pos] == 0xff)
1413 continue;
1414 if (algs[pos] == WLAN_AUTH_SHARED_KEY &&
1415 !ieee80211_sta_wep_configured(dev))
1416 continue;
1417 ifsta->auth_alg = algs[pos];
1418 printk(KERN_DEBUG "%s: set auth_alg=%d for "
1419 "next try\n",
1420 dev->name, ifsta->auth_alg);
1421 break;
1422 }
1423 }
1424 return;
1425 }
1426
1427 switch (ifsta->auth_alg) {
1428 case WLAN_AUTH_OPEN:
1429 case WLAN_AUTH_LEAP:
1430 ieee80211_auth_completed(dev, ifsta);
1431 break;
1432 case WLAN_AUTH_SHARED_KEY:
1433 if (ifsta->auth_transaction == 4)
1434 ieee80211_auth_completed(dev, ifsta);
1435 else
1436 ieee80211_auth_challenge(dev, ifsta, mgmt, len);
1437 break;
1438 }
1439 }
1440
1441
1442 static void ieee80211_rx_mgmt_deauth(struct net_device *dev,
1443 struct ieee80211_if_sta *ifsta,
1444 struct ieee80211_mgmt *mgmt,
1445 size_t len)
1446 {
1447 u16 reason_code;
1448 DECLARE_MAC_BUF(mac);
1449
1450 if (len < 24 + 2) {
1451 printk(KERN_DEBUG "%s: too short (%zd) deauthentication frame "
1452 "received from %s - ignored\n",
1453 dev->name, len, print_mac(mac, mgmt->sa));
1454 return;
1455 }
1456
1457 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1458 printk(KERN_DEBUG "%s: deauthentication frame received from "
1459 "unknown AP (SA=%s BSSID=%s) - "
1460 "ignored\n", dev->name, print_mac(mac, mgmt->sa),
1461 print_mac(mac, mgmt->bssid));
1462 return;
1463 }
1464
1465 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code);
1466
1467 printk(KERN_DEBUG "%s: RX deauthentication from %s"
1468 " (reason=%d)\n",
1469 dev->name, print_mac(mac, mgmt->sa), reason_code);
1470
1471 if (ifsta->flags & IEEE80211_STA_AUTHENTICATED) {
1472 printk(KERN_DEBUG "%s: deauthenticated\n", dev->name);
1473 }
1474
1475 if (ifsta->state == IEEE80211_AUTHENTICATE ||
1476 ifsta->state == IEEE80211_ASSOCIATE ||
1477 ifsta->state == IEEE80211_ASSOCIATED) {
1478 ifsta->state = IEEE80211_AUTHENTICATE;
1479 mod_timer(&ifsta->timer, jiffies +
1480 IEEE80211_RETRY_AUTH_INTERVAL);
1481 }
1482
1483 ieee80211_set_disassoc(dev, ifsta, 1);
1484 ifsta->flags &= ~IEEE80211_STA_AUTHENTICATED;
1485 }
1486
1487
1488 static void ieee80211_rx_mgmt_disassoc(struct net_device *dev,
1489 struct ieee80211_if_sta *ifsta,
1490 struct ieee80211_mgmt *mgmt,
1491 size_t len)
1492 {
1493 u16 reason_code;
1494 DECLARE_MAC_BUF(mac);
1495
1496 if (len < 24 + 2) {
1497 printk(KERN_DEBUG "%s: too short (%zd) disassociation frame "
1498 "received from %s - ignored\n",
1499 dev->name, len, print_mac(mac, mgmt->sa));
1500 return;
1501 }
1502
1503 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1504 printk(KERN_DEBUG "%s: disassociation frame received from "
1505 "unknown AP (SA=%s BSSID=%s) - "
1506 "ignored\n", dev->name, print_mac(mac, mgmt->sa),
1507 print_mac(mac, mgmt->bssid));
1508 return;
1509 }
1510
1511 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
1512
1513 printk(KERN_DEBUG "%s: RX disassociation from %s"
1514 " (reason=%d)\n",
1515 dev->name, print_mac(mac, mgmt->sa), reason_code);
1516
1517 if (ifsta->flags & IEEE80211_STA_ASSOCIATED)
1518 printk(KERN_DEBUG "%s: disassociated\n", dev->name);
1519
1520 if (ifsta->state == IEEE80211_ASSOCIATED) {
1521 ifsta->state = IEEE80211_ASSOCIATE;
1522 mod_timer(&ifsta->timer, jiffies +
1523 IEEE80211_RETRY_AUTH_INTERVAL);
1524 }
1525
1526 ieee80211_set_disassoc(dev, ifsta, 0);
1527 }
1528
1529
1530 static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1531 struct ieee80211_if_sta *ifsta,
1532 struct ieee80211_mgmt *mgmt,
1533 size_t len,
1534 int reassoc)
1535 {
1536 struct ieee80211_local *local = sdata->local;
1537 struct net_device *dev = sdata->dev;
1538 struct ieee80211_hw_mode *mode;
1539 struct sta_info *sta;
1540 u32 rates;
1541 u16 capab_info, status_code, aid;
1542 struct ieee802_11_elems elems;
1543 struct ieee80211_bss_conf *bss_conf = &sdata->bss_conf;
1544 u8 *pos;
1545 int i, j;
1546 DECLARE_MAC_BUF(mac);
1547
1548 /* AssocResp and ReassocResp have identical structure, so process both
1549 * of them in this function. */
1550
1551 if (ifsta->state != IEEE80211_ASSOCIATE) {
1552 printk(KERN_DEBUG "%s: association frame received from "
1553 "%s, but not in associate state - ignored\n",
1554 dev->name, print_mac(mac, mgmt->sa));
1555 return;
1556 }
1557
1558 if (len < 24 + 6) {
1559 printk(KERN_DEBUG "%s: too short (%zd) association frame "
1560 "received from %s - ignored\n",
1561 dev->name, len, print_mac(mac, mgmt->sa));
1562 return;
1563 }
1564
1565 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1566 printk(KERN_DEBUG "%s: association frame received from "
1567 "unknown AP (SA=%s BSSID=%s) - "
1568 "ignored\n", dev->name, print_mac(mac, mgmt->sa),
1569 print_mac(mac, mgmt->bssid));
1570 return;
1571 }
1572
1573 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
1574 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code);
1575 aid = le16_to_cpu(mgmt->u.assoc_resp.aid);
1576
1577 printk(KERN_DEBUG "%s: RX %sssocResp from %s (capab=0x%x "
1578 "status=%d aid=%d)\n",
1579 dev->name, reassoc ? "Rea" : "A", print_mac(mac, mgmt->sa),
1580 capab_info, status_code, (u16)(aid & ~(BIT(15) | BIT(14))));
1581
1582 if (status_code != WLAN_STATUS_SUCCESS) {
1583 printk(KERN_DEBUG "%s: AP denied association (code=%d)\n",
1584 dev->name, status_code);
1585 /* if this was a reassociation, ensure we try a "full"
1586 * association next time. This works around some broken APs
1587 * which do not correctly reject reassociation requests. */
1588 ifsta->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
1589 return;
1590 }
1591
1592 if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14)))
1593 printk(KERN_DEBUG "%s: invalid aid value %d; bits 15:14 not "
1594 "set\n", dev->name, aid);
1595 aid &= ~(BIT(15) | BIT(14));
1596
1597 pos = mgmt->u.assoc_resp.variable;
1598 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
1599
1600 if (!elems.supp_rates) {
1601 printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n",
1602 dev->name);
1603 return;
1604 }
1605
1606 printk(KERN_DEBUG "%s: associated\n", dev->name);
1607 ifsta->aid = aid;
1608 ifsta->ap_capab = capab_info;
1609
1610 kfree(ifsta->assocresp_ies);
1611 ifsta->assocresp_ies_len = len - (pos - (u8 *) mgmt);
1612 ifsta->assocresp_ies = kmalloc(ifsta->assocresp_ies_len, GFP_KERNEL);
1613 if (ifsta->assocresp_ies)
1614 memcpy(ifsta->assocresp_ies, pos, ifsta->assocresp_ies_len);
1615
1616 /* set AID, ieee80211_set_associated() will tell the driver */
1617 bss_conf->aid = aid;
1618 ieee80211_set_associated(dev, ifsta, 1);
1619
1620 /* Add STA entry for the AP */
1621 sta = sta_info_get(local, ifsta->bssid);
1622 if (!sta) {
1623 struct ieee80211_sta_bss *bss;
1624 sta = sta_info_add(local, dev, ifsta->bssid, GFP_KERNEL);
1625 if (!sta) {
1626 printk(KERN_DEBUG "%s: failed to add STA entry for the"
1627 " AP\n", dev->name);
1628 return;
1629 }
1630 bss = ieee80211_rx_bss_get(dev, ifsta->bssid,
1631 local->hw.conf.channel,
1632 ifsta->ssid, ifsta->ssid_len);
1633 if (bss) {
1634 sta->last_rssi = bss->rssi;
1635 sta->last_signal = bss->signal;
1636 sta->last_noise = bss->noise;
1637 ieee80211_rx_bss_put(dev, bss);
1638 }
1639 }
1640
1641 sta->dev = dev;
1642 sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_AP;
1643
1644 rates = 0;
1645 mode = local->oper_hw_mode;
1646 for (i = 0; i < elems.supp_rates_len; i++) {
1647 int rate = (elems.supp_rates[i] & 0x7f) * 5;
1648 for (j = 0; j < mode->num_rates; j++)
1649 if (mode->rates[j].rate == rate)
1650 rates |= BIT(j);
1651 }
1652 for (i = 0; i < elems.ext_supp_rates_len; i++) {
1653 int rate = (elems.ext_supp_rates[i] & 0x7f) * 5;
1654 for (j = 0; j < mode->num_rates; j++)
1655 if (mode->rates[j].rate == rate)
1656 rates |= BIT(j);
1657 }
