1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19#include <linux/delay.h>
20#include <linux/if_ether.h>
21#include <linux/skbuff.h>
22#include <linux/netdevice.h>
23#include <linux/if_arp.h>
24#include <linux/wireless.h>
25#include <linux/random.h>
26#include <linux/etherdevice.h>
27#include <net/iw_handler.h>
28#include <asm/types.h>
29
30#include <net/mac80211.h>
31#include "ieee80211_i.h"
32#include "ieee80211_rate.h"
33#include "ieee80211_led.h"
34
35#define IEEE80211_AUTH_TIMEOUT (HZ / 5)
36#define IEEE80211_AUTH_MAX_TRIES 3
37#define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
38#define IEEE80211_ASSOC_MAX_TRIES 3
39#define IEEE80211_MONITORING_INTERVAL (2 * HZ)
40#define IEEE80211_PROBE_INTERVAL (60 * HZ)
41#define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ)
42#define IEEE80211_SCAN_INTERVAL (2 * HZ)
43#define IEEE80211_SCAN_INTERVAL_SLOW (15 * HZ)
44#define IEEE80211_IBSS_JOIN_TIMEOUT (20 * HZ)
45
46#define IEEE80211_PROBE_DELAY (HZ / 33)
47#define IEEE80211_CHANNEL_TIME (HZ / 33)
48#define IEEE80211_PASSIVE_CHANNEL_TIME (HZ / 5)
49#define IEEE80211_SCAN_RESULT_EXPIRE (10 * HZ)
50#define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
51#define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
52
53#define IEEE80211_IBSS_MAX_STA_ENTRIES 128
54
55
56#define IEEE80211_FC(type, stype) cpu_to_le16(type | stype)
57
58#define ERP_INFO_USE_PROTECTION BIT(1)
59
60static void ieee80211_send_probe_req(struct net_device *dev, u8 *dst,
61 u8 *ssid, size_t ssid_len);
62static struct ieee80211_sta_bss *
63ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid, int channel,
64 u8 *ssid, u8 ssid_len);
65static void ieee80211_rx_bss_put(struct net_device *dev,
66 struct ieee80211_sta_bss *bss);
67static int ieee80211_sta_find_ibss(struct net_device *dev,
68 struct ieee80211_if_sta *ifsta);
69static int ieee80211_sta_wep_configured(struct net_device *dev);
70static int ieee80211_sta_start_scan(struct net_device *dev,
71 u8 *ssid, size_t ssid_len);
72static int ieee80211_sta_config_auth(struct net_device *dev,
73 struct ieee80211_if_sta *ifsta);
74
75
76
77struct ieee802_11_elems {
78
79 u8 *ssid;
80 u8 *supp_rates;
81 u8 *fh_params;
82 u8 *ds_params;
83 u8 *cf_params;
84 u8 *tim;
85 u8 *ibss_params;
86 u8 *challenge;
87 u8 *wpa;
88 u8 *rsn;
89 u8 *erp_info;
90 u8 *ext_supp_rates;
91 u8 *wmm_info;
92 u8 *wmm_param;
93
94
95 u8 ssid_len;
96 u8 supp_rates_len;
97 u8 fh_params_len;
98 u8 ds_params_len;
99 u8 cf_params_len;
100 u8 tim_len;
101 u8 ibss_params_len;
102 u8 challenge_len;
103 u8 wpa_len;
104 u8 rsn_len;
105 u8 erp_info_len;
106 u8 ext_supp_rates_len;
107 u8 wmm_info_len;
108 u8 wmm_param_len;
109};
110
111static void ieee802_11_parse_elems(u8 *start, size_t len,
112 struct ieee802_11_elems *elems)
113{
114 size_t left = len;
115 u8 *pos = start;
116
117 memset(elems, 0, sizeof(*elems));
118
119 while (left >= 2) {
120 u8 id, elen;
121
122 id = *pos++;
123 elen = *pos++;
124 left -= 2;
125
126 if (elen > left)
127 return;
128
129 switch (id) {
130 case WLAN_EID_SSID:
131 elems->ssid = pos;
132 elems->ssid_len = elen;
133 break;
134 case WLAN_EID_SUPP_RATES:
135 elems->supp_rates = pos;
136 elems->supp_rates_len = elen;
137 break;
138 case WLAN_EID_FH_PARAMS:
139 elems->fh_params = pos;
140 elems->fh_params_len = elen;
141 break;
142 case WLAN_EID_DS_PARAMS:
143 elems->ds_params = pos;
144 elems->ds_params_len = elen;
145 break;
146 case WLAN_EID_CF_PARAMS:
147 elems->cf_params = pos;
148 elems->cf_params_len = elen;
149 break;
150 case WLAN_EID_TIM:
151 elems->tim = pos;
152 elems->tim_len = elen;
153 break;
154 case WLAN_EID_IBSS_PARAMS:
155 elems->ibss_params = pos;
156 elems->ibss_params_len = elen;
157 break;
158 case WLAN_EID_CHALLENGE:
159 elems->challenge = pos;
160 elems->challenge_len = elen;
161 break;
162 case WLAN_EID_WPA:
163 if (elen >= 4 && pos[0] == 0x00 && pos[1] == 0x50 &&
164 pos[2] == 0xf2) {
165
166 if (pos[3] == 1) {
167
168 elems->wpa = pos;
169 elems->wpa_len = elen;
170 } else if (elen >= 5 && pos[3] == 2) {
171 if (pos[4] == 0) {
172 elems->wmm_info = pos;
173 elems->wmm_info_len = elen;
174 } else if (pos[4] == 1) {
175 elems->wmm_param = pos;
176 elems->wmm_param_len = elen;
177 }
178 }
179 }
180 break;
181 case WLAN_EID_RSN:
182 elems->rsn = pos;
183 elems->rsn_len = elen;
184 break;
185 case WLAN_EID_ERP_INFO:
186 elems->erp_info = pos;
187 elems->erp_info_len = elen;
188 break;
189 case WLAN_EID_EXT_SUPP_RATES:
190 elems->ext_supp_rates = pos;
191 elems->ext_supp_rates_len = elen;
192 break;
193 default:
194 break;
195 }
196
197 left -= elen;
198 pos += elen;
199 }
200}
201
202
203static int ecw2cw(int ecw)
204{
205 int cw = 1;
206 while (ecw > 0) {
207 cw <<= 1;
208 ecw--;
209 }
210 return cw - 1;
211}
212
213static void ieee80211_sta_wmm_params(struct net_device *dev,
214 struct ieee80211_if_sta *ifsta,
215 u8 *wmm_param, size_t wmm_param_len)
216{
217 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
218 struct ieee80211_tx_queue_params params;
219 size_t left;
220 int count;
221 u8 *pos;
222
223 if (wmm_param_len < 8 || wmm_param[5] != 1)
224 return;
225 count = wmm_param[6] & 0x0f;
226 if (count == ifsta->wmm_last_param_set)
227 return;
228 ifsta->wmm_last_param_set = count;
229
230 pos = wmm_param + 8;
231 left = wmm_param_len - 8;
232
233 memset(¶ms, 0, sizeof(params));
234
235 if (!local->ops->conf_tx)
236 return;
237
238 local->wmm_acm = 0;
239 for (; left >= 4; left -= 4, pos += 4) {
240 int aci = (pos[0] >> 5) & 0x03;
241 int acm = (pos[0] >> 4) & 0x01;
242 int queue;
243
244 switch (aci) {
245 case 1:
246 queue = IEEE80211_TX_QUEUE_DATA3;
247 if (acm) {
248 local->wmm_acm |= BIT(0) | BIT(3);
249 }
250 break;
251 case 2:
252 queue = IEEE80211_TX_QUEUE_DATA1;
253 if (acm) {
254 local->wmm_acm |= BIT(4) | BIT(5);
255 }
256 break;
257 case 3:
258 queue = IEEE80211_TX_QUEUE_DATA0;
259 if (acm) {
260 local->wmm_acm |= BIT(6) | BIT(7);
261 }
262 break;
263 case 0:
264 default:
265 queue = IEEE80211_TX_QUEUE_DATA2;
266 if (acm) {
267 local->wmm_acm |= BIT(1) | BIT(2);
268 }
269 break;
270 }
271
272 params.aifs = pos[0] & 0x0f;
273 params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4);
274 params.cw_min = ecw2cw(pos[1] & 0x0f);
275
276 params.burst_time = (pos[2] | (pos[3] << 8)) * 32 / 100;
277 printk(KERN_DEBUG "%s: WMM queue=%d aci=%d acm=%d aifs=%d "
278 "cWmin=%d cWmax=%d burst=%d\n",
279 dev->name, queue, aci, acm, params.aifs, params.cw_min,
280 params.cw_max, params.burst_time);
281
282
283 if (local->ops->conf_tx(local_to_hw(local), queue, ¶ms)) {
284 printk(KERN_DEBUG "%s: failed to set TX queue "
285 "parameters for queue %d\n", dev->name, queue);
286 }
287 }
288}
289
290
291static void ieee80211_handle_erp_ie(struct net_device *dev, u8 erp_value)
292{
293 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
294 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
295 int use_protection = (erp_value & WLAN_ERP_USE_PROTECTION) != 0;
296 int preamble_mode = (erp_value & WLAN_ERP_BARKER_PREAMBLE) != 0;
297 u8 changes = 0;
298 DECLARE_MAC_BUF(mac);
299
300 if (use_protection != !!(sdata->flags & IEEE80211_SDATA_USE_PROTECTION)) {
301 if (net_ratelimit()) {
302 printk(KERN_DEBUG "%s: CTS protection %s (BSSID="
303 "%s)\n",
304 dev->name,
305 use_protection ? "enabled" : "disabled",
306 print_mac(mac, ifsta->bssid));
307 }
308 if (use_protection)
309 sdata->flags |= IEEE80211_SDATA_USE_PROTECTION;
310 else
311 sdata->flags &= ~IEEE80211_SDATA_USE_PROTECTION;
312 changes |= IEEE80211_ERP_CHANGE_PROTECTION;
313 }
314
315 if (preamble_mode != !(sdata->flags & IEEE80211_SDATA_SHORT_PREAMBLE)) {
316 if (net_ratelimit()) {
317 printk(KERN_DEBUG "%s: switched to %s barker preamble"
318 " (BSSID=%s)\n",
319 dev->name,
320 (preamble_mode == WLAN_ERP_PREAMBLE_SHORT) ?
