Avoid beyond bounds copy while caching ACL
[zen-stable.git] / drivers / staging / vt6655 / ioctl.c
blob7fd5cc5a55f6e3b6dbc4bbd3b623e9529b877bd7
1 /*
2 * Copyright (c) 1996, 2003 VIA Networking Technologies, Inc.
3 * All rights reserved.
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
19 * File: ioctl.c
21 * Purpose: private ioctl functions
23 * Author: Lyndon Chen
25 * Date: Auguest 20, 2003
27 * Functions:
29 * Revision History:
33 #include "ioctl.h"
34 #include "iocmd.h"
35 #include "mac.h"
36 #include "card.h"
37 #include "hostap.h"
38 #include "wpactl.h"
39 #include "rf.h"
41 static int msglevel = MSG_LEVEL_INFO;
43 #ifdef WPA_SM_Transtatus
44 SWPAResult wpa_Result;
45 #endif
47 int private_ioctl(PSDevice pDevice, struct ifreq *rq)
49 PSCmdRequest pReq = (PSCmdRequest)rq;
50 PSMgmtObject pMgmt = pDevice->pMgmt;
51 int result = 0;
52 PWLAN_IE_SSID pItemSSID;
53 SCmdBSSJoin sJoinCmd;
54 SCmdZoneTypeSet sZoneTypeCmd;
55 SCmdScan sScanCmd;
56 SCmdStartAP sStartAPCmd;
57 SCmdSetWEP sWEPCmd;
58 SCmdValue sValue;
59 SBSSIDList sList;
60 SNodeList sNodeList;
61 PSBSSIDList pList;
62 PSNodeList pNodeList;
63 unsigned int cbListCount;
64 PKnownBSS pBSS;
65 PKnownNodeDB pNode;
66 unsigned int ii, jj;
67 SCmdLinkStatus sLinkStatus;
68 unsigned char abySuppRates[] = {WLAN_EID_SUPP_RATES, 4, 0x02, 0x04, 0x0B, 0x16};
69 unsigned char abyNullAddr[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
70 unsigned long dwKeyIndex = 0;
71 unsigned char abyScanSSID[WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN + 1];
72 long ldBm;
74 pReq->wResult = 0;
76 switch (pReq->wCmdCode) {
77 case WLAN_CMD_BSS_SCAN:
78 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "WLAN_CMD_BSS_SCAN..begin\n");
79 if (copy_from_user(&sScanCmd, pReq->data, sizeof(SCmdScan))) {
80 result = -EFAULT;
81 break;
84 pItemSSID = (PWLAN_IE_SSID)sScanCmd.ssid;
85 if (pItemSSID->len > WLAN_SSID_MAXLEN + 1)
86 return -EINVAL;
87 if (pItemSSID->len != 0) {
88 memset(abyScanSSID, 0, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN + 1);
89 memcpy(abyScanSSID, pItemSSID, pItemSSID->len + WLAN_IEHDR_LEN);
92 if (pDevice->bMACSuspend == true) {
93 if (pDevice->bRadioOff == true)
94 CARDbRadioPowerOn(pDevice);
95 vMgrTimerInit(pDevice);
96 MACvIntEnable(pDevice->PortOffset, IMR_MASK_VALUE);
97 add_timer(&pMgmt->sTimerSecondCallback);
98 pDevice->bMACSuspend = false;
100 spin_lock_irq(&pDevice->lock);
101 if (memcmp(pMgmt->abyCurrBSSID, &abyNullAddr[0], 6) == 0)
102 BSSvClearBSSList((void *)pDevice, false);
103 else
104 BSSvClearBSSList((void *)pDevice, pDevice->bLinkPass);
106 if (pItemSSID->len != 0)
107 bScheduleCommand((void *) pDevice, WLAN_CMD_BSSID_SCAN, abyScanSSID);
108 else
109 bScheduleCommand((void *) pDevice, WLAN_CMD_BSSID_SCAN, NULL);
110 spin_unlock_irq(&pDevice->lock);
111 break;
113 case WLAN_CMD_ZONETYPE_SET:
114 /* mike add :cann't support. */
115 result = -EOPNOTSUPP;
116 break;