1658 sta->supp_rates = rates;
1659
1660 if (elems.ht_cap_elem && elems.ht_info_elem && elems.wmm_param &&
1661 local->ops->conf_ht) {
1662 struct ieee80211_ht_bss_info bss_info;
1663
1664 ieee80211_ht_cap_ie_to_ht_info(
1665 (struct ieee80211_ht_cap *)
1666 elems.ht_cap_elem, &sta->ht_info);
1667 ieee80211_ht_addt_info_ie_to_ht_bss_info(
1668 (struct ieee80211_ht_addt_info *)
1669 elems.ht_info_elem, &bss_info);
1670 ieee80211_hw_config_ht(local, 1, &sta->ht_info, &bss_info);
1671 }
1672
1673 rate_control_rate_init(sta, local);
1674
1675 if (elems.wmm_param && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
1676 sta->flags |= WLAN_STA_WME;
1677 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param,
1678 elems.wmm_param_len);
1679 }
1680
1681
1682 sta_info_put(sta);
1683
1684 ieee80211_associated(dev, ifsta);
1685 }
1686
1687
1688 /* Caller must hold local->sta_bss_lock */
1689 static void __ieee80211_rx_bss_hash_add(struct net_device *dev,
1690 struct ieee80211_sta_bss *bss)
1691 {
1692 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1693 bss->hnext = local->sta_bss_hash[STA_HASH(bss->bssid)];
1694 local->sta_bss_hash[STA_HASH(bss->bssid)] = bss;
1695 }
1696
1697
1698 /* Caller must hold local->sta_bss_lock */
1699 static void __ieee80211_rx_bss_hash_del(struct net_device *dev,
1700 struct ieee80211_sta_bss *bss)
1701 {
1702 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1703 struct ieee80211_sta_bss *b, *prev = NULL;
1704 b = local->sta_bss_hash[STA_HASH(bss->bssid)];
1705 while (b) {
1706 if (b == bss) {
1707 if (!prev)
1708 local->sta_bss_hash[STA_HASH(bss->bssid)] =
1709 bss->hnext;
1710 else
1711 prev->hnext = bss->hnext;
1712 break;
1713 }
1714 prev = b;
1715 b = b->hnext;
1716 }
1717 }
1718
1719
1720 static struct ieee80211_sta_bss *
1721 ieee80211_rx_bss_add(struct net_device *dev, u8 *bssid, int channel,
1722 u8 *ssid, u8 ssid_len)
1723 {
1724 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1725 struct ieee80211_sta_bss *bss;
1726
1727 bss = kzalloc(sizeof(*bss), GFP_ATOMIC);
1728 if (!bss)
1729 return NULL;
1730 atomic_inc(&bss->users);
1731 atomic_inc(&bss->users);
1732 memcpy(bss->bssid, bssid, ETH_ALEN);
1733 bss->channel = channel;
1734 if (ssid && ssid_len <= IEEE80211_MAX_SSID_LEN) {
1735 memcpy(bss->ssid, ssid, ssid_len);
1736 bss->ssid_len = ssid_len;
1737 }
1738
1739 spin_lock_bh(&local->sta_bss_lock);
1740 /* TODO: order by RSSI? */
1741 list_add_tail(&bss->list, &local->sta_bss_list);
1742 __ieee80211_rx_bss_hash_add(dev, bss);
1743 spin_unlock_bh(&local->sta_bss_lock);
1744 return bss;
1745 }
1746
1747
1748 static struct ieee80211_sta_bss *
1749 ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid, int channel,
1750 u8 *ssid, u8 ssid_len)
1751 {
1752 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1753 struct ieee80211_sta_bss *bss;
1754
1755 spin_lock_bh(&local->sta_bss_lock);
1756 bss = local->sta_bss_hash[STA_HASH(bssid)];
1757 while (bss) {
1758 if (!memcmp(bss->bssid, bssid, ETH_ALEN) &&
1759 bss->channel == channel &&
1760 bss->ssid_len == ssid_len &&
1761 (ssid_len == 0 || !memcmp(bss->ssid, ssid, ssid_len))) {
1762 atomic_inc(&bss->users);
1763 break;
1764 }
1765 bss = bss->hnext;
1766 }
1767 spin_unlock_bh(&local->sta_bss_lock);
1768 return bss;
1769 }
1770
1771
1772 static void ieee80211_rx_bss_free(struct ieee80211_sta_bss *bss)
1773 {
1774 kfree(bss->wpa_ie);
1775 kfree(bss->rsn_ie);
1776 kfree(bss->wmm_ie);
1777 kfree(bss->ht_ie);
1778 kfree(bss);
1779 }
1780
1781
1782 static void ieee80211_rx_bss_put(struct net_device *dev,
1783 struct ieee80211_sta_bss *bss)
1784 {
1785 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1786 if (!atomic_dec_and_test(&bss->users))
1787 return;
1788
1789 spin_lock_bh(&local->sta_bss_lock);
1790 __ieee80211_rx_bss_hash_del(dev, bss);
1791 list_del(&bss->list);
1792 spin_unlock_bh(&local->sta_bss_lock);
1793 ieee80211_rx_bss_free(bss);
1794 }
1795
1796
1797 void ieee80211_rx_bss_list_init(struct net_device *dev)
1798 {
1799 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1800 spin_lock_init(&local->sta_bss_lock);
1801 INIT_LIST_HEAD(&local->sta_bss_list);
1802 }
1803
1804
1805 void ieee80211_rx_bss_list_deinit(struct net_device *dev)
1806 {
1807 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1808 struct ieee80211_sta_bss *bss, *tmp;
1809
1810 list_for_each_entry_safe(bss, tmp, &local->sta_bss_list, list)
1811 ieee80211_rx_bss_put(dev, bss);
1812 }
1813
1814
1815 static void ieee80211_rx_bss_info(struct net_device *dev,
1816 struct ieee80211_mgmt *mgmt,
1817 size_t len,
1818 struct ieee80211_rx_status *rx_status,
1819 int beacon)
1820 {
1821 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1822 struct ieee802_11_elems elems;
1823 size_t baselen;
1824 int channel, clen;
1825 struct ieee80211_sta_bss *bss;
1826 struct sta_info *sta;
1827 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1828 u64 timestamp;
1829 DECLARE_MAC_BUF(mac);
1830 DECLARE_MAC_BUF(mac2);
1831
1832 if (!beacon && memcmp(mgmt->da, dev->dev_addr, ETH_ALEN))
1833 return; /* ignore ProbeResp to foreign address */
1834
1835 #if 0
1836 printk(KERN_DEBUG "%s: RX %s from %s to %s\n",
1837 dev->name, beacon ? "Beacon" : "Probe Response",
1838 print_mac(mac, mgmt->sa), print_mac(mac2, mgmt->da));
1839 #endif
1840
1841 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
1842 if (baselen > len)
1843 return;
1844
1845 timestamp = le64_to_cpu(mgmt->u.beacon.timestamp);
1846
1847 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS && beacon &&
1848 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0) {
1849 #ifdef CONFIG_MAC80211_IBSS_DEBUG
1850 static unsigned long last_tsf_debug = 0;
1851 u64 tsf;
1852 if (local->ops->get_tsf)
1853 tsf = local->ops->get_tsf(local_to_hw(local));
1854 else
1855 tsf = -1LLU;
1856 if (time_after(jiffies, last_tsf_debug + 5 * HZ)) {
1857 printk(KERN_DEBUG "RX beacon SA=%s BSSID="
1858 "%s TSF=0x%llx BCN=0x%llx diff=%lld "
1859 "@%lu\n",
1860 print_mac(mac, mgmt->sa), print_mac(mac2, mgmt->bssid),
1861 (unsigned long long)tsf,
1862 (unsigned long long)timestamp,
1863 (unsigned long long)(tsf - timestamp),
1864 jiffies);
1865 last_tsf_debug = jiffies;
1866 }
1867 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
1868 }
1869
1870 ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems);
1871
1872 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS && elems.supp_rates &&
1873 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0 &&
1874 (sta = sta_info_get(local, mgmt->sa))) {
1875 struct ieee80211_hw_mode *mode;
1876 struct ieee80211_rate *rates;
1877 size_t num_rates;
1878 u32 supp_rates, prev_rates;
1879 int i, j;
1880
1881 mode = local->sta_sw_scanning ?
1882 local->scan_hw_mode : local->oper_hw_mode;
1883
1884 if (local->sta_hw_scanning) {
1885 /* search for the correct mode matches the beacon */
1886 list_for_each_entry(mode, &local->modes_list, list)
1887 if (mode->mode == rx_status->phymode)
1888 break;
1889
1890 if (mode == NULL)
1891 mode = local->oper_hw_mode;
1892 }
1893 rates = mode->rates;
1894 num_rates = mode->num_rates;
1895
1896 supp_rates = 0;
1897 for (i = 0; i < elems.supp_rates_len +
1898 elems.ext_supp_rates_len; i++) {
1899 u8 rate = 0;
1900 int own_rate;
1901 if (i < elems.supp_rates_len)
1902 rate = elems.supp_rates[i];
1903 else if (elems.ext_supp_rates)
1904 rate = elems.ext_supp_rates
1905 [i - elems.supp_rates_len];
1906 own_rate = 5 * (rate & 0x7f);
1907 for (j = 0; j < num_rates; j++)
1908 if (rates[j].rate == own_rate)
1909 supp_rates |= BIT(j);
1910 }
1911
1912 prev_rates = sta->supp_rates;
1913 sta->supp_rates &= supp_rates;
1914 if (sta->supp_rates == 0) {
1915 /* No matching rates - this should not really happen.