321 "short" : "long",
322 print_mac(mac, ifsta->bssid));
323 }
324 if (preamble_mode)
325 sdata->flags &= ~IEEE80211_SDATA_SHORT_PREAMBLE;
326 else
327 sdata->flags |= IEEE80211_SDATA_SHORT_PREAMBLE;
328 changes |= IEEE80211_ERP_CHANGE_PREAMBLE;
329 }
330
331 if (changes)
332 ieee80211_erp_info_change_notify(dev, changes);
333}
334
335
336static void ieee80211_sta_send_associnfo(struct net_device *dev,
337 struct ieee80211_if_sta *ifsta)
338{
339 char *buf;
340 size_t len;
341 int i;
342 union iwreq_data wrqu;
343
344 if (!ifsta->assocreq_ies && !ifsta->assocresp_ies)
345 return;
346
347 buf = kmalloc(50 + 2 * (ifsta->assocreq_ies_len +
348 ifsta->assocresp_ies_len), GFP_KERNEL);
349 if (!buf)
350 return;
351
352 len = sprintf(buf, "ASSOCINFO(");
353 if (ifsta->assocreq_ies) {
354 len += sprintf(buf + len, "ReqIEs=");
355 for (i = 0; i < ifsta->assocreq_ies_len; i++) {
356 len += sprintf(buf + len, "%02x",
357 ifsta->assocreq_ies[i]);
358 }
359 }
360 if (ifsta->assocresp_ies) {
361 if (ifsta->assocreq_ies)
362 len += sprintf(buf + len, " ");
363 len += sprintf(buf + len, "RespIEs=");
364 for (i = 0; i < ifsta->assocresp_ies_len; i++) {
365 len += sprintf(buf + len, "%02x",
366 ifsta->assocresp_ies[i]);
367 }
368 }
369 len += sprintf(buf + len, ")");
370
371 if (len > IW_CUSTOM_MAX) {
372 len = sprintf(buf, "ASSOCRESPIE=");
373 for (i = 0; i < ifsta->assocresp_ies_len; i++) {
374 len += sprintf(buf + len, "%02x",
375 ifsta->assocresp_ies[i]);
376 }
377 }
378
379 memset(&wrqu, 0, sizeof(wrqu));
380 wrqu.data.length = len;
381 wireless_send_event(dev, IWEVCUSTOM, &wrqu, buf);
382
383 kfree(buf);
384}
385
386
387static void ieee80211_set_associated(struct net_device *dev,
388 struct ieee80211_if_sta *ifsta,
389 bool assoc)
390{
391 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
392 union iwreq_data wrqu;
393
394 if (!!(ifsta->flags & IEEE80211_STA_ASSOCIATED) == assoc)
395 return;
396
397 if (assoc) {
398 struct ieee80211_sub_if_data *sdata;
399 struct ieee80211_sta_bss *bss;
400
401 ifsta->flags |= IEEE80211_STA_ASSOCIATED;
402
403 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
404 if (sdata->type != IEEE80211_IF_TYPE_STA)
405 return;
406
407 bss = ieee80211_rx_bss_get(dev, ifsta->bssid,
408 local->hw.conf.channel,
409 ifsta->ssid, ifsta->ssid_len);
410 if (bss) {
411 if (bss->has_erp_value)
412 ieee80211_handle_erp_ie(dev, bss->erp_value);
413 ieee80211_rx_bss_put(dev, bss);
414 }
415
416 netif_carrier_on(dev);
417 ifsta->flags |= IEEE80211_STA_PREV_BSSID_SET;
418 memcpy(ifsta->prev_bssid, sdata->u.sta.bssid, ETH_ALEN);
419 memcpy(wrqu.ap_addr.sa_data, sdata->u.sta.bssid, ETH_ALEN);
420 ieee80211_sta_send_associnfo(dev, ifsta);
421 } else {
422 ifsta->flags &= ~IEEE80211_STA_ASSOCIATED;
423
424 netif_carrier_off(dev);
425 ieee80211_reset_erp_info(dev);
426 memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
427 }
428 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
429 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
430 ifsta->last_probe = jiffies;
431 ieee80211_led_assoc(local, assoc);
432}
433
434static void ieee80211_set_disassoc(struct net_device *dev,
435 struct ieee80211_if_sta *ifsta, int deauth)
436{
437 if (deauth)
438 ifsta->auth_tries = 0;
439 ifsta->assoc_tries = 0;
440 ieee80211_set_associated(dev, ifsta, 0);
441}
442
443static void ieee80211_sta_tx(struct net_device *dev, struct sk_buff *skb,
444 int encrypt)
445{
446 struct ieee80211_sub_if_data *sdata;
447 struct ieee80211_tx_packet_data *pkt_data;
448
449 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
450 skb->dev = sdata->local->mdev;
451 skb_set_mac_header(skb, 0);
452 skb_set_network_header(skb, 0);
453 skb_set_transport_header(skb, 0);
454
455 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb;
456 memset(pkt_data, 0, sizeof(struct ieee80211_tx_packet_data));
457 pkt_data->ifindex = sdata->dev->ifindex;
458 if (!encrypt)
459 pkt_data->flags |= IEEE80211_TXPD_DO_NOT_ENCRYPT;
460
461 dev_queue_xmit(skb);
462}
463
464
465static void ieee80211_send_auth(struct net_device *dev,
466 struct ieee80211_if_sta *ifsta,
467 int transaction, u8 *extra, size_t extra_len,
468 int encrypt)
469{
470 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
471 struct sk_buff *skb;
472 struct ieee80211_mgmt *mgmt;
473
474 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
475 sizeof(*mgmt) + 6 + extra_len);
476 if (!skb) {
477 printk(KERN_DEBUG "%s: failed to allocate buffer for auth "
478 "frame\n", dev->name);
479 return;
480 }
481 skb_reserve(skb, local->hw.extra_tx_headroom);
482
483 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24 + 6);
484 memset(mgmt, 0, 24 + 6);
485 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
486 IEEE80211_STYPE_AUTH);
487 if (encrypt)
488 mgmt->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
489 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
490 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
491 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
492 mgmt->u.auth.auth_alg = cpu_to_le16(ifsta->auth_alg);
493 mgmt->u.auth.auth_transaction = cpu_to_le16(transaction);
494 ifsta->auth_transaction = transaction + 1;
495 mgmt->u.auth.status_code = cpu_to_le16(0);
496 if (extra)
497 memcpy(skb_put(skb, extra_len), extra, extra_len);
498
499 ieee80211_sta_tx(dev, skb, encrypt);
500}
501
502
503static void ieee80211_authenticate(struct net_device *dev,
504 struct ieee80211_if_sta *ifsta)
505{
506 DECLARE_MAC_BUF(mac);
507
508 ifsta->auth_tries++;
509 if (ifsta->auth_tries > IEEE80211_AUTH_MAX_TRIES) {
510 printk(KERN_DEBUG "%s: authentication with AP %s"
511 " timed out\n",
512 dev->name, print_mac(mac, ifsta->bssid));
513 ifsta->state = IEEE80211_DISABLED;
514 return;
515 }
516
517 ifsta->state = IEEE80211_AUTHENTICATE;
518 printk(KERN_DEBUG "%s: authenticate with AP %s\n",
519 dev->name, print_mac(mac, ifsta->bssid));
520
521 ieee80211_send_auth(dev, ifsta, 1, NULL, 0, 0);
522
523 mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
524}
525
526
527static void ieee80211_send_assoc(struct net_device *dev,
528 struct ieee80211_if_sta *ifsta)
529{
530 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
531 struct ieee80211_hw_mode *mode;
532 struct sk_buff *skb;
533 struct ieee80211_mgmt *mgmt;
534 u8 *pos, *ies;
