Avoid reading past buffer when calling GETACL
[zen-stable.git] / drivers / net / wireless / mwifiex / sta_event.c
blobd7aa21da84d0124fd78a181da4bd7d711094c6eb
1 /*
2 * Marvell Wireless LAN device driver: station event handling
4 * Copyright (C) 2011, Marvell International Ltd.
6 * This software file (the "File") is distributed by Marvell International
7 * Ltd. under the terms of the GNU General Public License Version 2, June 1991
8 * (the "License"). You may use, redistribute and/or modify this File in
9 * accordance with the terms and conditions of the License, a copy of which
10 * is available by writing to the Free Software Foundation, Inc.,
11 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA or on the
12 * worldwide web at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
14 * THE FILE IS DISTRIBUTED AS-IS, WITHOUT WARRANTY OF ANY KIND, AND THE
15 * IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE
16 * ARE EXPRESSLY DISCLAIMED. The License provides additional details about
17 * this warranty disclaimer.
20 #include "decl.h"
21 #include "ioctl.h"
22 #include "util.h"
23 #include "fw.h"
24 #include "main.h"
25 #include "wmm.h"
26 #include "11n.h"
29 * This function resets the connection state.
31 * The function is invoked after receiving a disconnect event from firmware,
32 * and performs the following actions -
33 * - Set media status to disconnected
34 * - Clean up Tx and Rx packets
35 * - Resets SNR/NF/RSSI value in driver
36 * - Resets security configurations in driver
37 * - Enables auto data rate
38 * - Saves the previous SSID and BSSID so that they can
39 * be used for re-association, if required
40 * - Erases current SSID and BSSID information
41 * - Sends a disconnect event to upper layers/applications.
43 void
44 mwifiex_reset_connect_state(struct mwifiex_private *priv)
46 struct mwifiex_adapter *adapter = priv->adapter;
48 if (!priv->media_connected)
49 return;
51 dev_dbg(adapter->dev, "info: handles disconnect event\n");
53 priv->media_connected = false;
55 priv->scan_block = false;
57 /* Free Tx and Rx packets, report disconnect to upper layer */
58 mwifiex_clean_txrx(priv);
60 /* Reset SNR/NF/RSSI values */
61 priv->data_rssi_last = 0;
62 priv->data_nf_last = 0;
63 priv->data_rssi_avg = 0;
64 priv->data_nf_avg = 0;
65 priv->bcn_rssi_last = 0;
66 priv->bcn_nf_last = 0;
67 priv->bcn_rssi_avg = 0;
68 priv->bcn_nf_avg = 0;
69 priv->rxpd_rate = 0;
70 priv->rxpd_htinfo = 0;
71 priv->sec_info.wpa_enabled = false;
72 priv->sec_info.wpa2_enabled = false;
73 priv->wpa_ie_len = 0;
75 priv->sec_info.wapi_enabled = false;
76 priv->wapi_ie_len = 0;
77 priv->sec_info.wapi_key_on = false;
79 priv->sec_info.encryption_mode = 0;
81 /* Enable auto data rate */
82 priv->is_data_rate_auto = true;
83 priv->data_rate = 0;
85 if (priv->bss_mode == NL80211_IFTYPE_ADHOC) {
86 priv->adhoc_state = ADHOC_IDLE;
87 priv->adhoc_is_link_sensed = false;
91 * Memorize the previous SSID and BSSID so
92 * it could be used for re-assoc
95 dev_dbg(adapter->dev, "info: previous SSID=%s, SSID len=%u\n",
96 priv->prev_ssid.ssid, priv->prev_ssid.ssid_len);
98 dev_dbg(adapter->dev, "info: current SSID=%s, SSID len=%u\n",
99 priv->curr_bss_params.bss_descriptor.ssid.ssid,
100 priv->curr_bss_params.bss_descriptor.ssid.ssid_len);
102 memcpy(&priv->prev_ssid,
103 &priv->curr_bss_params.bss_descriptor.ssid,
104 sizeof(struct mwifiex_802_11_ssid));
106 memcpy(priv->prev_bssid,
107 priv->curr_bss_params.bss_descriptor.mac_address, ETH_ALEN);
109 /* Need to erase the current SSID and BSSID info */
110 memset(&priv->curr_bss_params, 0x00, sizeof(priv->curr_bss_params));
112 adapter->tx_lock_flag = false;
113 adapter->pps_uapsd_mode = false;
115 if (adapter->num_cmd_timeout && adapter->curr_cmd)
116 return;
117 priv->media_connected = false;
118 dev_dbg(adapter->dev, "info: successfully disconnected from"
119 " %pM: reason code %d\n", priv->cfg_bssid,
120 WLAN_REASON_DEAUTH_LEAVING);
121 if (priv->bss_mode == NL80211_IFTYPE_STATION) {
122 cfg80211_disconnected(priv->netdev, WLAN_REASON_DEAUTH_LEAVING,
123 NULL, 0, GFP_KERNEL);
125 memset(priv->cfg_bssid, 0, ETH_ALEN);
127 if (!netif_queue_stopped(priv->netdev))
128 mwifiex_stop_net_dev_queue(priv->netdev, adapter);
129 if (netif_carrier_ok(priv->netdev))
130 netif_carrier_off(priv->netdev);
131 /* Reset wireless stats signal info */
132 priv->qual_level = 0;
133 priv->qual_noise = 0;
137 * This function handles events generated by firmware.