1916 * Make sure that at least one rate is marked
1917 * supported to avoid issues with TX rate ctrl. */
1918 sta->supp_rates = sdata->u.sta.supp_rates_bits;
1919 }
1920 if (sta->supp_rates != prev_rates) {
1921 printk(KERN_DEBUG "%s: updated supp_rates set for "
1922 "%s based on beacon info (0x%x & 0x%x -> "
1923 "0x%x)\n",
1924 dev->name, print_mac(mac, sta->addr), prev_rates,
1925 supp_rates, sta->supp_rates);
1926 }
1927 sta_info_put(sta);
1928 }
1929
1930 if (!elems.ssid)
1931 return;
1932
1933 if (elems.ds_params && elems.ds_params_len == 1)
1934 channel = elems.ds_params[0];
1935 else
1936 channel = rx_status->channel;
1937
1938 bss = ieee80211_rx_bss_get(dev, mgmt->bssid, channel,
1939 elems.ssid, elems.ssid_len);
1940 if (!bss) {
1941 bss = ieee80211_rx_bss_add(dev, mgmt->bssid, channel,
1942 elems.ssid, elems.ssid_len);
1943 if (!bss)
1944 return;
1945 } else {
1946 #if 0
1947 /* TODO: order by RSSI? */
1948 spin_lock_bh(&local->sta_bss_lock);
1949 list_move_tail(&bss->list, &local->sta_bss_list);
1950 spin_unlock_bh(&local->sta_bss_lock);
1951 #endif
1952 }
1953
1954 if (bss->probe_resp && beacon) {
1955 /* Do not allow beacon to override data from Probe Response. */
1956 ieee80211_rx_bss_put(dev, bss);
1957 return;
1958 }
1959
1960 /* save the ERP value so that it is available at association time */
1961 if (elems.erp_info && elems.erp_info_len >= 1) {
1962 bss->erp_value = elems.erp_info[0];
1963 bss->has_erp_value = 1;
1964 }
1965
1966 bss->beacon_int = le16_to_cpu(mgmt->u.beacon.beacon_int);
1967 bss->capability = le16_to_cpu(mgmt->u.beacon.capab_info);
1968
1969 bss->supp_rates_len = 0;
1970 if (elems.supp_rates) {
1971 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len;
1972 if (clen > elems.supp_rates_len)
1973 clen = elems.supp_rates_len;
1974 memcpy(&bss->supp_rates[bss->supp_rates_len], elems.supp_rates,
1975 clen);
1976 bss->supp_rates_len += clen;
1977 }
1978 if (elems.ext_supp_rates) {
1979 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len;
1980 if (clen > elems.ext_supp_rates_len)
1981 clen = elems.ext_supp_rates_len;
1982 memcpy(&bss->supp_rates[bss->supp_rates_len],
1983 elems.ext_supp_rates, clen);
1984 bss->supp_rates_len += clen;
1985 }
1986
1987 if (elems.wpa &&
1988 (!bss->wpa_ie || bss->wpa_ie_len != elems.wpa_len ||
1989 memcmp(bss->wpa_ie, elems.wpa, elems.wpa_len))) {
1990 kfree(bss->wpa_ie);
1991 bss->wpa_ie = kmalloc(elems.wpa_len + 2, GFP_ATOMIC);
1992 if (bss->wpa_ie) {
1993 memcpy(bss->wpa_ie, elems.wpa - 2, elems.wpa_len + 2);
1994 bss->wpa_ie_len = elems.wpa_len + 2;
1995 } else
1996 bss->wpa_ie_len = 0;
1997 } else if (!elems.wpa && bss->wpa_ie) {
1998 kfree(bss->wpa_ie);
1999 bss->wpa_ie = NULL;
2000 bss->wpa_ie_len = 0;
2001 }
2002
2003 if (elems.rsn &&
2004 (!bss->rsn_ie || bss->rsn_ie_len != elems.rsn_len ||
2005 memcmp(bss->rsn_ie, elems.rsn, elems.rsn_len))) {
2006 kfree(bss->rsn_ie);
2007 bss->rsn_ie = kmalloc(elems.rsn_len + 2, GFP_ATOMIC);
2008 if (bss->rsn_ie) {
2009 memcpy(bss->rsn_ie, elems.rsn - 2, elems.rsn_len + 2);
2010 bss->rsn_ie_len = elems.rsn_len + 2;
2011 } else
2012 bss->rsn_ie_len = 0;
2013 } else if (!elems.rsn && bss->rsn_ie) {
2014 kfree(bss->rsn_ie);
2015 bss->rsn_ie = NULL;
2016 bss->rsn_ie_len = 0;
2017 }
2018
2019 if (elems.wmm_param &&
2020 (!bss->wmm_ie || bss->wmm_ie_len != elems.wmm_param_len ||
2021 memcmp(bss->wmm_ie, elems.wmm_param, elems.wmm_param_len))) {
2022 kfree(bss->wmm_ie);
2023 bss->wmm_ie = kmalloc(elems.wmm_param_len + 2, GFP_ATOMIC);
2024 if (bss->wmm_ie) {
2025 memcpy(bss->wmm_ie, elems.wmm_param - 2,
2026 elems.wmm_param_len + 2);
2027 bss->wmm_ie_len = elems.wmm_param_len + 2;
2028 } else
2029 bss->wmm_ie_len = 0;
2030 } else if (!elems.wmm_param && bss->wmm_ie) {
2031 kfree(bss->wmm_ie);
2032 bss->wmm_ie = NULL;
2033 bss->wmm_ie_len = 0;
2034 }
2035 if (elems.ht_cap_elem &&
2036 (!bss->ht_ie || bss->ht_ie_len != elems.ht_cap_elem_len ||
2037 memcmp(bss->ht_ie, elems.ht_cap_elem, elems.ht_cap_elem_len))) {
2038 kfree(bss->ht_ie);
2039 bss->ht_ie = kmalloc(elems.ht_cap_elem_len + 2, GFP_ATOMIC);
2040 if (bss->ht_ie) {
2041 memcpy(bss->ht_ie, elems.ht_cap_elem - 2,
2042 elems.ht_cap_elem_len + 2);
2043 bss->ht_ie_len = elems.ht_cap_elem_len + 2;
2044 } else
2045 bss->ht_ie_len = 0;
2046 } else if (!elems.ht_cap_elem && bss->ht_ie) {
2047 kfree(bss->ht_ie);
2048 bss->ht_ie = NULL;
2049 bss->ht_ie_len = 0;
2050 }
2051
2052 bss->hw_mode = rx_status->phymode;
2053 bss->freq = rx_status->freq;
2054 if (channel != rx_status->channel &&
2055 (bss->hw_mode == MODE_IEEE80211G ||
2056 bss->hw_mode == MODE_IEEE80211B) &&
2057 channel >= 1 && channel <= 14) {
2058 static const int freq_list[] = {
2059 2412, 2417, 2422, 2427, 2432, 2437, 2442,
2060 2447, 2452, 2457, 2462, 2467, 2472, 2484
2061 };
2062 /* IEEE 802.11g/b mode can receive packets from neighboring
2063 * channels, so map the channel into frequency. */
2064 bss->freq = freq_list[channel - 1];
2065 }
2066 bss->timestamp = timestamp;
2067 bss->last_update = jiffies;
2068 bss->rssi = rx_status->ssi;
2069 bss->signal = rx_status->signal;
2070 bss->noise = rx_status->noise;
2071 if (!beacon)
2072 bss->probe_resp++;
2073 ieee80211_rx_bss_put(dev, bss);
2074 }
2075
2076
2077 static void ieee80211_rx_mgmt_probe_resp(struct net_device *dev,
2078 struct ieee80211_mgmt *mgmt,
2079 size_t len,
2080 struct ieee80211_rx_status *rx_status)
2081 {
2082 ieee80211_rx_bss_info(dev, mgmt, len, rx_status, 0);
2083 }
2084
2085
2086 static void ieee80211_rx_mgmt_beacon(struct net_device *dev,
2087 struct ieee80211_mgmt *mgmt,
2088 size_t len,
2089 struct ieee80211_rx_status *rx_status)
2090 {
2091 struct ieee80211_sub_if_data *sdata;
2092 struct ieee80211_if_sta *ifsta;
2093 size_t baselen;
2094 struct ieee802_11_elems elems;
2095 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2096 struct ieee80211_conf *conf = &local->hw.conf;
2097 u32 changed = 0;
2098
2099 ieee80211_rx_bss_info(dev, mgmt, len, rx_status, 1);
2100
2101 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2102 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
2103 return;
2104 ifsta = &sdata->u.sta;
2105
2106 if (!(ifsta->flags & IEEE80211_STA_ASSOCIATED) ||
2107 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0)
2108 return;
2109
2110 /* Process beacon from the current BSS */
2111 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
2112 if (baselen > len)
2113 return;
2114
2115 ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems);
2116
2117 if (elems.erp_info && elems.erp_info_len >= 1)
2118 changed |= ieee80211_handle_erp_ie(sdata, elems.erp_info[0]);
2119
2120 if (elems.ht_cap_elem && elems.ht_info_elem &&
2121 elems.wmm_param && local->ops->conf_ht &&
2122 conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE) {
2123 struct ieee80211_ht_bss_info bss_info;
2124
2125 ieee80211_ht_addt_info_ie_to_ht_bss_info(
2126 (struct ieee80211_ht_addt_info *)
2127 elems.ht_info_elem, &bss_info);
2128 /* check if AP changed bss inforamation */
2129 if ((conf->ht_bss_conf.primary_channel !=
2130 bss_info.primary_channel) ||
2131 (conf->ht_bss_conf.bss_cap != bss_info.bss_cap) ||
2132 (conf->ht_bss_conf.bss_op_mode != bss_info.bss_op_mode))
2133 ieee80211_hw_config_ht(local, 1, &conf->ht_conf,
2134 &bss_info);
2135 }
2136
2137 if (elems.wmm_param && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
2138 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param,
2139 elems.wmm_param_len);
2140 }
2141
2142 ieee80211_bss_info_change_notify(sdata, changed);
2143 }
2144
2145
2146 static void ieee80211_rx_mgmt_probe_req(struct net_device *dev,
2147 struct ieee80211_if_sta *ifsta,
2148 struct ieee80211_mgmt *mgmt,
2149 size_t len,
2150 struct ieee80211_rx_status *rx_status)
2151 {
2152 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2153 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2154 int tx_last_beacon;
2155 struct sk_buff *skb;
2156 struct ieee80211_mgmt *resp;
2157 u8 *pos, *end;
2158 DECLARE_MAC_BUF(mac);
2159 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2160 DECLARE_MAC_BUF(mac2);
2161 DECLARE_MAC_BUF(mac3);
2162 #endif
2163
2164 if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS ||
2165 ifsta->state != IEEE80211_IBSS_JOINED ||
2166 len < 24 + 2 || !ifsta->probe_resp)
2167 return;
2168
2169 if (local->ops->tx_last_beacon)
2170 tx_last_beacon = local->ops->tx_last_beacon(local_to_hw(local));
2171 else
2172 tx_last_beacon = 1;
2173
2174 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2175 printk(KERN_DEBUG "%s: RX ProbeReq SA=%s DA=%s BSSID="
2176 "%s (tx_last_beacon=%d)\n",
2177 dev->name, print_mac(mac, mgmt->sa), print_mac(mac2, mgmt->da),
2178 print_mac(mac3, mgmt->bssid), tx_last_beacon);
2179 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
2180
2181 if (!tx_last_beacon)
2182 return;
2183
2184 if (memcmp(mgmt->bssid, ifsta->bssid, ETH_ALEN) != 0 &&
2185 memcmp(mgmt->bssid, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0)
2186 return;
2187
2188 end = ((u8 *) mgmt) + len;
2189 pos = mgmt->u.probe_req.variable;
2190 if (pos[0] != WLAN_EID_SSID ||
2191 pos + 2 + pos[1] > end) {
2192 if (net_ratelimit()) {