535 int i, len;
536 u16 capab;
537 struct ieee80211_sta_bss *bss;
538 int wmm = 0;
539
540 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
541 sizeof(*mgmt) + 200 + ifsta->extra_ie_len +
542 ifsta->ssid_len);
543 if (!skb) {
544 printk(KERN_DEBUG "%s: failed to allocate buffer for assoc "
545 "frame\n", dev->name);
546 return;
547 }
548 skb_reserve(skb, local->hw.extra_tx_headroom);
549
550 mode = local->oper_hw_mode;
551 capab = ifsta->capab;
552 if (mode->mode == MODE_IEEE80211G) {
553 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME |
554 WLAN_CAPABILITY_SHORT_PREAMBLE;
555 }
556 bss = ieee80211_rx_bss_get(dev, ifsta->bssid, local->hw.conf.channel,
557 ifsta->ssid, ifsta->ssid_len);
558 if (bss) {
559 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
560 capab |= WLAN_CAPABILITY_PRIVACY;
561 if (bss->wmm_ie) {
562 wmm = 1;
563 }
564 ieee80211_rx_bss_put(dev, bss);
565 }
566
567 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
568 memset(mgmt, 0, 24);
569 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
570 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
571 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
572
573 if (ifsta->flags & IEEE80211_STA_PREV_BSSID_SET) {
574 skb_put(skb, 10);
575 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
576 IEEE80211_STYPE_REASSOC_REQ);
577 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
578 mgmt->u.reassoc_req.listen_interval = cpu_to_le16(1);
579 memcpy(mgmt->u.reassoc_req.current_ap, ifsta->prev_bssid,
580 ETH_ALEN);
581 } else {
582 skb_put(skb, 4);
583 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
584 IEEE80211_STYPE_ASSOC_REQ);
585 mgmt->u.assoc_req.capab_info = cpu_to_le16(capab);
586 mgmt->u.assoc_req.listen_interval = cpu_to_le16(1);
587 }
588
589
590 ies = pos = skb_put(skb, 2 + ifsta->ssid_len);
591 *pos++ = WLAN_EID_SSID;
592 *pos++ = ifsta->ssid_len;
593 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
594
595 len = mode->num_rates;
596 if (len > 8)
597 len = 8;
598 pos = skb_put(skb, len + 2);
599 *pos++ = WLAN_EID_SUPP_RATES;
600 *pos++ = len;
601 for (i = 0; i < len; i++) {
602 int rate = mode->rates[i].rate;
603 *pos++ = (u8) (rate / 5);
604 }
605
606 if (mode->num_rates > len) {
607 pos = skb_put(skb, mode->num_rates - len + 2);
608 *pos++ = WLAN_EID_EXT_SUPP_RATES;
609 *pos++ = mode->num_rates - len;
610 for (i = len; i < mode->num_rates; i++) {
611 int rate = mode->rates[i].rate;
612 *pos++ = (u8) (rate / 5);
613 }
614 }
615
616 if (ifsta->extra_ie) {
617 pos = skb_put(skb, ifsta->extra_ie_len);
618 memcpy(pos, ifsta->extra_ie, ifsta->extra_ie_len);
619 }
620
621 if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
622 pos = skb_put(skb, 9);
623 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
624 *pos++ = 7;
625 *pos++ = 0x00;
626 *pos++ = 0x50;
627 *pos++ = 0xf2;
628 *pos++ = 2;
629 *pos++ = 0;
630 *pos++ = 1;
631 *pos++ = 0;
632 }
633
634 kfree(ifsta->assocreq_ies);
635 ifsta->assocreq_ies_len = (skb->data + skb->len) - ies;
636 ifsta->assocreq_ies = kmalloc(ifsta->assocreq_ies_len, GFP_KERNEL);
637 if (ifsta->assocreq_ies)
638 memcpy(ifsta->assocreq_ies, ies, ifsta->assocreq_ies_len);
639
640 ieee80211_sta_tx(dev, skb, 0);
641}
642
643
644static void ieee80211_send_deauth(struct net_device *dev,
645 struct ieee80211_if_sta *ifsta, u16 reason)
646{
647 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
648 struct sk_buff *skb;
649 struct ieee80211_mgmt *mgmt;
650
651 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
652 if (!skb) {
653 printk(KERN_DEBUG "%s: failed to allocate buffer for deauth "
654 "frame\n", dev->name);
655 return;
656 }
657 skb_reserve(skb, local->hw.extra_tx_headroom);
658
659 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
660 memset(mgmt, 0, 24);
661 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
662 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
663 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
664 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
665 IEEE80211_STYPE_DEAUTH);
666 skb_put(skb, 2);
667 mgmt->u.deauth.reason_code = cpu_to_le16(reason);
668
669 ieee80211_sta_tx(dev, skb, 0);
670}
671
672
673static void ieee80211_send_disassoc(struct net_device *dev,
674 struct ieee80211_if_sta *ifsta, u16 reason)
675{
676 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
677 struct sk_buff *skb;
678 struct ieee80211_mgmt *mgmt;
679
680 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
681 if (!skb) {
682 printk(KERN_DEBUG "%s: failed to allocate buffer for disassoc "
683 "frame\n", dev->name);
684 return;
685 }
686 skb_reserve(skb, local->hw.extra_tx_headroom);
687
688 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
689 memset(mgmt, 0, 24);
690 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
691 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
692 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
693 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
694 IEEE80211_STYPE_DISASSOC);
695 skb_put(skb, 2);
696 mgmt->u.disassoc.reason_code = cpu_to_le16(reason);
697
698 ieee80211_sta_tx(dev, skb, 0);
699}
700
701
702static int ieee80211_privacy_mismatch(struct net_device *dev,
703 struct ieee80211_if_sta *ifsta)
704{
705 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
706 struct ieee80211_sta_bss *bss;
707 int bss_privacy;
708 int wep_privacy;
709 int privacy_invoked;
710
711 if (!ifsta || (ifsta->flags & IEEE80211_STA_MIXED_CELL))
712 return 0;
713
714 bss = ieee80211_rx_bss_get(dev, ifsta->bssid, local->hw.conf.channel,
715 ifsta->ssid, ifsta->ssid_len);
716 if (!bss)
717 return 0;
718
719 bss_privacy = !!(bss->capability & WLAN_CAPABILITY_PRIVACY);
720 wep_privacy = !!ieee80211_sta_wep_configured(dev);
721 privacy_invoked = !!(ifsta->flags & IEEE80211_STA_PRIVACY_INVOKED);
722
723 ieee80211_rx_bss_put(dev, bss);
724
725 if ((bss_privacy == wep_privacy) || (bss_privacy == privacy_invoked))
726 return 0;
727
728 return 1;
729}
730
731
732static void ieee80211_associate(struct net_device *dev,
733 struct ieee80211_if_sta *ifsta)
734{
735 DECLARE_MAC_BUF(mac);
736
737 ifsta->assoc_tries++;
738 if (ifsta->assoc_tries > IEEE80211_ASSOC_MAX_TRIES) {
739 printk(KERN_DEBUG "%s: association with AP %s"
740 " timed out\n",