118 if (copy_from_user(&sZoneTypeCmd, pReq->data, sizeof(SCmdZoneTypeSet))) {
119 result = -EFAULT;
120 break;
123 if (sZoneTypeCmd.bWrite == true) {
124 /* write zonetype */
125 if (sZoneTypeCmd.ZoneType == ZoneType_USA) {
126 /* set to USA */
127 printk("set_ZoneType:USA\n");
128 } else if (sZoneTypeCmd.ZoneType == ZoneType_Japan) {
129 /* set to Japan */
130 printk("set_ZoneType:Japan\n");
131 } else if (sZoneTypeCmd.ZoneType == ZoneType_Europe) {
132 /* set to Europe */
133 printk("set_ZoneType:Europe\n");
135 } else {
136 /* read zonetype */
137 unsigned char zonetype = 0;
139 if (zonetype == 0x00) { /* USA */
140 sZoneTypeCmd.ZoneType = ZoneType_USA;
141 } else if (zonetype == 0x01) { /* Japan */
142 sZoneTypeCmd.ZoneType = ZoneType_Japan;
143 } else if (zonetype == 0x02) { /* Europe */
144 sZoneTypeCmd.ZoneType = ZoneType_Europe;
145 } else { /* Unknown ZoneType */
146 printk("Error:ZoneType[%x] Unknown ???\n", zonetype);
147 result = -EFAULT;
148 break;
150 if (copy_to_user(pReq->data, &sZoneTypeCmd, sizeof(SCmdZoneTypeSet))) {
151 result = -EFAULT;
152 break;
155 break;
157 case WLAN_CMD_BSS_JOIN:
158 if (pDevice->bMACSuspend == true) {
159 if (pDevice->bRadioOff == true)
160 CARDbRadioPowerOn(pDevice);
161 vMgrTimerInit(pDevice);
162 MACvIntEnable(pDevice->PortOffset, IMR_MASK_VALUE);
163 add_timer(&pMgmt->sTimerSecondCallback);
164 pDevice->bMACSuspend = false;
167 if (copy_from_user(&sJoinCmd, pReq->data, sizeof(SCmdBSSJoin))) {
168 result = -EFAULT;
169 break;
172 pItemSSID = (PWLAN_IE_SSID)sJoinCmd.ssid;
173 if (pItemSSID->len > WLAN_SSID_MAXLEN + 1)
174 return -EINVAL;
175 memset(pMgmt->abyDesireSSID, 0, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN + 1);
176 memcpy(pMgmt->abyDesireSSID, pItemSSID, pItemSSID->len + WLAN_IEHDR_LEN);
177 if (sJoinCmd.wBSSType == ADHOC) {
178 pMgmt->eConfigMode = WMAC_CONFIG_IBSS_STA;
179 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "ioct set to adhoc mode\n");
180 } else {
181 pMgmt->eConfigMode = WMAC_CONFIG_ESS_STA;
182 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "ioct set to STA mode\n");
184 if (sJoinCmd.bPSEnable == true) {
185 pDevice->ePSMode = WMAC_POWER_FAST;
186 pMgmt->wListenInterval = 2;
187 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Power Saving On\n");
188 } else {
189 pDevice->ePSMode = WMAC_POWER_CAM;
190 pMgmt->wListenInterval = 1;
191 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Power Saving Off\n");
194 if (sJoinCmd.bShareKeyAuth == true) {
195 pMgmt->bShareKeyAlgorithm = true;
196 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Share Key\n");
197 } else {
198 pMgmt->bShareKeyAlgorithm = false;
199 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Open System\n");
201 pDevice->uChannel = sJoinCmd.uChannel;
202 netif_stop_queue(pDevice->dev);
203 spin_lock_irq(&pDevice->lock);
204 pMgmt->eCurrState = WMAC_STATE_IDLE;