2193 printk(KERN_DEBUG "%s: Invalid SSID IE in ProbeReq "
2194 "from %s\n",
2195 dev->name, print_mac(mac, mgmt->sa));
2196 }
2197 return;
2198 }
2199 if (pos[1] != 0 &&
2200 (pos[1] != ifsta->ssid_len ||
2201 memcmp(pos + 2, ifsta->ssid, ifsta->ssid_len) != 0)) {
2202 /* Ignore ProbeReq for foreign SSID */
2203 return;
2204 }
2205
2206 /* Reply with ProbeResp */
2207 skb = skb_copy(ifsta->probe_resp, GFP_KERNEL);
2208 if (!skb)
2209 return;
2210
2211 resp = (struct ieee80211_mgmt *) skb->data;
2212 memcpy(resp->da, mgmt->sa, ETH_ALEN);
2213 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2214 printk(KERN_DEBUG "%s: Sending ProbeResp to %s\n",
2215 dev->name, print_mac(mac, resp->da));
2216 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
2217 ieee80211_sta_tx(dev, skb, 0);
2218 }
2219
2220 static void ieee80211_rx_mgmt_action(struct net_device *dev,
2221 struct ieee80211_if_sta *ifsta,
2222 struct ieee80211_mgmt *mgmt,
2223 size_t len)
2224 {
2225 if (len < IEEE80211_MIN_ACTION_SIZE)
2226 return;
2227
2228 switch (mgmt->u.action.category) {
2229 case WLAN_CATEGORY_BACK:
2230 switch (mgmt->u.action.u.addba_req.action_code) {
2231 case WLAN_ACTION_ADDBA_REQ:
2232 if (len < (IEEE80211_MIN_ACTION_SIZE +
2233 sizeof(mgmt->u.action.u.addba_req)))
2234 break;
2235 ieee80211_sta_process_addba_request(dev, mgmt, len);
2236 break;
2237 case WLAN_ACTION_DELBA:
2238 if (len < (IEEE80211_MIN_ACTION_SIZE +
2239 sizeof(mgmt->u.action.u.delba)))
2240 break;
2241 ieee80211_sta_process_delba(dev, mgmt, len);
2242 break;
2243 default:
2244 if (net_ratelimit())
2245 printk(KERN_DEBUG "%s: Rx unknown A-MPDU action\n",
2246 dev->name);
2247 break;
2248 }
2249 break;
2250 default:
2251 break;
2252 }
2253 }
2254
2255 void ieee80211_sta_rx_mgmt(struct net_device *dev, struct sk_buff *skb,
2256 struct ieee80211_rx_status *rx_status)
2257 {
2258 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2259 struct ieee80211_sub_if_data *sdata;
2260 struct ieee80211_if_sta *ifsta;
2261 struct ieee80211_mgmt *mgmt;
2262 u16 fc;
2263
2264 if (skb->len < 24)
2265 goto fail;
2266
2267 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2268 ifsta = &sdata->u.sta;
2269
2270 mgmt = (struct ieee80211_mgmt *) skb->data;
2271 fc = le16_to_cpu(mgmt->frame_control);
2272
2273 switch (fc & IEEE80211_FCTL_STYPE) {
2274 case IEEE80211_STYPE_PROBE_REQ:
2275 case IEEE80211_STYPE_PROBE_RESP:
2276 case IEEE80211_STYPE_BEACON:
2277 memcpy(skb->cb, rx_status, sizeof(*rx_status));
2278 case IEEE80211_STYPE_AUTH:
2279 case IEEE80211_STYPE_ASSOC_RESP:
2280 case IEEE80211_STYPE_REASSOC_RESP:
2281 case IEEE80211_STYPE_DEAUTH:
2282 case IEEE80211_STYPE_DISASSOC:
2283 case IEEE80211_STYPE_ACTION:
2284 skb_queue_tail(&ifsta->skb_queue, skb);
2285 queue_work(local->hw.workqueue, &ifsta->work);
2286 return;
2287 default:
2288 printk(KERN_DEBUG "%s: received unknown management frame - "
2289 "stype=%d\n", dev->name,
2290 (fc & IEEE80211_FCTL_STYPE) >> 4);
2291 break;
2292 }
2293
2294 fail:
2295 kfree_skb(skb);
2296 }
2297
2298
2299 static void ieee80211_sta_rx_queued_mgmt(struct net_device *dev,
2300 struct sk_buff *skb)
2301 {
2302 struct ieee80211_rx_status *rx_status;
2303 struct ieee80211_sub_if_data *sdata;
2304 struct ieee80211_if_sta *ifsta;
2305 struct ieee80211_mgmt *mgmt;
2306 u16 fc;
2307
2308 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2309 ifsta = &sdata->u.sta;
2310
2311 rx_status = (struct ieee80211_rx_status *) skb->cb;
2312 mgmt = (struct ieee80211_mgmt *) skb->data;
2313 fc = le16_to_cpu(mgmt->frame_control);
2314
2315 switch (fc & IEEE80211_FCTL_STYPE) {
2316 case IEEE80211_STYPE_PROBE_REQ:
2317 ieee80211_rx_mgmt_probe_req(dev, ifsta, mgmt, skb->len,
2318 rx_status);
2319 break;
2320 case IEEE80211_STYPE_PROBE_RESP:
2321 ieee80211_rx_mgmt_probe_resp(dev, mgmt, skb->len, rx_status);
2322 break;
2323 case IEEE80211_STYPE_BEACON:
2324 ieee80211_rx_mgmt_beacon(dev, mgmt, skb->len, rx_status);
2325 break;
2326 case IEEE80211_STYPE_AUTH:
2327 ieee80211_rx_mgmt_auth(dev, ifsta, mgmt, skb->len);
2328 break;
2329 case IEEE80211_STYPE_ASSOC_RESP:
2330 ieee80211_rx_mgmt_assoc_resp(sdata, ifsta, mgmt, skb->len, 0);
2331 break;
2332 case IEEE80211_STYPE_REASSOC_RESP:
2333 ieee80211_rx_mgmt_assoc_resp(sdata, ifsta, mgmt, skb->len, 1);
2334 break;
2335 case IEEE80211_STYPE_DEAUTH:
2336 ieee80211_rx_mgmt_deauth(dev, ifsta, mgmt, skb->len);
2337 break;
2338 case IEEE80211_STYPE_DISASSOC:
2339 ieee80211_rx_mgmt_disassoc(dev, ifsta, mgmt, skb->len);
2340 break;
2341 case IEEE80211_STYPE_ACTION:
2342 ieee80211_rx_mgmt_action(dev, ifsta, mgmt, skb->len);
2343 break;
2344 }
2345
2346 kfree_skb(skb);
2347 }
2348
2349
2350 ieee80211_txrx_result
2351 ieee80211_sta_rx_scan(struct net_device *dev, struct sk_buff *skb,
2352 struct ieee80211_rx_status *rx_status)
2353 {
2354 struct ieee80211_mgmt *mgmt;
2355 u16 fc;
2356
2357 if (skb->len < 2)
2358 return TXRX_DROP;
2359
2360 mgmt = (struct ieee80211_mgmt *) skb->data;
2361 fc = le16_to_cpu(mgmt->frame_control);
2362
2363 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_CTL)
2364 return TXRX_CONTINUE;
2365
2366 if (skb->len < 24)
2367 return TXRX_DROP;
2368
2369 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT) {
2370 if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PROBE_RESP) {
2371 ieee80211_rx_mgmt_probe_resp(dev, mgmt,
2372 skb->len, rx_status);
2373 dev_kfree_skb(skb);
2374 return TXRX_QUEUED;
2375 } else if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_BEACON) {
2376 ieee80211_rx_mgmt_beacon(dev, mgmt, skb->len,
2377 rx_status);
2378 dev_kfree_skb(skb);
2379 return TXRX_QUEUED;
2380 }
2381 }
2382 return TXRX_CONTINUE;
2383 }
2384
2385
2386 static int ieee80211_sta_active_ibss(struct net_device *dev)
2387 {
2388 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2389 int active = 0;
2390 struct sta_info *sta;
2391
2392 read_lock_bh(&local->sta_lock);
2393 list_for_each_entry(sta, &local->sta_list, list) {
2394 if (sta->dev == dev &&
2395 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL,
2396 jiffies)) {
2397 active++;
2398 break;
2399 }
2400 }
2401 read_unlock_bh(&local->sta_lock);
2402
2403 return active;
2404 }
2405
2406
2407 static void ieee80211_sta_expire(struct net_device *dev)
2408 {
2409 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2410 struct sta_info *sta, *tmp;
2411 LIST_HEAD(tmp_list);
2412 DECLARE_MAC_BUF(mac);
2413
2414 write_lock_bh(&local->sta_lock);
2415 list_for_each_entry_safe(sta, tmp, &local->sta_list, list)
2416 if (time_after(jiffies, sta->last_rx +
2417 IEEE80211_IBSS_INACTIVITY_LIMIT)) {
2418 printk(KERN_DEBUG "%s: expiring inactive STA %s\n",
2419 dev->name, print_mac(mac, sta->addr));
2420 __sta_info_get(sta);
2421 sta_info_remove(sta);
2422 list_add(&sta->list, &tmp_list);
2423 }
2424 write_unlock_bh(&local->sta_lock);
2425
2426 list_for_each_entry_safe(sta, tmp, &tmp_list, list) {
2427 sta_info_free(sta);
2428 sta_info_put(sta);
2429 }
2430 }
2431
2432
2433 static void ieee80211_sta_merge_ibss(struct net_device *dev,
2434 struct ieee80211_if_sta *ifsta)
2435 {
2436 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
2437
2438 ieee80211_sta_expire(dev);
2439 if (ieee80211_sta_active_ibss(dev))
2440 return;
2441
2442 printk(KERN_DEBUG "%s: No active IBSS STAs - trying to scan for other "
2443 "IBSS networks with same SSID (merge)\n", dev->name);
2444 ieee80211_sta_req_scan(dev, ifsta->ssid, ifsta->ssid_len);
2445 }
2446
2447
2448 void ieee80211_sta_timer(unsigned long data)
2449 {
2450 struct ieee80211_sub_if_data *sdata =
2451 (struct ieee80211_sub_if_data *) data;
2452 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2453 struct ieee80211_local *local = wdev_priv(&sdata->wdev);
2454
2455 set_bit(IEEE80211_STA_REQ_RUN, &ifsta->request);
2456 queue_work(local->hw.workqueue, &ifsta->work);
2457 }
2458
2459
2460 void ieee80211_sta_work(struct work_struct *work)
2461 {
2462 struct ieee80211_sub_if_data *sdata =
2463 container_of(work, struct ieee80211_sub_if_data, u.sta.work);
2464 struct net_device *dev = sdata->dev;
2465 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2466 struct ieee80211_if_sta *ifsta;
2467 struct sk_buff *skb;
2468
2469 if (!netif_running(dev))
2470 return;
2471
2472 if (local->sta_sw_scanning || local->sta_hw_scanning)
2473 return;
2474
2475 if (sdata->vif.type != IEEE80211_IF_TYPE_STA &&
2476 sdata->vif.type != IEEE80211_IF_TYPE_IBSS) {
2477 printk(KERN_DEBUG "%s: ieee80211_sta_work: non-STA interface "
2478 "(type=%d)\n", dev->name, sdata->vif.type);
2479 return;
2480 }
2481 ifsta = &sdata->u.sta;
2482
2483 while ((skb = skb_dequeue(&ifsta->skb_queue)))
2484 ieee80211_sta_rx_queued_mgmt(dev, skb);
2485
2486 if (ifsta->state != IEEE80211_AUTHENTICATE &&
2487 ifsta->state != IEEE80211_ASSOCIATE &&
2488 test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request)) {
2489 if (ifsta->scan_ssid_len)
2490 ieee80211_sta_start_scan(dev, ifsta->scan_ssid, ifsta->scan_ssid_len);
2491 else
2492 ieee80211_sta_start_scan(dev, NULL, 0);
2493 return;
2494 }
2495
2496 if (test_and_clear_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request)) {
2497 if (ieee80211_sta_config_auth(dev, ifsta))