741 dev->name, print_mac(mac, ifsta->bssid));
742 ifsta->state = IEEE80211_DISABLED;
743 return;
744 }
745
746 ifsta->state = IEEE80211_ASSOCIATE;
747 printk(KERN_DEBUG "%s: associate with AP %s\n",
748 dev->name, print_mac(mac, ifsta->bssid));
749 if (ieee80211_privacy_mismatch(dev, ifsta)) {
750 printk(KERN_DEBUG "%s: mismatch in privacy configuration and "
751 "mixed-cell disabled - abort association\n", dev->name);
752 ifsta->state = IEEE80211_DISABLED;
753 return;
754 }
755
756 ieee80211_send_assoc(dev, ifsta);
757
758 mod_timer(&ifsta->timer, jiffies + IEEE80211_ASSOC_TIMEOUT);
759}
760
761
762static void ieee80211_associated(struct net_device *dev,
763 struct ieee80211_if_sta *ifsta)
764{
765 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
766 struct sta_info *sta;
767 int disassoc;
768 DECLARE_MAC_BUF(mac);
769
770
771
772
773
774
775 ifsta->state = IEEE80211_ASSOCIATED;
776
777 sta = sta_info_get(local, ifsta->bssid);
778 if (!sta) {
779 printk(KERN_DEBUG "%s: No STA entry for own AP %s\n",
780 dev->name, print_mac(mac, ifsta->bssid));
781 disassoc = 1;
782 } else {
783 disassoc = 0;
784 if (time_after(jiffies,
785 sta->last_rx + IEEE80211_MONITORING_INTERVAL)) {
786 if (ifsta->flags & IEEE80211_STA_PROBEREQ_POLL) {
787 printk(KERN_DEBUG "%s: No ProbeResp from "
788 "current AP %s - assume out of "
789 "range\n",
790 dev->name, print_mac(mac, ifsta->bssid));
791 disassoc = 1;
792 sta_info_free(sta);
793 } else
794 ieee80211_send_probe_req(dev, ifsta->bssid,
795 local->scan_ssid,
796 local->scan_ssid_len);
797 ifsta->flags ^= IEEE80211_STA_PROBEREQ_POLL;
798 } else {
799 ifsta->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
800 if (time_after(jiffies, ifsta->last_probe +
801 IEEE80211_PROBE_INTERVAL)) {
802 ifsta->last_probe = jiffies;
803 ieee80211_send_probe_req(dev, ifsta->bssid,
804 ifsta->ssid,
805 ifsta->ssid_len);
806 }
807 }
808 sta_info_put(sta);
809 }
810 if (disassoc) {
811 ifsta->state = IEEE80211_DISABLED;
812 ieee80211_set_associated(dev, ifsta, 0);
813 } else {
814 mod_timer(&ifsta->timer, jiffies +
815 IEEE80211_MONITORING_INTERVAL);
816 }
817}
818
819
820static void ieee80211_send_probe_req(struct net_device *dev, u8 *dst,
821 u8 *ssid, size_t ssid_len)
822{
823 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
824 struct ieee80211_hw_mode *mode;
825 struct sk_buff *skb;
826 struct ieee80211_mgmt *mgmt;
827 u8 *pos, *supp_rates, *esupp_rates = NULL;
828 int i;
829
830 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) + 200);
831 if (!skb) {
832 printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
833 "request\n", dev->name);
834 return;
835 }
836 skb_reserve(skb, local->hw.extra_tx_headroom);
837
838 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
839 memset(mgmt, 0, 24);
840 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
841 IEEE80211_STYPE_PROBE_REQ);
842 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
843 if (dst) {
844 memcpy(mgmt->da, dst, ETH_ALEN);
845 memcpy(mgmt->bssid, dst, ETH_ALEN);
846 } else {
847 memset(mgmt->da, 0xff, ETH_ALEN);
848 memset(mgmt->bssid, 0xff, ETH_ALEN);
849 }
850 pos = skb_put(skb, 2 + ssid_len);
851 *pos++ = WLAN_EID_SSID;
852 *pos++ = ssid_len;
853 memcpy(pos, ssid, ssid_len);
854
855 supp_rates = skb_put(skb, 2);
856 supp_rates[0] = WLAN_EID_SUPP_RATES;
857 supp_rates[1] = 0;
858 mode = local->oper_hw_mode;
859 for (i = 0; i < mode->num_rates; i++) {
860 struct ieee80211_rate *rate = &mode->rates[i];
861 if (!(rate->flags & IEEE80211_RATE_SUPPORTED))
862 continue;
863 if (esupp_rates) {
864 pos = skb_put(skb, 1);
865 esupp_rates[1]++;
866 } else if (supp_rates[1] == 8) {
867 esupp_rates = skb_put(skb, 3);
868 esupp_rates[0] = WLAN_EID_EXT_SUPP_RATES;
869 esupp_rates[1] = 1;
870 pos = &esupp_rates[2];
871 } else {
872 pos = skb_put(skb, 1);
873 supp_rates[1]++;
874 }
875 *pos = rate->rate / 5;
876 }
877
878 ieee80211_sta_tx(dev, skb, 0);
879}
880
881
882static int ieee80211_sta_wep_configured(struct net_device *dev)
883{
884 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
885 if (!sdata || !sdata->default_key ||
886 sdata->default_key->conf.alg != ALG_WEP)
887 return 0;
888 return 1;
889}
890
891
892static void ieee80211_auth_completed(struct net_device *dev,
893 struct ieee80211_if_sta *ifsta)
894{
895 printk(KERN_DEBUG "%s: authenticated\n", dev->name);
896 ifsta->flags |= IEEE80211_STA_AUTHENTICATED;
897 ieee80211_associate(dev, ifsta);
898}
899
900
901static void ieee80211_auth_challenge(struct net_device *dev,
902 struct ieee80211_if_sta *ifsta,
903 struct ieee80211_mgmt *mgmt,
904 size_t len)
905{
906 u8 *pos;
907 struct ieee802_11_elems elems;
908
909 printk(KERN_DEBUG "%s: replying to auth challenge\n", dev->name);
910 pos = mgmt->u.auth.variable;
911 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
912 if (!elems.challenge) {
913 printk(KERN_DEBUG "%s: no challenge IE in shared key auth "
914 "frame\n", dev->name);
915 return;
916 }
917 ieee80211_send_auth(dev, ifsta, 3, elems.challenge - 2,
918 elems.challenge_len + 2, 1);
919}
920
921
922static void ieee80211_rx_mgmt_auth(struct net_device *dev,
923 struct ieee80211_if_sta *ifsta,
924 struct ieee80211_mgmt *mgmt,
925 size_t len)
926{
927 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
928 u16 auth_alg, auth_transaction, status_code;
929 DECLARE_MAC_BUF(mac);
930
931 if (ifsta->state != IEEE80211_AUTHENTICATE &&
932 sdata->type != IEEE80211_IF_TYPE_IBSS) {
933 printk(KERN_DEBUG "%s: authentication frame received from "
934 "%s, but not in authenticate state - ignored\n",
935 dev->name, print_mac(mac, mgmt->sa));
936 return;
937 }
938
939 if (len < 24 + 6) {
940 printk(KERN_DEBUG "%s: too short (%zd) authentication frame "
941 "received from %s - ignored\n",
942 dev->name, len, print_mac(mac, mgmt->sa));
943 return;
944 }
945
946 if (sdata->type != IEEE80211_IF_TYPE_IBSS &&
947 memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
948 printk(KERN_DEBUG "%s: authentication frame received from "
949 "unknown AP (SA=%s BSSID=%s) - "
950 "ignored\n", dev->name, print_mac(mac, mgmt->sa),
951 print_mac(mac, mgmt->bssid));
952 return;
953 }
954
955 if (sdata->type != IEEE80211_IF_TYPE_IBSS &&
956 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0) {
957 printk(KERN_DEBUG "%s: authentication frame received from "