205 bScheduleCommand((void *) pDevice, WLAN_CMD_BSSID_SCAN, pMgmt->abyDesireSSID);
206 bScheduleCommand((void *) pDevice, WLAN_CMD_SSID, NULL);
207 spin_unlock_irq(&pDevice->lock);
208 break;
210 case WLAN_CMD_SET_WEP:
211 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "WLAN_CMD_SET_WEP Key.\n");
212 memset(&sWEPCmd, 0, sizeof(SCmdSetWEP));
213 if (copy_from_user(&sWEPCmd, pReq->data, sizeof(SCmdSetWEP))) {
214 result = -EFAULT;
215 break;
217 if (sWEPCmd.bEnableWep != true) {
218 pDevice->bEncryptionEnable = false;
219 pDevice->eEncryptionStatus = Ndis802_11EncryptionDisabled;
220 MACvDisableDefaultKey(pDevice->PortOffset);
221 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "WEP function disable.\n");
222 break;
225 for (ii = 0; ii < WLAN_WEP_NKEYS; ii++) {
226 if (sWEPCmd.bWepKeyAvailable[ii]) {
227 if (ii == sWEPCmd.byKeyIndex)
228 dwKeyIndex = ii | (1 << 31);
229 else
230 dwKeyIndex = ii;
232 KeybSetDefaultKey(&(pDevice->sKey),
233 dwKeyIndex,
234 sWEPCmd.auWepKeyLength[ii],
235 NULL,
236 (unsigned char *)&sWEPCmd.abyWepKey[ii][0],
237 KEY_CTL_WEP,
238 pDevice->PortOffset,
239 pDevice->byLocalID);
242 pDevice->byKeyIndex = sWEPCmd.byKeyIndex;
243 pDevice->bTransmitKey = true;
244 pDevice->bEncryptionEnable = true;
245 pDevice->eEncryptionStatus = Ndis802_11Encryption1Enabled;
246 break;
248 case WLAN_CMD_GET_LINK:
249 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "WLAN_CMD_GET_LINK status.\n");
251 memset(sLinkStatus.abySSID, 0 , WLAN_SSID_MAXLEN + 1);
253 if (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA)
254 sLinkStatus.wBSSType = ADHOC;
255 else
256 sLinkStatus.wBSSType = INFRA;
258 if (pMgmt->eCurrState == WMAC_STATE_JOINTED)
259 sLinkStatus.byState = ADHOC_JOINTED;
260 else
261 sLinkStatus.byState = ADHOC_STARTED;
263 sLinkStatus.uChannel = pMgmt->uCurrChannel;
264 if (pDevice->bLinkPass == true) {
265 sLinkStatus.bLink = true;
266 pItemSSID = (PWLAN_IE_SSID)pMgmt->abyCurrSSID;
267 memcpy(sLinkStatus.abySSID, pItemSSID->abySSID, pItemSSID->len);
268 memcpy(sLinkStatus.abyBSSID, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
269 sLinkStatus.uLinkRate = pMgmt->sNodeDBTable[0].wTxDataRate;
270 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO" Link Success!\n");
271 } else {
272 sLinkStatus.bLink = false;
273 sLinkStatus.uLinkRate = 0;
275 if (copy_to_user(pReq->data, &sLinkStatus, sizeof(SCmdLinkStatus))) {
276 result = -EFAULT;
277 break;
279 break;
281 case WLAN_CMD_GET_LISTLEN:
282 cbListCount = 0;
283 pBSS = &(pMgmt->sBSSList[0]);
284 for (ii = 0; ii < MAX_BSS_NUM; ii++) {
285 pBSS = &(pMgmt->sBSSList[ii]);
286 if (!pBSS->bActive)
287 continue;
288 cbListCount++;
290 sList.uItem = cbListCount;
291 if (copy_to_user(pReq->data, &sList, sizeof(SBSSIDList))) {
292 result = -EFAULT;
293 break;
295 pReq->wResult = 0;
296 break;
298 case WLAN_CMD_GET_LIST:
299 if (copy_from_user(&sList, pReq->data, sizeof(SBSSIDList))) {
300 result = -EFAULT;
301 break;