139 * This is a generic function and handles all events.
141 * Event specific routines are called by this function based
142 * upon the generated event cause.
144 * For the following events, the function just forwards them to upper
145 * layers, optionally recording the change -
146 * - EVENT_LINK_SENSED
147 * - EVENT_MIC_ERR_UNICAST
148 * - EVENT_MIC_ERR_MULTICAST
149 * - EVENT_PORT_RELEASE
150 * - EVENT_RSSI_LOW
151 * - EVENT_SNR_LOW
152 * - EVENT_MAX_FAIL
153 * - EVENT_RSSI_HIGH
154 * - EVENT_SNR_HIGH
155 * - EVENT_DATA_RSSI_LOW
156 * - EVENT_DATA_SNR_LOW
157 * - EVENT_DATA_RSSI_HIGH
158 * - EVENT_DATA_SNR_HIGH
159 * - EVENT_LINK_QUALITY
160 * - EVENT_PRE_BEACON_LOST
161 * - EVENT_IBSS_COALESCED
162 * - EVENT_WEP_ICV_ERR
163 * - EVENT_BW_CHANGE
164 * - EVENT_HOSTWAKE_STAIE
166 * For the following events, no action is taken -
167 * - EVENT_MIB_CHANGED
168 * - EVENT_INIT_DONE
169 * - EVENT_DUMMY_HOST_WAKEUP_SIGNAL
171 * Rest of the supported events requires driver handling -
172 * - EVENT_DEAUTHENTICATED
173 * - EVENT_DISASSOCIATED
174 * - EVENT_LINK_LOST
175 * - EVENT_PS_SLEEP
176 * - EVENT_PS_AWAKE
177 * - EVENT_DEEP_SLEEP_AWAKE
178 * - EVENT_HS_ACT_REQ
179 * - EVENT_ADHOC_BCN_LOST
180 * - EVENT_BG_SCAN_REPORT
181 * - EVENT_WMM_STATUS_CHANGE
182 * - EVENT_ADDBA
183 * - EVENT_DELBA
184 * - EVENT_BA_STREAM_TIEMOUT
185 * - EVENT_AMSDU_AGGR_CTRL
187 int mwifiex_process_sta_event(struct mwifiex_private *priv)
189 struct mwifiex_adapter *adapter = priv->adapter;
190 int ret = 0;
191 u32 eventcause = adapter->event_cause;
193 switch (eventcause) {
194 case EVENT_DUMMY_HOST_WAKEUP_SIGNAL:
195 dev_err(adapter->dev, "invalid EVENT: DUMMY_HOST_WAKEUP_SIGNAL,"
196 " ignoring it\n");
197 break;
198 case EVENT_LINK_SENSED:
199 dev_dbg(adapter->dev, "event: LINK_SENSED\n");
200 if (!netif_carrier_ok(priv->netdev))
201 netif_carrier_on(priv->netdev);
202 if (netif_queue_stopped(priv->netdev))
203 mwifiex_wake_up_net_dev_queue(priv->netdev, adapter);
204 break;
206 case EVENT_DEAUTHENTICATED:
207 dev_dbg(adapter->dev, "event: Deauthenticated\n");
208 adapter->dbg.num_event_deauth++;
209 if (priv->media_connected)
210 mwifiex_reset_connect_state(priv);
211 break;
213 case EVENT_DISASSOCIATED:
214 dev_dbg(adapter->dev, "event: Disassociated\n");
215 adapter->dbg.num_event_disassoc++;
216 if (priv->media_connected)
217 mwifiex_reset_connect_state(priv);
218 break;
220 case EVENT_LINK_LOST:
221 dev_dbg(adapter->dev, "event: Link lost\n");
222 adapter->dbg.num_event_link_lost++;