958 "unknown BSSID (SA=%s BSSID=%s) - "
959 "ignored\n", dev->name, print_mac(mac, mgmt->sa),
960 print_mac(mac, mgmt->bssid));
961 return;
962 }
963
964 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
965 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
966 status_code = le16_to_cpu(mgmt->u.auth.status_code);
967
968 printk(KERN_DEBUG "%s: RX authentication from %s (alg=%d "
969 "transaction=%d status=%d)\n",
970 dev->name, print_mac(mac, mgmt->sa), auth_alg,
971 auth_transaction, status_code);
972
973 if (sdata->type == IEEE80211_IF_TYPE_IBSS) {
974
975
976
977
978
979 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1) {
980 printk(KERN_DEBUG "%s: unexpected IBSS authentication "
981 "frame (alg=%d transaction=%d)\n",
982 dev->name, auth_alg, auth_transaction);
983 return;
984 }
985 ieee80211_send_auth(dev, ifsta, 2, NULL, 0, 0);
986 }
987
988 if (auth_alg != ifsta->auth_alg ||
989 auth_transaction != ifsta->auth_transaction) {
990 printk(KERN_DEBUG "%s: unexpected authentication frame "
991 "(alg=%d transaction=%d)\n",
992 dev->name, auth_alg, auth_transaction);
993 return;
994 }
995
996 if (status_code != WLAN_STATUS_SUCCESS) {
997 printk(KERN_DEBUG "%s: AP denied authentication (auth_alg=%d "
998 "code=%d)\n", dev->name, ifsta->auth_alg, status_code);
999 if (status_code == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) {
1000 u8 algs[3];
1001 const int num_algs = ARRAY_SIZE(algs);
1002 int i, pos;
1003 algs[0] = algs[1] = algs[2] = 0xff;
1004 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN)
1005 algs[0] = WLAN_AUTH_OPEN;
1006 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
1007 algs[1] = WLAN_AUTH_SHARED_KEY;
1008 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP)
1009 algs[2] = WLAN_AUTH_LEAP;
1010 if (ifsta->auth_alg == WLAN_AUTH_OPEN)
1011 pos = 0;
1012 else if (ifsta->auth_alg == WLAN_AUTH_SHARED_KEY)
1013 pos = 1;
1014 else
1015 pos = 2;
1016 for (i = 0; i < num_algs; i++) {
1017 pos++;
1018 if (pos >= num_algs)
1019 pos = 0;
1020 if (algs[pos] == ifsta->auth_alg ||
1021 algs[pos] == 0xff)
1022 continue;
1023 if (algs[pos] == WLAN_AUTH_SHARED_KEY &&
1024 !ieee80211_sta_wep_configured(dev))
1025 continue;
1026 ifsta->auth_alg = algs[pos];
1027 printk(KERN_DEBUG "%s: set auth_alg=%d for "
1028 "next try\n",
1029 dev->name, ifsta->auth_alg);
1030 break;
1031 }
1032 }
1033 return;
1034 }
1035
1036 switch (ifsta->auth_alg) {
1037 case WLAN_AUTH_OPEN:
1038 case WLAN_AUTH_LEAP:
1039 ieee80211_auth_completed(dev, ifsta);
1040 break;
1041 case WLAN_AUTH_SHARED_KEY:
1042 if (ifsta->auth_transaction == 4)
1043 ieee80211_auth_completed(dev, ifsta);
1044 else
1045 ieee80211_auth_challenge(dev, ifsta, mgmt, len);
1046 break;
1047 }
1048}
1049
1050
1051static void ieee80211_rx_mgmt_deauth(struct net_device *dev,
1052 struct ieee80211_if_sta *ifsta,
1053 struct ieee80211_mgmt *mgmt,
1054 size_t len)
1055{
1056 u16 reason_code;
1057 DECLARE_MAC_BUF(mac);
1058
1059 if (len < 24 + 2) {
1060 printk(KERN_DEBUG "%s: too short (%zd) deauthentication frame "
1061 "received from %s - ignored\n",
1062 dev->name, len, print_mac(mac, mgmt->sa));
1063 return;
1064 }
1065
1066 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1067 printk(KERN_DEBUG "%s: deauthentication frame received from "
1068 "unknown AP (SA=%s BSSID=%s) - "
1069 "ignored\n", dev->name, print_mac(mac, mgmt->sa),
1070 print_mac(mac, mgmt->bssid));
1071 return;
1072 }
1073
1074 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code);
1075
1076 printk(KERN_DEBUG "%s: RX deauthentication from %s"
1077 " (reason=%d)\n",
1078 dev->name, print_mac(mac, mgmt->sa), reason_code);
1079
1080 if (ifsta->flags & IEEE80211_STA_AUTHENTICATED) {
1081 printk(KERN_DEBUG "%s: deauthenticated\n", dev->name);
1082 }
1083
1084 if (ifsta->state == IEEE80211_AUTHENTICATE ||
1085 ifsta->state == IEEE80211_ASSOCIATE ||
1086 ifsta->state == IEEE80211_ASSOCIATED) {
1087 ifsta->state = IEEE80211_AUTHENTICATE;
1088 mod_timer(&ifsta->timer, jiffies +
1089 IEEE80211_RETRY_AUTH_INTERVAL);
1090 }
1091
1092 ieee80211_set_disassoc(dev, ifsta, 1);
1093 ifsta->flags &= ~IEEE80211_STA_AUTHENTICATED;
1094}
1095
1096
1097static void ieee80211_rx_mgmt_disassoc(struct net_device *dev,
1098 struct ieee80211_if_sta *ifsta,
1099 struct ieee80211_mgmt *mgmt,
1100 size_t len)
1101{
1102 u16 reason_code;
1103 DECLARE_MAC_BUF(mac);
1104
1105 if (len < 24 + 2) {
1106 printk(KERN_DEBUG "%s: too short (%zd) disassociation frame "
1107 "received from %s - ignored\n",
1108 dev->name, len, print_mac(mac, mgmt->sa));
1109 return;
1110 }
1111
1112 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1113 printk(KERN_DEBUG "%s: disassociation frame received from "
1114 "unknown AP (SA=%s BSSID=%s) - "
1115 "ignored\n", dev->name, print_mac(mac, mgmt->sa),
1116 print_mac(mac, mgmt->bssid));
1117 return;
1118 }
1119
1120 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
1121
1122 printk(KERN_DEBUG "%s: RX disassociation from %s"
1123 " (reason=%d)\n",
1124 dev->name, print_mac(mac, mgmt->sa), reason_code);
1125
1126 if (ifsta->flags & IEEE80211_STA_ASSOCIATED)
1127 printk(KERN_DEBUG "%s: disassociated\n", dev->name);
1128
1129 if (ifsta->state == IEEE80211_ASSOCIATED) {
1130 ifsta->state = IEEE80211_ASSOCIATE;
1131 mod_timer(&ifsta->timer, jiffies +
1132 IEEE80211_RETRY_AUTH_INTERVAL);
1133 }
1134
1135 ieee80211_set_disassoc(dev, ifsta, 0);
1136}
1137
1138
1139static void ieee80211_rx_mgmt_assoc_resp(struct net_device *dev,
1140 struct ieee80211_if_sta *ifsta,
1141 struct ieee80211_mgmt *mgmt,
1142 size_t len,
1143 int reassoc)
1144{
1145 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1146 struct ieee80211_hw_mode *mode;
1147 struct sta_info *sta;
1148 u32 rates;
1149 u16 capab_info, status_code, aid;
1150 struct ieee802_11_elems elems;
1151 u8 *pos;
1152 int i, j;
1153 DECLARE_MAC_BUF(mac);
1154
1155
1156
1157
1158 if (ifsta->state != IEEE80211_ASSOCIATE) {
1159 printk(KERN_DEBUG "%s: association frame received from "
1160 "%s, but not in associate state - ignored\n",
1161 dev->name, print_mac(mac, mgmt->sa));
1162 return;
1163 }
1164
1165 if (len < 24 + 6) {
1166 printk(KERN_DEBUG "%s: too short (%zd) association frame "
1167 "received from %s - ignored\n",