303 if (sList.uItem > (ULONG_MAX - sizeof(SBSSIDList)) / sizeof(SBSSIDItem)) {
304 result = -EINVAL;
305 break;
307 pList = (PSBSSIDList)kmalloc(sizeof(SBSSIDList) + (sList.uItem * sizeof(SBSSIDItem)), (int)GFP_ATOMIC);
308 if (pList == NULL) {
309 result = -ENOMEM;
310 break;
312 pList->uItem = sList.uItem;
313 pBSS = &(pMgmt->sBSSList[0]);
314 for (ii = 0, jj = 0; jj < MAX_BSS_NUM ; jj++) {
315 pBSS = &(pMgmt->sBSSList[jj]);
316 if (pBSS->bActive) {
317 pList->sBSSIDList[ii].uChannel = pBSS->uChannel;
318 pList->sBSSIDList[ii].wBeaconInterval = pBSS->wBeaconInterval;
319 pList->sBSSIDList[ii].wCapInfo = pBSS->wCapInfo;
320 /* pList->sBSSIDList[ii].uRSSI = pBSS->uRSSI; */
321 RFvRSSITodBm(pDevice, (unsigned char)(pBSS->uRSSI), &ldBm);
322 pList->sBSSIDList[ii].uRSSI = (unsigned int)ldBm;
323 memcpy(pList->sBSSIDList[ii].abyBSSID, pBSS->abyBSSID, WLAN_BSSID_LEN);
324 pItemSSID = (PWLAN_IE_SSID)pBSS->abySSID;
325 memset(pList->sBSSIDList[ii].abySSID, 0, WLAN_SSID_MAXLEN + 1);
326 memcpy(pList->sBSSIDList[ii].abySSID, pItemSSID->abySSID, pItemSSID->len);
327 if (WLAN_GET_CAP_INFO_ESS(pBSS->wCapInfo)) {
328 pList->sBSSIDList[ii].byNetType = INFRA;
329 } else {
330 pList->sBSSIDList[ii].byNetType = ADHOC;
332 if (WLAN_GET_CAP_INFO_PRIVACY(pBSS->wCapInfo)) {
333 pList->sBSSIDList[ii].bWEPOn = true;
334 } else {
335 pList->sBSSIDList[ii].bWEPOn = false;
337 ii++;
338 if (ii >= pList->uItem)
339 break;
343 if (copy_to_user(pReq->data, pList, sizeof(SBSSIDList) + (sList.uItem * sizeof(SBSSIDItem)))) {
344 result = -EFAULT;
345 break;
347 kfree(pList);
348 pReq->wResult = 0;
349 break;
351 case WLAN_CMD_GET_MIB:
352 if (copy_to_user(pReq->data, &(pDevice->s802_11Counter), sizeof(SDot11MIBCount))) {
353 result = -EFAULT;
354 break;
356 break;
358 case WLAN_CMD_GET_STAT:
359 if (copy_to_user(pReq->data, &(pDevice->scStatistic), sizeof(SStatCounter))) {
360 result = -EFAULT;
361 break;
363 break;
365 case WLAN_CMD_STOP_MAC:
366 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "WLAN_CMD_STOP_MAC\n");
367 netif_stop_queue(pDevice->dev);
369 spin_lock_irq(&pDevice->lock);
370 if (pDevice->bRadioOff == false) {
371 CARDbRadioPowerOff(pDevice);
373 pDevice->bLinkPass = false;
374 memset(pMgmt->abyCurrBSSID, 0, 6);
375 pMgmt->eCurrState = WMAC_STATE_IDLE;
376 del_timer(&pDevice->sTimerCommand);
377 del_timer(&pMgmt->sTimerSecondCallback);
378 pDevice->bCmdRunning = false;
379 pDevice->bMACSuspend = true;
380 MACvIntDisable(pDevice->PortOffset);
381 spin_unlock_irq(&pDevice->lock);
382 break;
384 case WLAN_CMD_START_MAC:
385 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "WLAN_CMD_START_MAC\n");
387 if (pDevice->bMACSuspend == true) {
388 if (pDevice->bRadioOff == true)
389 CARDbRadioPowerOn(pDevice);
390 vMgrTimerInit(pDevice);
391 MACvIntEnable(pDevice->PortOffset, IMR_MASK_VALUE);
392 add_timer(&pMgmt->sTimerSecondCallback);
393 pDevice->bMACSuspend = false;
395 break;