2498 return;
2499 clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request);
2500 } else if (!test_and_clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request))
2501 return;
2502
2503 switch (ifsta->state) {
2504 case IEEE80211_DISABLED:
2505 break;
2506 case IEEE80211_AUTHENTICATE:
2507 ieee80211_authenticate(dev, ifsta);
2508 break;
2509 case IEEE80211_ASSOCIATE:
2510 ieee80211_associate(dev, ifsta);
2511 break;
2512 case IEEE80211_ASSOCIATED:
2513 ieee80211_associated(dev, ifsta);
2514 break;
2515 case IEEE80211_IBSS_SEARCH:
2516 ieee80211_sta_find_ibss(dev, ifsta);
2517 break;
2518 case IEEE80211_IBSS_JOINED:
2519 ieee80211_sta_merge_ibss(dev, ifsta);
2520 break;
2521 default:
2522 printk(KERN_DEBUG "ieee80211_sta_work: Unknown state %d\n",
2523 ifsta->state);
2524 break;
2525 }
2526
2527 if (ieee80211_privacy_mismatch(dev, ifsta)) {
2528 printk(KERN_DEBUG "%s: privacy configuration mismatch and "
2529 "mixed-cell disabled - disassociate\n", dev->name);
2530
2531 ieee80211_send_disassoc(dev, ifsta, WLAN_REASON_UNSPECIFIED);
2532 ieee80211_set_disassoc(dev, ifsta, 0);
2533 }
2534 }
2535
2536
2537 static void ieee80211_sta_reset_auth(struct net_device *dev,
2538 struct ieee80211_if_sta *ifsta)
2539 {
2540 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2541
2542 if (local->ops->reset_tsf) {
2543 /* Reset own TSF to allow time synchronization work. */
2544 local->ops->reset_tsf(local_to_hw(local));
2545 }
2546
2547 ifsta->wmm_last_param_set = -1; /* allow any WMM update */
2548
2549
2550 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN)
2551 ifsta->auth_alg = WLAN_AUTH_OPEN;
2552 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
2553 ifsta->auth_alg = WLAN_AUTH_SHARED_KEY;
2554 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP)
2555 ifsta->auth_alg = WLAN_AUTH_LEAP;
2556 else
2557 ifsta->auth_alg = WLAN_AUTH_OPEN;
2558 printk(KERN_DEBUG "%s: Initial auth_alg=%d\n", dev->name,
2559 ifsta->auth_alg);
2560 ifsta->auth_transaction = -1;
2561 ifsta->flags &= ~IEEE80211_STA_ASSOCIATED;
2562 ifsta->auth_tries = ifsta->assoc_tries = 0;
2563 netif_carrier_off(dev);
2564 }
2565
2566
2567 void ieee80211_sta_req_auth(struct net_device *dev,
2568 struct ieee80211_if_sta *ifsta)
2569 {
2570 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2571 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2572
2573 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
2574 return;
2575
2576 if ((ifsta->flags & (IEEE80211_STA_BSSID_SET |
2577 IEEE80211_STA_AUTO_BSSID_SEL)) &&
2578 (ifsta->flags & (IEEE80211_STA_SSID_SET |
2579 IEEE80211_STA_AUTO_SSID_SEL))) {
2580 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request);
2581 queue_work(local->hw.workqueue, &ifsta->work);
2582 }
2583 }
2584
2585 static int ieee80211_sta_match_ssid(struct ieee80211_if_sta *ifsta,
2586 const char *ssid, int ssid_len)
2587 {
2588 int tmp, hidden_ssid;
2589
2590 if (ssid_len == ifsta->ssid_len &&
2591 !memcmp(ifsta->ssid, ssid, ssid_len))
2592 return 1;
2593
2594 if (ifsta->flags & IEEE80211_STA_AUTO_BSSID_SEL)
2595 return 0;
2596
2597 hidden_ssid = 1;
2598 tmp = ssid_len;
2599 while (tmp--) {
2600 if (ssid[tmp] != '\0') {
2601 hidden_ssid = 0;
2602 break;
2603 }
2604 }
2605
2606 if (hidden_ssid && ifsta->ssid_len == ssid_len)
2607 return 1;
2608
2609 if (ssid_len == 1 && ssid[0] == ' ')
2610 return 1;
2611
2612 return 0;
2613 }
2614
2615 static int ieee80211_sta_config_auth(struct net_device *dev,
2616 struct ieee80211_if_sta *ifsta)
2617 {
2618 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2619 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2620 struct ieee80211_sta_bss *bss, *selected = NULL;
2621 int top_rssi = 0, freq;
2622
2623 if (!(ifsta->flags & (IEEE80211_STA_AUTO_SSID_SEL |
2624 IEEE80211_STA_AUTO_BSSID_SEL | IEEE80211_STA_AUTO_CHANNEL_SEL))) {
2625 ifsta->state = IEEE80211_AUTHENTICATE;
2626 ieee80211_sta_reset_auth(dev, ifsta);
2627 return 0;
2628 }
2629
2630 spin_lock_bh(&local->sta_bss_lock);
2631 freq = local->oper_channel->freq;
2632 list_for_each_entry(bss, &local->sta_bss_list, list) {
2633 if (!(bss->capability & WLAN_CAPABILITY_ESS))
2634 continue;
2635
2636 if (!!(bss->capability & WLAN_CAPABILITY_PRIVACY) ^
2637 !!sdata->default_key)
2638 continue;
2639
2640 if (!(ifsta->flags & IEEE80211_STA_AUTO_CHANNEL_SEL) &&
2641 bss->freq != freq)
2642 continue;
2643
2644 if (!(ifsta->flags & IEEE80211_STA_AUTO_BSSID_SEL) &&
2645 memcmp(bss->bssid, ifsta->bssid, ETH_ALEN))
2646 continue;
2647
2648 if (!(ifsta->flags & IEEE80211_STA_AUTO_SSID_SEL) &&
2649 !ieee80211_sta_match_ssid(ifsta, bss->ssid, bss->ssid_len))
2650 continue;
2651
2652 if (!selected || top_rssi < bss->rssi) {
2653 selected = bss;
2654 top_rssi = bss->rssi;
2655 }
2656 }
2657 if (selected)
2658 atomic_inc(&selected->users);
2659 spin_unlock_bh(&local->sta_bss_lock);
2660
2661 if (selected) {
2662 ieee80211_set_channel(local, -1, selected->freq);
2663 if (!(ifsta->flags & IEEE80211_STA_SSID_SET))
2664 ieee80211_sta_set_ssid(dev, selected->ssid,
2665 selected->ssid_len);
2666 ieee80211_sta_set_bssid(dev, selected->bssid);
2667 ieee80211_rx_bss_put(dev, selected);
2668 ifsta->state = IEEE80211_AUTHENTICATE;
2669 ieee80211_sta_reset_auth(dev, ifsta);
2670 return 0;
2671 } else {
2672 if (ifsta->state != IEEE80211_AUTHENTICATE) {
2673 if (ifsta->flags & IEEE80211_STA_AUTO_SSID_SEL)
2674 ieee80211_sta_start_scan(dev, NULL, 0);
2675 else
2676 ieee80211_sta_start_scan(dev, ifsta->ssid,
2677 ifsta->ssid_len);
2678 ifsta->state = IEEE80211_AUTHENTICATE;
2679 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request);
2680 } else
2681 ifsta->state = IEEE80211_DISABLED;
2682 }
2683 return -1;
2684 }
2685
2686 static int ieee80211_sta_join_ibss(struct net_device *dev,
2687 struct ieee80211_if_sta *ifsta,
2688 struct ieee80211_sta_bss *bss)
2689 {
2690 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2691 int res, rates, i, j;
2692 struct sk_buff *skb;
2693 struct ieee80211_mgmt *mgmt;
2694 struct ieee80211_tx_control control;
2695 struct ieee80211_hw_mode *mode;
2696 struct rate_selection ratesel;
2697 u8 *pos;
2698 struct ieee80211_sub_if_data *sdata;
2699
2700 /* Remove possible STA entries from other IBSS networks. */
2701 sta_info_flush(local, NULL);
2702
2703 if (local->ops->reset_tsf) {
2704 /* Reset own TSF to allow time synchronization work. */
2705 local->ops->reset_tsf(local_to_hw(local));
2706 }
2707 memcpy(ifsta->bssid, bss->bssid, ETH_ALEN);
2708 res = ieee80211_if_config(dev);
2709 if (res)
2710 return res;
2711
2712 local->hw.conf.beacon_int = bss->beacon_int >= 10 ? bss->beacon_int : 10;
2713
2714 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2715 sdata->drop_unencrypted = bss->capability &
2716 WLAN_CAPABILITY_PRIVACY ? 1 : 0;
2717
2718 res = ieee80211_set_channel(local, -1, bss->freq);
2719
2720 if (!(local->oper_channel->flag & IEEE80211_CHAN_W_IBSS)) {
2721 printk(KERN_DEBUG "%s: IBSS not allowed on channel %d "
2722 "(%d MHz)\n", dev->name, local->hw.conf.channel,
2723 local->hw.conf.freq);
2724 return -1;
2725 }
2726
2727 /* Set beacon template based on scan results */
2728 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400);
2729 do {
2730 if (!skb)
2731 break;
2732
2733 skb_reserve(skb, local->hw.extra_tx_headroom);
2734
2735 mgmt = (struct ieee80211_mgmt *)
2736 skb_put(skb, 24 + sizeof(mgmt->u.beacon));
2737 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon));
2738 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
2739 IEEE80211_STYPE_BEACON);
2740 memset(mgmt->da, 0xff, ETH_ALEN);
2741 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
2742 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
2743 mgmt->u.beacon.beacon_int =
2744 cpu_to_le16(local->hw.conf.beacon_int);
2745 mgmt->u.beacon.capab_info = cpu_to_le16(bss->capability);
2746
2747 pos = skb_put(skb, 2 + ifsta->ssid_len);
2748 *pos++ = WLAN_EID_SSID;
2749 *pos++ = ifsta->ssid_len;
2750 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
2751
2752 rates = bss->supp_rates_len;
2753 if (rates > 8)
2754 rates = 8;
2755 pos = skb_put(skb, 2 + rates);
2756 *pos++ = WLAN_EID_SUPP_RATES;
2757 *pos++ = rates;
2758 memcpy(pos, bss->supp_rates, rates);
2759
2760 pos = skb_put(skb, 2 + 1);
2761 *pos++ = WLAN_EID_DS_PARAMS;
2762 *pos++ = 1;
2763 *pos++ = bss->channel;
2764
2765 pos = skb_put(skb, 2 + 2);
2766 *pos++ = WLAN_EID_IBSS_PARAMS;
2767 *pos++ = 2;
2768 /* FIX: set ATIM window based on scan results */
2769 *pos++ = 0;
2770 *pos++ = 0;
2771
2772 if (bss->supp_rates_len > 8) {
2773 rates = bss->supp_rates_len - 8;
2774 pos = skb_put(skb, 2 + rates);
2775 *pos++ = WLAN_EID_EXT_SUPP_RATES;
2776 *pos++ = rates;
2777 memcpy(pos, &bss->supp_rates[8], rates);
2778 }
2779
2780 memset(&control, 0, sizeof(control));
2781 rate_control_get_rate(dev, local->oper_hw_mode, skb, &ratesel);
2782 if (!ratesel.rate) {
2783 printk(KERN_DEBUG "%s: Failed to determine TX rate "
2784 "for IBSS beacon\n", dev->name);
2785 break;
2786 }
2787 control.vif = &sdata->vif;
2788 control.tx_rate =
2789 (sdata->bss_conf.use_short_preamble &&
2790 (ratesel.rate->flags & IEEE80211_RATE_PREAMBLE2)) ?