1168 dev->name, len, print_mac(mac, mgmt->sa));
1169 return;
1170 }
1171
1172 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1173 printk(KERN_DEBUG "%s: association frame received from "
1174 "unknown AP (SA=%s BSSID=%s) - "
1175 "ignored\n", dev->name, print_mac(mac, mgmt->sa),
1176 print_mac(mac, mgmt->bssid));
1177 return;
1178 }
1179
1180 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
1181 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code);
1182 aid = le16_to_cpu(mgmt->u.assoc_resp.aid);
1183
1184 printk(KERN_DEBUG "%s: RX %sssocResp from %s (capab=0x%x "
1185 "status=%d aid=%d)\n",
1186 dev->name, reassoc ? "Rea" : "A", print_mac(mac, mgmt->sa),
1187 capab_info, status_code, (u16)(aid & ~(BIT(15) | BIT(14))));
1188
1189 if (status_code != WLAN_STATUS_SUCCESS) {
1190 printk(KERN_DEBUG "%s: AP denied association (code=%d)\n",
1191 dev->name, status_code);
1192
1193
1194
1195 ifsta->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
1196 return;
1197 }
1198
1199 if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14)))
1200 printk(KERN_DEBUG "%s: invalid aid value %d; bits 15:14 not "
1201 "set\n", dev->name, aid);
1202 aid &= ~(BIT(15) | BIT(14));
1203
1204 pos = mgmt->u.assoc_resp.variable;
1205 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
1206
1207 if (!elems.supp_rates) {
1208 printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n",
1209 dev->name);
1210 return;
1211 }
1212
1213
1214
1215 if (elems.erp_info && elems.erp_info_len >= 1) {
1216 struct ieee80211_sta_bss *bss
1217 = ieee80211_rx_bss_get(dev, ifsta->bssid,
1218 local->hw.conf.channel,
1219 ifsta->ssid, ifsta->ssid_len);
1220 if (bss) {
1221 bss->erp_value = elems.erp_info[0];
1222 bss->has_erp_value = 1;
1223 ieee80211_rx_bss_put(dev, bss);
1224 }
1225 }
1226
1227 printk(KERN_DEBUG "%s: associated\n", dev->name);
1228 ifsta->aid = aid;
1229 ifsta->ap_capab = capab_info;
1230
1231 kfree(ifsta->assocresp_ies);
1232 ifsta->assocresp_ies_len = len - (pos - (u8 *) mgmt);
1233 ifsta->assocresp_ies = kmalloc(ifsta->assocresp_ies_len, GFP_KERNEL);
1234 if (ifsta->assocresp_ies)
1235 memcpy(ifsta->assocresp_ies, pos, ifsta->assocresp_ies_len);
1236
1237 ieee80211_set_associated(dev, ifsta, 1);
1238
1239
1240 sta = sta_info_get(local, ifsta->bssid);
1241 if (!sta) {
1242 struct ieee80211_sta_bss *bss;
1243 sta = sta_info_add(local, dev, ifsta->bssid, GFP_KERNEL);
1244 if (!sta) {
1245 printk(KERN_DEBUG "%s: failed to add STA entry for the"
1246 " AP\n", dev->name);
1247 return;
1248 }
1249 bss = ieee80211_rx_bss_get(dev, ifsta->bssid,
1250 local->hw.conf.channel,
1251 ifsta->ssid, ifsta->ssid_len);
1252 if (bss) {
1253 sta->last_rssi = bss->rssi;
1254 sta->last_signal = bss->signal;
1255 sta->last_noise = bss->noise;
1256 ieee80211_rx_bss_put(dev, bss);
1257 }
1258 }
1259
1260 sta->dev = dev;
1261 sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_AP;
1262
1263 rates = 0;
1264 mode = local->oper_hw_mode;
1265 for (i = 0; i < elems.supp_rates_len; i++) {
1266 int rate = (elems.supp_rates[i] & 0x7f) * 5;
1267 for (j = 0; j < mode->num_rates; j++)
1268 if (mode->rates[j].rate == rate)
1269 rates |= BIT(j);
1270 }
1271 for (i = 0; i < elems.ext_supp_rates_len; i++) {
1272 int rate = (elems.ext_supp_rates[i] & 0x7f) * 5;
1273 for (j = 0; j < mode->num_rates; j++)
1274 if (mode->rates[j].rate == rate)
1275 rates |= BIT(j);
1276 }
1277 sta->supp_rates = rates;
1278
1279 rate_control_rate_init(sta, local);
1280
1281 if (elems.wmm_param && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
1282 sta->flags |= WLAN_STA_WME;
1283 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param,
1284 elems.wmm_param_len);
1285 }
1286
1287
1288 sta_info_put(sta);
1289
1290 ieee80211_associated(dev, ifsta);
1291}
1292
1293
1294
1295static void __ieee80211_rx_bss_hash_add(struct net_device *dev,
1296 struct ieee80211_sta_bss *bss)
1297{
1298 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1299 bss->hnext = local->sta_bss_hash[STA_HASH(bss->bssid)];
1300 local->sta_bss_hash[STA_HASH(bss->bssid)] = bss;
1301}
1302
1303
1304
1305static void __ieee80211_rx_bss_hash_del(struct net_device *dev,
1306 struct ieee80211_sta_bss *bss)
1307{
1308 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1309 struct ieee80211_sta_bss *b, *prev = NULL;
1310 b = local->sta_bss_hash[STA_HASH(bss->bssid)];
1311 while (b) {
1312 if (b == bss) {
1313 if (!prev)
1314 local->sta_bss_hash[STA_HASH(bss->bssid)] =
1315 bss->hnext;
1316 else
1317 prev->hnext = bss->hnext;
1318 break;
1319 }
1320 prev = b;
1321 b = b->hnext;
1322 }
1323}
1324
1325
1326static struct ieee80211_sta_bss *
1327ieee80211_rx_bss_add(struct net_device *dev, u8 *bssid, int channel,
1328 u8 *ssid, u8 ssid_len)
1329{
1330 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1331 struct ieee80211_sta_bss *bss;
1332
1333 bss = kzalloc(sizeof(*bss), GFP_ATOMIC);
1334 if (!bss)
1335 return NULL;
1336 atomic_inc(&bss->users);
1337 atomic_inc(&bss->users);
1338 memcpy(bss->bssid, bssid, ETH_ALEN);
1339 bss->channel = channel;
1340 if (ssid && ssid_len <= IEEE80211_MAX_SSID_LEN) {
1341 memcpy(bss->ssid, ssid, ssid_len);
1342 bss->ssid_len = ssid_len;
1343 }
1344
1345 spin_lock_bh(&local->sta_bss_lock);
1346
1347 list_add_tail(&bss->list, &local->sta_bss_list);
1348 __ieee80211_rx_bss_hash_add(dev, bss);
1349 spin_unlock_bh(&local->sta_bss_lock);
1350 return bss;
1351}
1352
1353
1354static struct ieee80211_sta_bss *
1355ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid, int channel,
1356 u8 *ssid, u8 ssid_len)
1357{
1358 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1359 struct ieee80211_sta_bss *bss;
1360
1361 spin_lock_bh(&local->sta_bss_lock);
1362 bss = local->sta_bss_hash[STA_HASH(bssid)];
1363 while (bss) {
1364 if (!memcmp(bss->bssid, bssid, ETH_ALEN) &&
1365 bss->channel == channel &&
1366 bss->ssid_len == ssid_len &&
1367 (ssid_len == 0 || !memcmp(bss->ssid, ssid, ssid_len))) {
1368 atomic_inc(&bss->users);
1369 break;
1370 }
1371 bss = bss->hnext;
1372 }
1373 spin_unlock_bh(&local->sta_bss_lock);
1374 return bss;
1375}
1376
1377
1378static void ieee80211_rx_bss_free(struct ieee80211_sta_bss *bss)
1379{
1380 kfree(bss->wpa_ie);
1381 kfree(bss->rsn_ie);
1382 kfree(bss->wmm_ie);
1383 kfree(bss);
1384}
1385
1386