397 case WLAN_CMD_SET_HOSTAPD:
398 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "WLAN_CMD_SET_HOSTAPD\n");
400 if (copy_from_user(&sValue, pReq->data, sizeof(SCmdValue))) {
401 result = -EFAULT;
402 break;
404 if (sValue.dwValue == 1) {
405 if (vt6655_hostap_set_hostapd(pDevice, 1, 1) == 0) {
406 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Enable HOSTAP\n");
407 } else {
408 result = -EFAULT;
409 break;
411 } else {
412 vt6655_hostap_set_hostapd(pDevice, 0, 1);
413 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Disable HOSTAP\n");
415 break;
417 case WLAN_CMD_SET_HOSTAPD_STA:
418 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "WLAN_CMD_SET_HOSTAPD_STA\n");
419 break;
421 case WLAN_CMD_SET_802_1X:
422 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "WLAN_CMD_SET_802_1X\n");
423 if (copy_from_user(&sValue, pReq->data, sizeof(SCmdValue))) {
424 result = -EFAULT;
425 break;
428 if (sValue.dwValue == 1) {
429 pDevice->bEnable8021x = true;
430 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Enable 802.1x\n");
431 } else {
432 pDevice->bEnable8021x = false;
433 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Disable 802.1x\n");
435 break;
437 case WLAN_CMD_SET_HOST_WEP:
438 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "WLAN_CMD_SET_HOST_WEP\n");
439 if (copy_from_user(&sValue, pReq->data, sizeof(SCmdValue))) {
440 result = -EFAULT;
441 break;
444 if (sValue.dwValue == 1) {
445 pDevice->bEnableHostWEP = true;
446 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Enable HostWEP\n");
447 } else {
448 pDevice->bEnableHostWEP = false;
449 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Disable HostWEP\n");
451 break;
453 case WLAN_CMD_SET_WPA:
454 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "WLAN_CMD_SET_WPA\n");
456 if (copy_from_user(&sValue, pReq->data, sizeof(SCmdValue))) {
457 result = -EFAULT;
458 break;
460 if (sValue.dwValue == 1) {
461 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "up wpadev\n");
462 memcpy(pDevice->wpadev->dev_addr, pDevice->dev->dev_addr, ETH_ALEN);
463 pDevice->bWPADEVUp = true;
464 } else {
465 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "close wpadev\n");
466 pDevice->bWPADEVUp = false;
468 break;
470 case WLAN_CMD_AP_START:
471 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "WLAN_CMD_AP_START\n");
472 if (pDevice->bRadioOff == true) {
473 CARDbRadioPowerOn(pDevice);
474 vMgrTimerInit(pDevice);
475 MACvIntEnable(pDevice->PortOffset, IMR_MASK_VALUE);
476 add_timer(&pMgmt->sTimerSecondCallback);
478 if (copy_from_user(&sStartAPCmd, pReq->data, sizeof(SCmdStartAP))) {
479 result = -EFAULT;
480 break;
483 if (sStartAPCmd.wBSSType == AP) {
484 pMgmt->eConfigMode = WMAC_CONFIG_AP;
485 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "ioct set to AP mode\n");
486 } else {
487 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "ioct BSS type not set to AP mode\n");