2791 ratesel.rate->val2 : ratesel.rate->val;
2792 control.antenna_sel_tx = local->hw.conf.antenna_sel_tx;
2793 control.power_level = local->hw.conf.power_level;
2794 control.flags |= IEEE80211_TXCTL_NO_ACK;
2795 control.retry_limit = 1;
2796
2797 ifsta->probe_resp = skb_copy(skb, GFP_ATOMIC);
2798 if (ifsta->probe_resp) {
2799 mgmt = (struct ieee80211_mgmt *)
2800 ifsta->probe_resp->data;
2801 mgmt->frame_control =
2802 IEEE80211_FC(IEEE80211_FTYPE_MGMT,
2803 IEEE80211_STYPE_PROBE_RESP);
2804 } else {
2805 printk(KERN_DEBUG "%s: Could not allocate ProbeResp "
2806 "template for IBSS\n", dev->name);
2807 }
2808
2809 if (local->ops->beacon_update &&
2810 local->ops->beacon_update(local_to_hw(local),
2811 skb, &control) == 0) {
2812 printk(KERN_DEBUG "%s: Configured IBSS beacon "
2813 "template based on scan results\n", dev->name);
2814 skb = NULL;
2815 }
2816
2817 rates = 0;
2818 mode = local->oper_hw_mode;
2819 for (i = 0; i < bss->supp_rates_len; i++) {
2820 int bitrate = (bss->supp_rates[i] & 0x7f) * 5;
2821 for (j = 0; j < mode->num_rates; j++)
2822 if (mode->rates[j].rate == bitrate)
2823 rates |= BIT(j);
2824 }
2825 ifsta->supp_rates_bits = rates;
2826 } while (0);
2827
2828 if (skb) {
2829 printk(KERN_DEBUG "%s: Failed to configure IBSS beacon "
2830 "template\n", dev->name);
2831 dev_kfree_skb(skb);
2832 }
2833
2834 ifsta->state = IEEE80211_IBSS_JOINED;
2835 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
2836
2837 ieee80211_rx_bss_put(dev, bss);
2838
2839 return res;
2840 }
2841
2842
2843 static int ieee80211_sta_create_ibss(struct net_device *dev,
2844 struct ieee80211_if_sta *ifsta)
2845 {
2846 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2847 struct ieee80211_sta_bss *bss;
2848 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2849 struct ieee80211_hw_mode *mode;
2850 u8 bssid[ETH_ALEN], *pos;
2851 int i;
2852 DECLARE_MAC_BUF(mac);
2853
2854 #if 0
2855 /* Easier testing, use fixed BSSID. */
2856 memset(bssid, 0xfe, ETH_ALEN);
2857 #else
2858 /* Generate random, not broadcast, locally administered BSSID. Mix in
2859 * own MAC address to make sure that devices that do not have proper
2860 * random number generator get different BSSID. */
2861 get_random_bytes(bssid, ETH_ALEN);
2862 for (i = 0; i < ETH_ALEN; i++)
2863 bssid[i] ^= dev->dev_addr[i];
2864 bssid[0] &= ~0x01;
2865 bssid[0] |= 0x02;
2866 #endif
2867
2868 printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID %s\n",
2869 dev->name, print_mac(mac, bssid));
2870
2871 bss = ieee80211_rx_bss_add(dev, bssid, local->hw.conf.channel,
2872 sdata->u.sta.ssid, sdata->u.sta.ssid_len);
2873 if (!bss)
2874 return -ENOMEM;
2875
2876 mode = local->oper_hw_mode;
2877
2878 if (local->hw.conf.beacon_int == 0)
2879 local->hw.conf.beacon_int = 100;
2880 bss->beacon_int = local->hw.conf.beacon_int;
2881 bss->hw_mode = local->hw.conf.phymode;
2882 bss->freq = local->hw.conf.freq;
2883 bss->last_update = jiffies;
2884 bss->capability = WLAN_CAPABILITY_IBSS;
2885 if (sdata->default_key) {
2886 bss->capability |= WLAN_CAPABILITY_PRIVACY;
2887 } else
2888 sdata->drop_unencrypted = 0;
2889 bss->supp_rates_len = mode->num_rates;
2890 pos = bss->supp_rates;
2891 for (i = 0; i < mode->num_rates; i++) {
2892 int rate = mode->rates[i].rate;
2893 *pos++ = (u8) (rate / 5);
2894 }
2895
2896 return ieee80211_sta_join_ibss(dev, ifsta, bss);
2897 }
2898
2899
2900 static int ieee80211_sta_find_ibss(struct net_device *dev,
2901 struct ieee80211_if_sta *ifsta)
2902 {
2903 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2904 struct ieee80211_sta_bss *bss;
2905 int found = 0;
2906 u8 bssid[ETH_ALEN];
2907 int active_ibss;
2908 DECLARE_MAC_BUF(mac);
2909 DECLARE_MAC_BUF(mac2);
2910
2911 if (ifsta->ssid_len == 0)
2912 return -EINVAL;
2913
2914 active_ibss = ieee80211_sta_active_ibss(dev);
2915 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2916 printk(KERN_DEBUG "%s: sta_find_ibss (active_ibss=%d)\n",
2917 dev->name, active_ibss);
2918 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
2919 spin_lock_bh(&local->sta_bss_lock);
2920 list_for_each_entry(bss, &local->sta_bss_list, list) {
2921 if (ifsta->ssid_len != bss->ssid_len ||
2922 memcmp(ifsta->ssid, bss->ssid, bss->ssid_len) != 0
2923 || !(bss->capability & WLAN_CAPABILITY_IBSS))
2924 continue;
2925 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2926 printk(KERN_DEBUG " bssid=%s found\n",
2927 print_mac(mac, bss->bssid));
2928 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
2929 memcpy(bssid, bss->bssid, ETH_ALEN);
2930 found = 1;
2931 if (active_ibss || memcmp(bssid, ifsta->bssid, ETH_ALEN) != 0)
2932 break;
2933 }
2934 spin_unlock_bh(&local->sta_bss_lock);
2935
2936 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2937 printk(KERN_DEBUG " sta_find_ibss: selected %s current "
2938 "%s\n", print_mac(mac, bssid), print_mac(mac2, ifsta->bssid));
2939 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
2940 if (found && memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0 &&
2941 (bss = ieee80211_rx_bss_get(dev, bssid, local->hw.conf.channel,
2942 ifsta->ssid, ifsta->ssid_len))) {
2943 printk(KERN_DEBUG "%s: Selected IBSS BSSID %s"
2944 " based on configured SSID\n",
2945 dev->name, print_mac(mac, bssid));
2946 return ieee80211_sta_join_ibss(dev, ifsta, bss);
2947 }
2948 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2949 printk(KERN_DEBUG " did not try to join ibss\n");
2950 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
2951
2952 /* Selected IBSS not found in current scan results - try to scan */
2953 if (ifsta->state == IEEE80211_IBSS_JOINED &&
2954 !ieee80211_sta_active_ibss(dev)) {
2955 mod_timer(&ifsta->timer, jiffies +
2956 IEEE80211_IBSS_MERGE_INTERVAL);
2957 } else if (time_after(jiffies, local->last_scan_completed +
2958 IEEE80211_SCAN_INTERVAL)) {
2959 printk(KERN_DEBUG "%s: Trigger new scan to find an IBSS to "
2960 "join\n", dev->name);
2961 return ieee80211_sta_req_scan(dev, ifsta->ssid,
2962 ifsta->ssid_len);
2963 } else if (ifsta->state != IEEE80211_IBSS_JOINED) {
2964 int interval = IEEE80211_SCAN_INTERVAL;
2965
2966 if (time_after(jiffies, ifsta->ibss_join_req +
2967 IEEE80211_IBSS_JOIN_TIMEOUT)) {
2968 if ((ifsta->flags & IEEE80211_STA_CREATE_IBSS) &&
2969 local->oper_channel->flag & IEEE80211_CHAN_W_IBSS)
2970 return ieee80211_sta_create_ibss(dev, ifsta);
2971 if (ifsta->flags & IEEE80211_STA_CREATE_IBSS) {
2972 printk(KERN_DEBUG "%s: IBSS not allowed on the"
2973 " configured channel %d (%d MHz)\n",
2974 dev->name, local->hw.conf.channel,
2975 local->hw.conf.freq);
2976 }
2977
2978 /* No IBSS found - decrease scan interval and continue
2979 * scanning. */
2980 interval = IEEE80211_SCAN_INTERVAL_SLOW;
2981 }
2982
2983 ifsta->state = IEEE80211_IBSS_SEARCH;
2984 mod_timer(&ifsta->timer, jiffies + interval);
2985 return 0;
2986 }
2987
2988 return 0;
2989 }
2990
2991
2992 int ieee80211_sta_set_ssid(struct net_device *dev, char *ssid, size_t len)
2993 {
2994 struct ieee80211_sub_if_data *sdata;
2995 struct ieee80211_if_sta *ifsta;
2996 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2997
2998 if (len > IEEE80211_MAX_SSID_LEN)
2999 return -EINVAL;
3000
3001 /* TODO: This should always be done for IBSS, even if IEEE80211_QOS is
3002 * not defined. */
3003 if (local->ops->conf_tx) {
3004 struct ieee80211_tx_queue_params qparam;
3005 int i;
3006
3007 memset(&qparam, 0, sizeof(qparam));
3008 /* TODO: are these ok defaults for all hw_modes? */
3009 qparam.aifs = 2;
3010 qparam.cw_min =
3011 local->hw.conf.phymode == MODE_IEEE80211B ? 31 : 15;
3012 qparam.cw_max = 1023;
3013 qparam.burst_time = 0;
3014 for (i = IEEE80211_TX_QUEUE_DATA0; i < NUM_TX_DATA_QUEUES; i++)
3015 {
3016 local->ops->conf_tx(local_to_hw(local),
3017 i + IEEE80211_TX_QUEUE_DATA0,
3018 &qparam);
3019 }
3020 /* IBSS uses different parameters for Beacon sending */
3021 qparam.cw_min++;
3022 qparam.cw_min *= 2;
3023 qparam.cw_min--;
3024 local->ops->conf_tx(local_to_hw(local),
3025 IEEE80211_TX_QUEUE_BEACON, &qparam);
3026 }
3027
3028 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3029 ifsta = &sdata->u.sta;
3030
3031 if (ifsta->ssid_len != len || memcmp(ifsta->ssid, ssid, len) != 0)
3032 ifsta->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
3033 memcpy(ifsta->ssid, ssid, len);
3034 memset(ifsta->ssid + len, 0, IEEE80211_MAX_SSID_LEN - len);
3035 ifsta->ssid_len = len;
3036
3037 if (len)
3038 ifsta->flags |= IEEE80211_STA_SSID_SET;
3039 else
3040 ifsta->flags &= ~IEEE80211_STA_SSID_SET;
3041 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS &&