1387static void ieee80211_rx_bss_put(struct net_device *dev,
1388 struct ieee80211_sta_bss *bss)
1389{
1390 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1391 if (!atomic_dec_and_test(&bss->users))
1392 return;
1393
1394 spin_lock_bh(&local->sta_bss_lock);
1395 __ieee80211_rx_bss_hash_del(dev, bss);
1396 list_del(&bss->list);
1397 spin_unlock_bh(&local->sta_bss_lock);
1398 ieee80211_rx_bss_free(bss);
1399}
1400
1401
1402void ieee80211_rx_bss_list_init(struct net_device *dev)
1403{
1404 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1405 spin_lock_init(&local->sta_bss_lock);
1406 INIT_LIST_HEAD(&local->sta_bss_list);
1407}
1408
1409
1410void ieee80211_rx_bss_list_deinit(struct net_device *dev)
1411{
1412 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1413 struct ieee80211_sta_bss *bss, *tmp;
1414
1415 list_for_each_entry_safe(bss, tmp, &local->sta_bss_list, list)
1416 ieee80211_rx_bss_put(dev, bss);
1417}
1418
1419
1420static void ieee80211_rx_bss_info(struct net_device *dev,
1421 struct ieee80211_mgmt *mgmt,
1422 size_t len,
1423 struct ieee80211_rx_status *rx_status,
1424 int beacon)
1425{
1426 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1427 struct ieee802_11_elems elems;
1428 size_t baselen;
1429 int channel, clen;
1430 struct ieee80211_sta_bss *bss;
1431 struct sta_info *sta;
1432 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1433 u64 timestamp;
1434 DECLARE_MAC_BUF(mac);
1435 DECLARE_MAC_BUF(mac2);
1436
1437 if (!beacon && memcmp(mgmt->da, dev->dev_addr, ETH_ALEN))
1438 return;
1439
1440#if 0
1441 printk(KERN_DEBUG "%s: RX %s from %s to %s\n",
1442 dev->name, beacon ? "Beacon" : "Probe Response",
1443 print_mac(mac, mgmt->sa), print_mac(mac2, mgmt->da));
1444#endif
1445
1446 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
1447 if (baselen > len)
1448 return;
1449
1450 timestamp = le64_to_cpu(mgmt->u.beacon.timestamp);
1451
1452 if (sdata->type == IEEE80211_IF_TYPE_IBSS && beacon &&
1453 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0) {
1454#ifdef CONFIG_MAC80211_IBSS_DEBUG
1455 static unsigned long last_tsf_debug = 0;
1456 u64 tsf;
1457 if (local->ops->get_tsf)
1458 tsf = local->ops->get_tsf(local_to_hw(local));
1459 else
1460 tsf = -1LLU;
1461 if (time_after(jiffies, last_tsf_debug + 5 * HZ)) {
1462 printk(KERN_DEBUG "RX beacon SA=%s BSSID="
1463 "%s TSF=0x%llx BCN=0x%llx diff=%lld "
1464 "@%lu\n",
1465 print_mac(mac, mgmt->sa), print_mac(mac2, mgmt->bssid),
1466 (unsigned long long)tsf,
1467 (unsigned long long)timestamp,
1468 (unsigned long long)(tsf - timestamp),
1469 jiffies);
1470 last_tsf_debug = jiffies;
1471 }
1472#endif
1473 }
1474
1475 ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems);
1476
1477 if (sdata->type == IEEE80211_IF_TYPE_IBSS && elems.supp_rates &&
1478 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0 &&
1479 (sta = sta_info_get(local, mgmt->sa))) {
1480 struct ieee80211_hw_mode *mode;
1481 struct ieee80211_rate *rates;
1482 size_t num_rates;
1483 u32 supp_rates, prev_rates;
1484 int i, j;
1485
1486 mode = local->sta_scanning ?
1487 local->scan_hw_mode : local->oper_hw_mode;
1488 rates = mode->rates;
1489 num_rates = mode->num_rates;
1490
1491 supp_rates = 0;
1492 for (i = 0; i < elems.supp_rates_len +
1493 elems.ext_supp_rates_len; i++) {
1494 u8 rate = 0;
1495 int own_rate;
1496 if (i < elems.supp_rates_len)
1497 rate = elems.supp_rates[i];
1498 else if (elems.ext_supp_rates)
1499 rate = elems.ext_supp_rates
1500 [i - elems.supp_rates_len];
1501 own_rate = 5 * (rate & 0x7f);
1502 for (j = 0; j < num_rates; j++)
1503 if (rates[j].rate == own_rate)
1504 supp_rates |= BIT(j);
1505 }
1506
1507 prev_rates = sta->supp_rates;
1508 sta->supp_rates &= supp_rates;
1509 if (sta->supp_rates == 0) {
1510
1511
1512
1513 sta->supp_rates = sdata->u.sta.supp_rates_bits;
1514 }
1515 if (sta->supp_rates != prev_rates) {
1516 printk(KERN_DEBUG "%s: updated supp_rates set for "
1517 "%s based on beacon info (0x%x & 0x%x -> "
1518 "0x%x)\n",
1519 dev->name, print_mac(mac, sta->addr), prev_rates,
1520 supp_rates, sta->supp_rates);
1521 }
1522 sta_info_put(sta);
1523 }
1524
1525 if (!elems.ssid)
1526 return;
1527
1528 if (elems.ds_params && elems.ds_params_len == 1)
1529 channel = elems.ds_params[0];
1530 else
1531 channel = rx_status->channel;
1532
1533 bss = ieee80211_rx_bss_get(dev, mgmt->bssid, channel,
1534 elems.ssid, elems.ssid_len);
1535 if (!bss) {
1536 bss = ieee80211_rx_bss_add(dev, mgmt->bssid, channel,
1537 elems.ssid, elems.ssid_len);
1538 if (!bss)
1539 return;
1540 } else {
1541#if 0
1542
1543 spin_lock_bh(&local->sta_bss_lock);
1544 list_move_tail(&bss->list, &local->sta_bss_list);
1545 spin_unlock_bh(&local->sta_bss_lock);
1546#endif
1547 }
1548
1549 if (bss->probe_resp && beacon) {
1550
1551 ieee80211_rx_bss_put(dev, bss);
1552 return;
1553 }
1554
1555
1556 if (elems.erp_info && elems.erp_info_len >= 1) {
1557 bss->erp_value = elems.erp_info[0];
1558 bss->has_erp_value = 1;
1559 }
1560
1561 bss->beacon_int = le16_to_cpu(mgmt->u.beacon.beacon_int);
1562 bss->capability = le16_to_cpu(mgmt->u.beacon.capab_info);
1563
1564 bss->supp_rates_len = 0;
1565 if (elems.supp_rates) {
1566 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len;
1567 if (clen > elems.supp_rates_len)
1568 clen = elems.supp_rates_len;
1569 memcpy(&bss->supp_rates[bss->supp_rates_len], elems.supp_rates,
1570 clen);
1571 bss->supp_rates_len += clen;
1572 }
1573 if (elems.ext_supp_rates) {
1574 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len;
1575 if (clen > elems.ext_supp_rates_len)
1576 clen = elems.ext_supp_rates_len;
1577 memcpy(&bss->supp_rates[bss->supp_rates_len],
1578 elems.ext_supp_rates, clen);
1579 bss->supp_rates_len += clen;
1580 }
1581
1582 if (elems.wpa &&
1583 (!bss->wpa_ie || bss->wpa_ie_len != elems.wpa_len ||
1584 memcmp(bss->wpa_ie, elems.wpa, elems.wpa_len))) {
1585 kfree(bss->wpa_ie);
1586 bss->wpa_ie = kmalloc(elems.wpa_len + 2, GFP_ATOMIC);
1587 if (bss->wpa_ie) {
1588 memcpy(bss->wpa_ie, elems.wpa - 2, elems.wpa_len + 2);
1589 bss->wpa_ie_len = elems.wpa_len + 2;
1590 } else
1591 bss->wpa_ie_len = 0;
1592 } else if (!elems.wpa && bss->wpa_ie) {
1593 kfree(bss->wpa_ie);
1594 bss->wpa_ie = NULL;
1595 bss->wpa_ie_len = 0;
1596 }
1597
1598 if (elems.rsn &&