223 if (priv->media_connected)
224 mwifiex_reset_connect_state(priv);
225 break;
227 case EVENT_PS_SLEEP:
228 dev_dbg(adapter->dev, "info: EVENT: SLEEP\n");
230 adapter->ps_state = PS_STATE_PRE_SLEEP;
232 mwifiex_check_ps_cond(adapter);
233 break;
235 case EVENT_PS_AWAKE:
236 dev_dbg(adapter->dev, "info: EVENT: AWAKE\n");
237 if (!adapter->pps_uapsd_mode &&
238 priv->media_connected &&
239 adapter->sleep_period.period) {
240 adapter->pps_uapsd_mode = true;
241 dev_dbg(adapter->dev,
242 "event: PPS/UAPSD mode activated\n");
244 adapter->tx_lock_flag = false;
245 if (adapter->pps_uapsd_mode && adapter->gen_null_pkt) {
246 if (mwifiex_check_last_packet_indication(priv)) {
247 if (!adapter->data_sent) {
248 if (!mwifiex_send_null_packet(priv,
249 MWIFIEX_TxPD_POWER_MGMT_NULL_PACKET
251 MWIFIEX_TxPD_POWER_MGMT_LAST_PACKET))
252 adapter->ps_state =
253 PS_STATE_SLEEP;
254 return 0;
258 adapter->ps_state = PS_STATE_AWAKE;
259 adapter->pm_wakeup_card_req = false;
260 adapter->pm_wakeup_fw_try = false;
262 break;
264 case EVENT_DEEP_SLEEP_AWAKE:
265 adapter->if_ops.wakeup_complete(adapter);
266 dev_dbg(adapter->dev, "event: DS_AWAKE\n");
267 if (adapter->is_deep_sleep)
268 adapter->is_deep_sleep = false;
269 break;
271 case EVENT_HS_ACT_REQ:
272 dev_dbg(adapter->dev, "event: HS_ACT_REQ\n");
273 ret = mwifiex_send_cmd_async(priv,
274 HostCmd_CMD_802_11_HS_CFG_ENH,
275 0, 0, NULL);
276 break;
278 case EVENT_MIC_ERR_UNICAST:
279 dev_dbg(adapter->dev, "event: UNICAST MIC ERROR\n");
280 break;
282 case EVENT_MIC_ERR_MULTICAST:
283 dev_dbg(adapter->dev, "event: MULTICAST MIC ERROR\n");
284 break;
285 case EVENT_MIB_CHANGED:
286 case EVENT_INIT_DONE:
287 break;
289 case EVENT_ADHOC_BCN_LOST:
290 dev_dbg(adapter->dev, "event: ADHOC_BCN_LOST\n");
291 priv->adhoc_is_link_sensed = false;
292 mwifiex_clean_txrx(priv);
293 if (!netif_queue_stopped(priv->netdev))
294 mwifiex_stop_net_dev_queue(priv->netdev, adapter);
295 if (netif_carrier_ok(priv->netdev))
296 netif_carrier_off(priv->netdev);
297 break;
299 case EVENT_BG_SCAN_REPORT:
300 dev_dbg(adapter->dev, "event: BGS_REPORT\n");
301 ret = mwifiex_send_cmd_async(priv,
302 HostCmd_CMD_802_11_BG_SCAN_QUERY,
303 HostCmd_ACT_GEN_GET, 0, NULL);
304 break;
306 case EVENT_PORT_RELEASE:
307 dev_dbg(adapter->dev, "event: PORT RELEASE\n");
308 break;
310 case EVENT_WMM_STATUS_CHANGE:
311 dev_dbg(adapter->dev, "event: WMM status changed\n");
312 ret = mwifiex_send_cmd_async(priv, HostCmd_CMD_WMM_GET_STATUS,
313 0, 0, NULL);
314 break;