3042 !(ifsta->flags & IEEE80211_STA_BSSID_SET)) {
3043 ifsta->ibss_join_req = jiffies;
3044 ifsta->state = IEEE80211_IBSS_SEARCH;
3045 return ieee80211_sta_find_ibss(dev, ifsta);
3046 }
3047 return 0;
3048 }
3049
3050
3051 int ieee80211_sta_get_ssid(struct net_device *dev, char *ssid, size_t *len)
3052 {
3053 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3054 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3055 memcpy(ssid, ifsta->ssid, ifsta->ssid_len);
3056 *len = ifsta->ssid_len;
3057 return 0;
3058 }
3059
3060
3061 int ieee80211_sta_set_bssid(struct net_device *dev, u8 *bssid)
3062 {
3063 struct ieee80211_sub_if_data *sdata;
3064 struct ieee80211_if_sta *ifsta;
3065 int res;
3066
3067 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3068 ifsta = &sdata->u.sta;
3069
3070 if (memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0) {
3071 memcpy(ifsta->bssid, bssid, ETH_ALEN);
3072 res = ieee80211_if_config(dev);
3073 if (res) {
3074 printk(KERN_DEBUG "%s: Failed to config new BSSID to "
3075 "the low-level driver\n", dev->name);
3076 return res;
3077 }
3078 }
3079
3080 if (is_valid_ether_addr(bssid))
3081 ifsta->flags |= IEEE80211_STA_BSSID_SET;
3082 else
3083 ifsta->flags &= ~IEEE80211_STA_BSSID_SET;
3084
3085 return 0;
3086 }
3087
3088
3089 static void ieee80211_send_nullfunc(struct ieee80211_local *local,
3090 struct ieee80211_sub_if_data *sdata,
3091 int powersave)
3092 {
3093 struct sk_buff *skb;
3094 struct ieee80211_hdr *nullfunc;
3095 u16 fc;
3096
3097 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 24);
3098 if (!skb) {
3099 printk(KERN_DEBUG "%s: failed to allocate buffer for nullfunc "
3100 "frame\n", sdata->dev->name);
3101 return;
3102 }
3103 skb_reserve(skb, local->hw.extra_tx_headroom);
3104
3105 nullfunc = (struct ieee80211_hdr *) skb_put(skb, 24);
3106 memset(nullfunc, 0, 24);
3107 fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC |
3108 IEEE80211_FCTL_TODS;
3109 if (powersave)
3110 fc |= IEEE80211_FCTL_PM;
3111 nullfunc->frame_control = cpu_to_le16(fc);
3112 memcpy(nullfunc->addr1, sdata->u.sta.bssid, ETH_ALEN);
3113 memcpy(nullfunc->addr2, sdata->dev->dev_addr, ETH_ALEN);
3114 memcpy(nullfunc->addr3, sdata->u.sta.bssid, ETH_ALEN);
3115
3116 ieee80211_sta_tx(sdata->dev, skb, 0);
3117 }
3118
3119
3120 void ieee80211_scan_completed(struct ieee80211_hw *hw)
3121 {
3122 struct ieee80211_local *local = hw_to_local(hw);
3123 struct net_device *dev = local->scan_dev;
3124 struct ieee80211_sub_if_data *sdata;
3125 union iwreq_data wrqu;
3126
3127 local->last_scan_completed = jiffies;
3128 memset(&wrqu, 0, sizeof(wrqu));
3129 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL);
3130
3131 if (local->sta_hw_scanning) {
3132 local->sta_hw_scanning = 0;
3133 goto done;
3134 }
3135
3136 local->sta_sw_scanning = 0;
3137 if (ieee80211_hw_config(local))
3138 printk(KERN_DEBUG "%s: failed to restore operational "
3139 "channel after scan\n", dev->name);
3140
3141
3142 netif_tx_lock_bh(local->mdev);
3143 local->filter_flags &= ~FIF_BCN_PRBRESP_PROMISC;
3144 local->ops->configure_filter(local_to_hw(local),
3145 FIF_BCN_PRBRESP_PROMISC,
3146 &local->filter_flags,
3147 local->mdev->mc_count,
3148 local->mdev->mc_list);
3149
3150 netif_tx_unlock_bh(local->mdev);
3151
3152 rcu_read_lock();
3153 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
3154
3155 /* No need to wake the master device. */
3156 if (sdata->dev == local->mdev)
3157 continue;
3158
3159 if (sdata->vif.type == IEEE80211_IF_TYPE_STA) {
3160 if (sdata->u.sta.flags & IEEE80211_STA_ASSOCIATED)
3161 ieee80211_send_nullfunc(local, sdata, 0);
3162 ieee80211_sta_timer((unsigned long)sdata);
3163 }
3164
3165 netif_wake_queue(sdata->dev);
3166 }
3167 rcu_read_unlock();
3168
3169 done:
3170 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3171 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS) {
3172 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3173 if (!(ifsta->flags & IEEE80211_STA_BSSID_SET) ||
3174 (!ifsta->state == IEEE80211_IBSS_JOINED &&
3175 !ieee80211_sta_active_ibss(dev)))
3176 ieee80211_sta_find_ibss(dev, ifsta);
3177 }
3178 }
3179 EXPORT_SYMBOL(ieee80211_scan_completed);
3180
3181 void ieee80211_sta_scan_work(struct work_struct *work)
3182 {
3183 struct ieee80211_local *local =
3184 container_of(work, struct ieee80211_local, scan_work.work);
3185 struct net_device *dev = local->scan_dev;
3186 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3187 struct ieee80211_hw_mode *mode;
3188 struct ieee80211_channel *chan;
3189 int skip;
3190 unsigned long next_delay = 0;
3191
3192 if (!local->sta_sw_scanning)
3193 return;
3194
3195 switch (local->scan_state) {
3196 case SCAN_SET_CHANNEL:
3197 mode = local->scan_hw_mode;
3198 if (local->scan_hw_mode->list.next == &local->modes_list &&
3199 local->scan_channel_idx >= mode->num_channels) {
3200 ieee80211_scan_completed(local_to_hw(local));
3201 return;
3202 }
3203 skip = !(local->enabled_modes & (1 << mode->mode));
3204 chan = &mode->channels[local->scan_channel_idx];
3205 if (!(chan->flag & IEEE80211_CHAN_W_SCAN) ||
3206 (sdata->vif.type == IEEE80211_IF_TYPE_IBSS &&
3207 !(chan->flag & IEEE80211_CHAN_W_IBSS)) ||
3208 (local->hw_modes & local->enabled_modes &
3209 (1 << MODE_IEEE80211G) && mode->mode == MODE_IEEE80211B))
3210 skip = 1;
3211
3212 if (!skip) {
3213 #if 0
3214 printk(KERN_DEBUG "%s: scan channel %d (%d MHz)\n",
3215 dev->name, chan->chan, chan->freq);
3216 #endif
3217
3218 local->scan_channel = chan;
3219 if (ieee80211_hw_config(local)) {
3220 printk(KERN_DEBUG "%s: failed to set channel "
3221 "%d (%d MHz) for scan\n", dev->name,
3222 chan->chan, chan->freq);
3223 skip = 1;
3224 }
3225 }
3226
3227 local->scan_channel_idx++;
3228 if (local->scan_channel_idx >= local->scan_hw_mode->num_channels) {
3229 if (local->scan_hw_mode->list.next != &local->modes_list) {
3230 local->scan_hw_mode = list_entry(local->scan_hw_mode->list.next,
3231 struct ieee80211_hw_mode,
3232 list);
3233 local->scan_channel_idx = 0;
3234 }
3235 }
3236
3237 if (skip)
3238 break;
3239
3240 next_delay = IEEE80211_PROBE_DELAY +
3241 usecs_to_jiffies(local->hw.channel_change_time);
3242 local->scan_state = SCAN_SEND_PROBE;
3243 break;
3244 case SCAN_SEND_PROBE:
3245 if (local->scan_channel->flag & IEEE80211_CHAN_W_ACTIVE_SCAN) {
3246 ieee80211_send_probe_req(dev, NULL, local->scan_ssid,
3247 local->scan_ssid_len);
3248 next_delay = IEEE80211_CHANNEL_TIME;
3249 } else
3250 next_delay = IEEE80211_PASSIVE_CHANNEL_TIME;
3251 local->scan_state = SCAN_SET_CHANNEL;
3252 break;
3253 }
3254
3255 if (local->sta_sw_scanning)
3256 queue_delayed_work(local->hw.workqueue, &local->scan_work,
3257 next_delay);
3258 }
3259
3260
3261 static int ieee80211_sta_start_scan(struct net_device *dev,
3262 u8 *ssid, size_t ssid_len)
3263 {
3264 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3265 struct ieee80211_sub_if_data *sdata;
3266
3267 if (ssid_len > IEEE80211_MAX_SSID_LEN)
3268 return -EINVAL;
3269
3270 /* MLME-SCAN.request (page 118) page 144 (11.1.3.1)
3271 * BSSType: INFRASTRUCTURE, INDEPENDENT, ANY_BSS
3272 * BSSID: MACAddress
3273 * SSID
3274 * ScanType: ACTIVE, PASSIVE
3275 * ProbeDelay: delay (in microseconds) to be used prior to transmitting
3276 * a Probe frame during active scanning
3277 * ChannelList
3278 * MinChannelTime (>= ProbeDelay), in TU
3279 * MaxChannelTime: (>= MinChannelTime), in TU
3280 */
3281
3282 /* MLME-SCAN.confirm
3283 * BSSDescriptionSet
3284 * ResultCode: SUCCESS, INVALID_PARAMETERS
3285 */
3286
3287 if (local->sta_sw_scanning || local->sta_hw_scanning) {
3288 if (local->scan_dev == dev)
3289 return 0;
3290 return -EBUSY;
3291 }
3292
3293 if (local->ops->hw_scan) {
3294 int rc = local->ops->hw_scan(local_to_hw(local),
3295 ssid, ssid_len);
3296 if (!rc) {
3297 local->sta_hw_scanning = 1;
3298 local->scan_dev = dev;
3299 }
3300 return rc;
3301 }
3302
3303 local->sta_sw_scanning = 1;
3304
3305 rcu_read_lock();
3306 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
3307
3308 /* Don't stop the master interface, otherwise we can't transmit
3309 * probes! */
3310 if (sdata->dev == local->mdev)
3311 continue;
3312
3313 netif_stop_queue(sdata->dev);
3314 if (sdata->vif.type == IEEE80211_IF_TYPE_STA &&
3315 (sdata->u.sta.flags & IEEE80211_STA_ASSOCIATED))
3316 ieee80211_send_nullfunc(local, sdata, 1);
3317 }
3318 rcu_read_unlock();
3319
3320 if (ssid) {
3321 local->scan_ssid_len = ssid_len;
3322 memcpy(local->scan_ssid, ssid, ssid_len);
3323 } else
3324 local->scan_ssid_len = 0;
3325 local->scan_state = SCAN_SET_CHANNEL;