488 result = -EFAULT;
489 break;
492 if (sStartAPCmd.wBBPType == PHY80211g) {
493 pMgmt->byAPBBType = PHY_TYPE_11G;
494 } else if (sStartAPCmd.wBBPType == PHY80211a) {
495 pMgmt->byAPBBType = PHY_TYPE_11A;
496 } else {
497 pMgmt->byAPBBType = PHY_TYPE_11B;
500 pItemSSID = (PWLAN_IE_SSID)sStartAPCmd.ssid;
501 if (pItemSSID->len > WLAN_SSID_MAXLEN + 1)
502 return -EINVAL;
503 memset(pMgmt->abyDesireSSID, 0, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN + 1);
504 memcpy(pMgmt->abyDesireSSID, pItemSSID, pItemSSID->len + WLAN_IEHDR_LEN);
506 if ((sStartAPCmd.uChannel > 0) && (sStartAPCmd.uChannel <= 14))
507 pDevice->uChannel = sStartAPCmd.uChannel;
509 if ((sStartAPCmd.uBeaconInt >= 20) && (sStartAPCmd.uBeaconInt <= 1000))
510 pMgmt->wIBSSBeaconPeriod = sStartAPCmd.uBeaconInt;
511 else
512 pMgmt->wIBSSBeaconPeriod = 100;
514 if (sStartAPCmd.bShareKeyAuth == true) {
515 pMgmt->bShareKeyAlgorithm = true;
516 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Share Key\n");
517 } else {
518 pMgmt->bShareKeyAlgorithm = false;
519 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Open System\n");
521 memcpy(pMgmt->abyIBSSSuppRates, abySuppRates, 6);
523 if (sStartAPCmd.byBasicRate & BIT3) {
524 pMgmt->abyIBSSSuppRates[2] |= BIT7;
525 pMgmt->abyIBSSSuppRates[3] |= BIT7;
526 pMgmt->abyIBSSSuppRates[4] |= BIT7;
527 pMgmt->abyIBSSSuppRates[5] |= BIT7;
528 } else if (sStartAPCmd.byBasicRate & BIT2) {
529 pMgmt->abyIBSSSuppRates[2] |= BIT7;
530 pMgmt->abyIBSSSuppRates[3] |= BIT7;
531 pMgmt->abyIBSSSuppRates[4] |= BIT7;
532 } else if (sStartAPCmd.byBasicRate & BIT1) {
533 pMgmt->abyIBSSSuppRates[2] |= BIT7;
534 pMgmt->abyIBSSSuppRates[3] |= BIT7;
535 } else if (sStartAPCmd.byBasicRate & BIT1) {
536 pMgmt->abyIBSSSuppRates[2] |= BIT7;
537 } else {
538 /* default 1,2M */
539 pMgmt->abyIBSSSuppRates[2] |= BIT7;
540 pMgmt->abyIBSSSuppRates[3] |= BIT7;
543 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Support Rate= %x %x %x %x\n",
544 pMgmt->abyIBSSSuppRates[2],
545 pMgmt->abyIBSSSuppRates[3],
546 pMgmt->abyIBSSSuppRates[4],
547 pMgmt->abyIBSSSuppRates[5]);
549 netif_stop_queue(pDevice->dev);
550 spin_lock_irq(&pDevice->lock);
551 bScheduleCommand((void *)pDevice, WLAN_CMD_RUN_AP, NULL);
552 spin_unlock_irq(&pDevice->lock);
553 break;
555 case WLAN_CMD_GET_NODE_CNT:
556 cbListCount = 0;
557 pNode = &(pMgmt->sNodeDBTable[0]);
558 for (ii = 0; ii < (MAX_NODE_NUM + 1); ii++) {
559 pNode = &(pMgmt->sNodeDBTable[ii]);
560 if (!pNode->bActive)
561 continue;
562 cbListCount++;
565 sNodeList.uItem = cbListCount;
566 if (copy_to_user(pReq->data, &sNodeList, sizeof(SNodeList))) {
567 result = -EFAULT;
568 break;
570 pReq->wResult = 0;
571 break;
573 case WLAN_CMD_GET_NODE_LIST:
574 if (copy_from_user(&sNodeList, pReq->data, sizeof(SNodeList))) {
575 result = -EFAULT;
576 break;
578 if (sNodeList.uItem > (ULONG_MAX - sizeof(SNodeList)) / sizeof(SNodeItem)) {
579 result = -EINVAL;