316 case EVENT_RSSI_LOW:
317 dev_dbg(adapter->dev, "event: Beacon RSSI_LOW\n");
318 break;
319 case EVENT_SNR_LOW:
320 dev_dbg(adapter->dev, "event: Beacon SNR_LOW\n");
321 break;
322 case EVENT_MAX_FAIL:
323 dev_dbg(adapter->dev, "event: MAX_FAIL\n");
324 break;
325 case EVENT_RSSI_HIGH:
326 dev_dbg(adapter->dev, "event: Beacon RSSI_HIGH\n");
327 break;
328 case EVENT_SNR_HIGH:
329 dev_dbg(adapter->dev, "event: Beacon SNR_HIGH\n");
330 break;
331 case EVENT_DATA_RSSI_LOW:
332 dev_dbg(adapter->dev, "event: Data RSSI_LOW\n");
333 break;
334 case EVENT_DATA_SNR_LOW:
335 dev_dbg(adapter->dev, "event: Data SNR_LOW\n");
336 break;
337 case EVENT_DATA_RSSI_HIGH:
338 dev_dbg(adapter->dev, "event: Data RSSI_HIGH\n");
339 break;
340 case EVENT_DATA_SNR_HIGH:
341 dev_dbg(adapter->dev, "event: Data SNR_HIGH\n");
342 break;
343 case EVENT_LINK_QUALITY:
344 dev_dbg(adapter->dev, "event: Link Quality\n");
345 break;
346 case EVENT_PRE_BEACON_LOST:
347 dev_dbg(adapter->dev, "event: Pre-Beacon Lost\n");
348 break;
349 case EVENT_IBSS_COALESCED:
350 dev_dbg(adapter->dev, "event: IBSS_COALESCED\n");
351 ret = mwifiex_send_cmd_async(priv,
352 HostCmd_CMD_802_11_IBSS_COALESCING_STATUS,
353 HostCmd_ACT_GEN_GET, 0, NULL);
354 break;
355 case EVENT_ADDBA:
356 dev_dbg(adapter->dev, "event: ADDBA Request\n");
357 mwifiex_send_cmd_async(priv, HostCmd_CMD_11N_ADDBA_RSP,
358 HostCmd_ACT_GEN_SET, 0,
359 adapter->event_body);
360 break;
361 case EVENT_DELBA:
362 dev_dbg(adapter->dev, "event: DELBA Request\n");
363 mwifiex_11n_delete_ba_stream(priv, adapter->event_body);
364 break;
365 case EVENT_BA_STREAM_TIEMOUT:
366 dev_dbg(adapter->dev, "event: BA Stream timeout\n");
367 mwifiex_11n_ba_stream_timeout(priv,
368 (struct host_cmd_ds_11n_batimeout
370 adapter->event_body);
371 break;
372 case EVENT_AMSDU_AGGR_CTRL:
373 dev_dbg(adapter->dev, "event: AMSDU_AGGR_CTRL %d\n",
374 *(u16 *) adapter->event_body);
375 adapter->tx_buf_size =
376 min(adapter->curr_tx_buf_size,
377 le16_to_cpu(*(__le16 *) adapter->event_body));
378 dev_dbg(adapter->dev, "event: tx_buf_size %d\n",
379 adapter->tx_buf_size);
380 break;
382 case EVENT_WEP_ICV_ERR:
383 dev_dbg(adapter->dev, "event: WEP ICV error\n");
384 break;
386 case EVENT_BW_CHANGE:
387 dev_dbg(adapter->dev, "event: BW Change\n");
388 break;
390 case EVENT_HOSTWAKE_STAIE:
391 dev_dbg(adapter->dev, "event: HOSTWAKE_STAIE %d\n", eventcause);
392 break;
393 default:
394 dev_dbg(adapter->dev, "event: unknown event id: %#x\n",
395 eventcause);
396 break;
399 return ret;