3326 local->scan_hw_mode = list_entry(local->modes_list.next,
3327 struct ieee80211_hw_mode,
3328 list);
3329 local->scan_channel_idx = 0;
3330 local->scan_dev = dev;
3331
3332 netif_tx_lock_bh(local->mdev);
3333 local->filter_flags |= FIF_BCN_PRBRESP_PROMISC;
3334 local->ops->configure_filter(local_to_hw(local),
3335 FIF_BCN_PRBRESP_PROMISC,
3336 &local->filter_flags,
3337 local->mdev->mc_count,
3338 local->mdev->mc_list);
3339 netif_tx_unlock_bh(local->mdev);
3340
3341 /* TODO: start scan as soon as all nullfunc frames are ACKed */
3342 queue_delayed_work(local->hw.workqueue, &local->scan_work,
3343 IEEE80211_CHANNEL_TIME);
3344
3345 return 0;
3346 }
3347
3348
3349 int ieee80211_sta_req_scan(struct net_device *dev, u8 *ssid, size_t ssid_len)
3350 {
3351 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3352 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3353 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3354
3355 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
3356 return ieee80211_sta_start_scan(dev, ssid, ssid_len);
3357
3358 if (local->sta_sw_scanning || local->sta_hw_scanning) {
3359 if (local->scan_dev == dev)
3360 return 0;
3361 return -EBUSY;
3362 }
3363
3364 ifsta->scan_ssid_len = ssid_len;
3365 if (ssid_len)
3366 memcpy(ifsta->scan_ssid, ssid, ssid_len);
3367 set_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request);
3368 queue_work(local->hw.workqueue, &ifsta->work);
3369 return 0;
3370 }
3371
3372 static char *
3373 ieee80211_sta_scan_result(struct net_device *dev,
3374 struct ieee80211_sta_bss *bss,
3375 char *current_ev, char *end_buf)
3376 {
3377 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3378 struct iw_event iwe;
3379
3380 if (time_after(jiffies,
3381 bss->last_update + IEEE80211_SCAN_RESULT_EXPIRE))
3382 return current_ev;
3383
3384 if (!(local->enabled_modes & (1 << bss->hw_mode)))
3385 return current_ev;
3386
3387 memset(&iwe, 0, sizeof(iwe));
3388 iwe.cmd = SIOCGIWAP;
3389 iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
3390 memcpy(iwe.u.ap_addr.sa_data, bss->bssid, ETH_ALEN);
3391 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
3392 IW_EV_ADDR_LEN);
3393
3394 memset(&iwe, 0, sizeof(iwe));
3395 iwe.cmd = SIOCGIWESSID;
3396 iwe.u.data.length = bss->ssid_len;
3397 iwe.u.data.flags = 1;
3398 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
3399 bss->ssid);
3400
3401 if (bss->capability & (WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_IBSS)) {
3402 memset(&iwe, 0, sizeof(iwe));
3403 iwe.cmd = SIOCGIWMODE;
3404 if (bss->capability & WLAN_CAPABILITY_ESS)
3405 iwe.u.mode = IW_MODE_MASTER;
3406 else
3407 iwe.u.mode = IW_MODE_ADHOC;
3408 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
3409 IW_EV_UINT_LEN);
3410 }
3411
3412 memset(&iwe, 0, sizeof(iwe));
3413 iwe.cmd = SIOCGIWFREQ;
3414 iwe.u.freq.m = bss->channel;
3415 iwe.u.freq.e = 0;
3416 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
3417 IW_EV_FREQ_LEN);
3418 iwe.u.freq.m = bss->freq * 100000;
3419 iwe.u.freq.e = 1;
3420 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
3421 IW_EV_FREQ_LEN);
3422
3423 memset(&iwe, 0, sizeof(iwe));
3424 iwe.cmd = IWEVQUAL;
3425 iwe.u.qual.qual = bss->signal;
3426 iwe.u.qual.level = bss->rssi;
3427 iwe.u.qual.noise = bss->noise;
3428 iwe.u.qual.updated = local->wstats_flags;
3429 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
3430 IW_EV_QUAL_LEN);
3431
3432 memset(&iwe, 0, sizeof(iwe));
3433 iwe.cmd = SIOCGIWENCODE;
3434 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
3435 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
3436 else
3437 iwe.u.data.flags = IW_ENCODE_DISABLED;
3438 iwe.u.data.length = 0;
3439 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe, "");
3440
3441 if (bss && bss->wpa_ie) {
3442 memset(&iwe, 0, sizeof(iwe));
3443 iwe.cmd = IWEVGENIE;
3444 iwe.u.data.length = bss->wpa_ie_len;
3445 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
3446 bss->wpa_ie);
3447 }
3448
3449 if (bss && bss->rsn_ie) {
3450 memset(&iwe, 0, sizeof(iwe));
3451 iwe.cmd = IWEVGENIE;
3452 iwe.u.data.length = bss->rsn_ie_len;
3453 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
3454 bss->rsn_ie);
3455 }
3456
3457 if (bss && bss->supp_rates_len > 0) {
3458 /* display all supported rates in readable format */
3459 char *p = current_ev + IW_EV_LCP_LEN;
3460 int i;
3461
3462 memset(&iwe, 0, sizeof(iwe));
3463 iwe.cmd = SIOCGIWRATE;
3464 /* Those two flags are ignored... */
3465 iwe.u.bitrate.fixed = iwe.u.bitrate.disabled = 0;
3466
3467 for (i = 0; i < bss->supp_rates_len; i++) {
3468 iwe.u.bitrate.value = ((bss->supp_rates[i] &
3469 0x7f) * 500000);
3470 p = iwe_stream_add_value(current_ev, p,
3471 end_buf, &iwe, IW_EV_PARAM_LEN);
3472 }
3473 current_ev = p;
3474 }
3475
3476 if (bss) {
3477 char *buf;
3478 buf = kmalloc(30, GFP_ATOMIC);
3479 if (buf) {
3480 memset(&iwe, 0, sizeof(iwe));
3481 iwe.cmd = IWEVCUSTOM;
3482 sprintf(buf, "tsf=%016llx", (unsigned long long)(bss->timestamp));
3483 iwe.u.data.length = strlen(buf);
3484 current_ev = iwe_stream_add_point(current_ev, end_buf,
3485 &iwe, buf);
3486 kfree(buf);
3487 }
3488 }
3489
3490 return current_ev;
3491 }
3492
3493
3494 int ieee80211_sta_scan_results(struct net_device *dev, char *buf, size_t len)
3495 {
3496 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3497 char *current_ev = buf;
3498 char *end_buf = buf + len;
3499 struct ieee80211_sta_bss *bss;
3500
3501 spin_lock_bh(&local->sta_bss_lock);
3502 list_for_each_entry(bss, &local->sta_bss_list, list) {
3503 if (buf + len - current_ev <= IW_EV_ADDR_LEN) {
3504 spin_unlock_bh(&local->sta_bss_lock);
3505 return -E2BIG;
3506 }
3507 current_ev = ieee80211_sta_scan_result(dev, bss, current_ev,
3508 end_buf);
3509 }
3510 spin_unlock_bh(&local->sta_bss_lock);
3511 return current_ev - buf;
3512 }
3513
3514
3515 int ieee80211_sta_set_extra_ie(struct net_device *dev, char *ie, size_t len)
3516 {
3517 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3518 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3519 kfree(ifsta->extra_ie);
3520 if (len == 0) {
3521 ifsta->extra_ie = NULL;
3522 ifsta->extra_ie_len = 0;
3523 return 0;
3524 }
3525 ifsta->extra_ie = kmalloc(len, GFP_KERNEL);
3526 if (!ifsta->extra_ie) {
3527 ifsta->extra_ie_len = 0;
3528 return -ENOMEM;
3529 }
3530 memcpy(ifsta->extra_ie, ie, len);
3531 ifsta->extra_ie_len = len;
3532 return 0;
3533 }
3534
3535
3536 struct sta_info * ieee80211_ibss_add_sta(struct net_device *dev,
3537 struct sk_buff *skb, u8 *bssid,
3538 u8 *addr)
3539 {
3540 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3541 struct sta_info *sta;
3542 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3543 DECLARE_MAC_BUF(mac);
3544
3545 /* TODO: Could consider removing the least recently used entry and
3546 * allow new one to be added. */
3547 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
3548 if (net_ratelimit()) {
3549 printk(KERN_DEBUG "%s: No room for a new IBSS STA "
3550 "entry %s\n", dev->name, print_mac(mac, addr));
3551 }
3552 return NULL;
3553 }
3554
3555 printk(KERN_DEBUG "%s: Adding new IBSS station %s (dev=%s)\n",
3556 wiphy_name(local->hw.wiphy), print_mac(mac, addr), dev->name);
3557
3558 sta = sta_info_add(local, dev, addr, GFP_ATOMIC);
3559 if (!sta)
3560 return NULL;
3561
3562 sta->supp_rates = sdata->u.sta.supp_rates_bits;
3563
3564 rate_control_rate_init(sta, local);
3565
3566 return sta; /* caller will call sta_info_put() */
3567 }
3568
3569
3570 int ieee80211_sta_deauthenticate(struct net_device *dev, u16 reason)
3571 {
3572 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3573 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3574
3575 printk(KERN_DEBUG "%s: deauthenticate(reason=%d)\n",
3576 dev->name, reason);
3577
3578 if (sdata->vif.type != IEEE80211_IF_TYPE_STA &&
3579 sdata->vif.type != IEEE80211_IF_TYPE_IBSS)
3580 return -EINVAL;
3581
3582 ieee80211_send_deauth(dev, ifsta, reason);
3583 ieee80211_set_disassoc(dev, ifsta, 1);
3584 return 0;
3585 }
3586
3587
3588 int ieee80211_sta_disassociate(struct net_device *dev, u16 reason)
3589 {
3590 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3591 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3592
3593 printk(KERN_DEBUG "%s: disassociate(reason=%d)\n",
3594 dev->name, reason);
3595
3596 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
3597 return -EINVAL;
3598
3599 if (!(ifsta->flags & IEEE80211_STA_ASSOCIATED))
3600 return -1;
3601
3602 ieee80211_send_disassoc(dev, ifsta, reason);
3603 ieee80211_set_disassoc(dev, ifsta, 0);
3604 return 0;
3605 }
Verdex Pro support