580 break;
582 pNodeList = (PSNodeList)kmalloc(sizeof(SNodeList) + (sNodeList.uItem * sizeof(SNodeItem)), (int)GFP_ATOMIC);
583 if (pNodeList == NULL) {
584 result = -ENOMEM;
585 break;
587 pNodeList->uItem = sNodeList.uItem;
588 pNode = &(pMgmt->sNodeDBTable[0]);
589 for (ii = 0, jj = 0; ii < (MAX_NODE_NUM + 1); ii++) {
590 pNode = &(pMgmt->sNodeDBTable[ii]);
591 if (pNode->bActive) {
592 pNodeList->sNodeList[jj].wAID = pNode->wAID;
593 memcpy(pNodeList->sNodeList[jj].abyMACAddr, pNode->abyMACAddr, WLAN_ADDR_LEN);
594 pNodeList->sNodeList[jj].wTxDataRate = pNode->wTxDataRate;
595 pNodeList->sNodeList[jj].wInActiveCount = (unsigned short)pNode->uInActiveCount;
596 pNodeList->sNodeList[jj].wEnQueueCnt = (unsigned short)pNode->wEnQueueCnt;
597 pNodeList->sNodeList[jj].wFlags = (unsigned short)pNode->dwFlags;
598 pNodeList->sNodeList[jj].bPWBitOn = pNode->bPSEnable;
599 pNodeList->sNodeList[jj].byKeyIndex = pNode->byKeyIndex;
600 pNodeList->sNodeList[jj].wWepKeyLength = pNode->uWepKeyLength;
601 memcpy(&(pNodeList->sNodeList[jj].abyWepKey[0]), &(pNode->abyWepKey[0]), WEP_KEYMAXLEN);
602 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "key= %2.2X:%2.2X:%2.2X:%2.2X:%2.2X\n",
603 pNodeList->sNodeList[jj].abyWepKey[0],
604 pNodeList->sNodeList[jj].abyWepKey[1],
605 pNodeList->sNodeList[jj].abyWepKey[2],
606 pNodeList->sNodeList[jj].abyWepKey[3],
607 pNodeList->sNodeList[jj].abyWepKey[4]);
608 pNodeList->sNodeList[jj].bIsInFallback = pNode->bIsInFallback;
609 pNodeList->sNodeList[jj].uTxFailures = pNode->uTxFailures;
610 pNodeList->sNodeList[jj].uTxAttempts = pNode->uTxAttempts;
611 pNodeList->sNodeList[jj].wFailureRatio = (unsigned short)pNode->uFailureRatio;
612 jj++;
613 if (jj >= pNodeList->uItem)
614 break;
617 if (copy_to_user(pReq->data, pNodeList, sizeof(SNodeList) + (sNodeList.uItem * sizeof(SNodeItem)))) {
618 result = -EFAULT;
619 break;
621 kfree(pNodeList);
622 pReq->wResult = 0;
623 break;
625 #ifdef WPA_SM_Transtatus
626 case 0xFF:
627 memset(wpa_Result.ifname, 0, sizeof(wpa_Result.ifname));
628 wpa_Result.proto = 0;
629 wpa_Result.key_mgmt = 0;
630 wpa_Result.eap_type = 0;
631 wpa_Result.authenticated = false;
632 pDevice->fWPA_Authened = false;
633 if (copy_from_user(&wpa_Result, pReq->data, sizeof(wpa_Result))) {
634 result = -EFAULT;
635 break;
638 if (wpa_Result.authenticated == true) {
639 #ifdef SndEvt_ToAPI
641 union iwreq_data wrqu;
643 pItemSSID = (PWLAN_IE_SSID)pMgmt->abyCurrSSID;
645 memset(&wrqu, 0, sizeof(wrqu));
646 wrqu.data.flags = RT_WPACONNECTED_EVENT_FLAG;
647 wrqu.data.length = pItemSSID->len;
648 wireless_send_event(pDevice->dev, IWEVCUSTOM, &wrqu, pItemSSID->abySSID);
650 #endif
651 pDevice->fWPA_Authened = true; /* is successful peer to wpa_Result.authenticated? */
653 pReq->wResult = 0;
654 break;
655 #endif
657 default:
658 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Private command not support..\n");
661 return result;