1599 (!bss->rsn_ie || bss->rsn_ie_len != elems.rsn_len ||
1600 memcmp(bss->rsn_ie, elems.rsn, elems.rsn_len))) {
1601 kfree(bss->rsn_ie);
1602 bss->rsn_ie = kmalloc(elems.rsn_len + 2, GFP_ATOMIC);
1603 if (bss->rsn_ie) {
1604 memcpy(bss->rsn_ie, elems.rsn - 2, elems.rsn_len + 2);
1605 bss->rsn_ie_len = elems.rsn_len + 2;
1606 } else
1607 bss->rsn_ie_len = 0;
1608 } else if (!elems.rsn && bss->rsn_ie) {
1609 kfree(bss->rsn_ie);
1610 bss->rsn_ie = NULL;
1611 bss->rsn_ie_len = 0;
1612 }
1613
1614 if (elems.wmm_param &&
1615 (!bss->wmm_ie || bss->wmm_ie_len != elems.wmm_param_len ||
1616 memcmp(bss->wmm_ie, elems.wmm_param, elems.wmm_param_len))) {
1617 kfree(bss->wmm_ie);
1618 bss->wmm_ie = kmalloc(elems.wmm_param_len + 2, GFP_ATOMIC);
1619 if (bss->wmm_ie) {
1620 memcpy(bss->wmm_ie, elems.wmm_param - 2,
1621 elems.wmm_param_len + 2);
1622 bss->wmm_ie_len = elems.wmm_param_len + 2;
1623 } else
1624 bss->wmm_ie_len = 0;
1625 } else if (!elems.wmm_param && bss->wmm_ie) {
1626 kfree(bss->wmm_ie);
1627 bss->wmm_ie = NULL;
1628 bss->wmm_ie_len = 0;
1629 }
1630
1631
1632 bss->hw_mode = rx_status->phymode;
1633 bss->freq = rx_status->freq;
1634 if (channel != rx_status->channel &&
1635 (bss->hw_mode == MODE_IEEE80211G ||
1636 bss->hw_mode == MODE_IEEE80211B) &&
1637 channel >= 1 && channel <= 14) {
1638 static const int freq_list[] = {
1639 2412, 2417, 2422, 2427, 2432, 2437, 2442,
1640 2447, 2452, 2457, 2462, 2467, 2472, 2484
1641 };
1642
1643
1644 bss->freq = freq_list[channel - 1];
1645 }
1646 bss->timestamp = timestamp;
1647 bss->last_update = jiffies;
1648 bss->rssi = rx_status->ssi;
1649 bss->signal = rx_status->signal;
1650 bss->noise = rx_status->noise;
1651 if (!beacon)
1652 bss->probe_resp++;
1653 ieee80211_rx_bss_put(dev, bss);
1654}
1655
1656
1657static void ieee80211_rx_mgmt_probe_resp(struct net_device *dev,
1658 struct ieee80211_mgmt *mgmt,
1659 size_t len,
1660 struct ieee80211_rx_status *rx_status)
1661{
1662 ieee80211_rx_bss_info(dev, mgmt, len, rx_status, 0);
1663}
1664
1665
1666static void ieee80211_rx_mgmt_beacon(struct net_device *dev,
1667 struct ieee80211_mgmt *mgmt,
1668 size_t len,
1669 struct ieee80211_rx_status *rx_status)
1670{
1671 struct ieee80211_sub_if_data *sdata;
1672 struct ieee80211_if_sta *ifsta;
1673 size_t baselen;
1674 struct ieee802_11_elems elems;
1675
1676 ieee80211_rx_bss_info(dev, mgmt, len, rx_status, 1);
1677
1678 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1679 if (sdata->type != IEEE80211_IF_TYPE_STA)
1680 return;
1681 ifsta = &sdata->u.sta;
1682
1683 if (!(ifsta->flags & IEEE80211_STA_ASSOCIATED) ||
1684 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0)
1685 return;
1686
1687
1688 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
1689 if (baselen > len)
1690 return;
1691
1692 ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems);
1693
1694 if (elems.erp_info && elems.erp_info_len >= 1)
1695 ieee80211_handle_erp_ie(dev, elems.erp_info[0]);
1696
1697 if (elems.wmm_param && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
1698 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param,
1699 elems.wmm_param_len);
1700 }
1701}
1702
1703
1704static void ieee80211_rx_mgmt_probe_req(struct net_device *dev,
1705 struct ieee80211_if_sta *ifsta,
1706 struct ieee80211_mgmt *mgmt,
1707 size_t len,
1708 struct ieee80211_rx_status *rx_status)
1709{
1710 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1711 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1712 int tx_last_beacon;
1713 struct sk_buff *skb;
1714 struct ieee80211_mgmt *resp;
1715 u8 *pos, *end;
1716 DECLARE_MAC_BUF(mac);
1717#ifdef CONFIG_MAC80211_IBSS_DEBUG
1718 DECLARE_MAC_BUF(mac2);
1719 DECLARE_MAC_BUF(mac3);
1720#endif
1721
1722 if (sdata->type != IEEE80211_IF_TYPE_IBSS ||
1723 ifsta->state != IEEE80211_IBSS_JOINED ||
1724 len < 24 + 2 || !ifsta->probe_resp)
1725 return;
1726
1727 if (local->ops->tx_last_beacon)
1728 tx_last_beacon = local->ops->tx_last_beacon(local_to_hw(local));
1729 else
1730 tx_last_beacon = 1;
1731
1732#ifdef CONFIG_MAC80211_IBSS_DEBUG
1733 printk(KERN_DEBUG "%s: RX ProbeReq SA=%s DA=%s BSSID="
1734 "%s (tx_last_beacon=%d)\n",
1735 dev->name, print_mac(mac, mgmt->sa), print_mac(mac2, mgmt->da),
1736 print_mac(mac3, mgmt->bssid), tx_last_beacon);
1737#endif
1738
1739 if (!tx_last_beacon)
1740 return;
1741
1742 if (memcmp(mgmt->bssid, ifsta->bssid, ETH_ALEN) != 0 &&
1743 memcmp(mgmt->bssid, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0)
1744 return;
1745
1746 end = ((u8 *) mgmt) + len;
1747 pos = mgmt->u.probe_req.variable;
1748 if (pos[0] != WLAN_EID_SSID ||
1749 pos + 2 + pos[1] > end) {
1750 if (net_ratelimit()) {
1751 printk(KERN_DEBUG "%s: Invalid SSID IE in ProbeReq "
1752 "from %s\n",
1753 dev->name, print_mac(mac, mgmt->sa));
1754 }
1755 return;
1756 }
1757 if (pos[1] != 0 &&
1758 (pos[1] != ifsta->ssid_len ||
1759 memcmp(pos + 2, ifsta->ssid, ifsta->ssid_len) != 0)) {
1760
1761 return;
1762 }
1763
1764
1765 skb = skb_copy(ifsta->probe_resp, GFP_KERNEL);
1766 if (!skb)
1767 return;
1768
1769 resp = (struct ieee80211_mgmt *) skb->data;
1770 memcpy(resp->da, mgmt->sa, ETH_ALEN);
1771#ifdef CONFIG_MAC80211_IBSS_DEBUG
1772 printk(KERN_DEBUG "%s: Sending ProbeResp to %s\n",
1773 dev->name, print_mac(mac, resp->da));
1774#endif
1775 ieee80211_sta_tx(dev, skb, 0);
1776}
1777
1778
1779void ieee80211_sta_rx_mgmt(struct net_device *dev, struct sk_buff *skb,
1780 struct ieee80211_rx_status *rx_status)
1781{
1782 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1783 struct ieee80211_sub_if_data *sdata;
1784 struct ieee80211_if_sta *ifsta;
1785 struct ieee80211_mgmt *mgmt;
1786 u16 fc;
1787
1788 if (skb->len < 24)
1789 goto fail;
1790
1791 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1792 ifsta = &sdata->u.sta;
1793
1794 mgmt = (struct ieee80211_mgmt *) skb->data;
1795 fc = le16_to_cpu(mgmt->frame_control);
1796
1797 switch (fc & IEEE80211_FCTL_STYPE) {
1798 case IEEE80211_STYPE_PROBE_REQ:
1799 case IEEE80211_STYPE_PROBE_RESP:
1800 case IEEE80211_STYPE_BEACON:
1801 memcpy(skb->cb, rx_status, sizeof(*rx_status));
1802 case IEEE80211_STYPE_AUTH:
1803 case IEEE80211_STYPE_ASSOC_RESP:
1804 case IEEE80211_STYPE_REASSOC_RESP:
1805 case IEEE80211_STYPE_DEAUTH:
1806 case IEEE80211_STYPE_DISASSOC:
1807 skb_queue_tail(&ifsta->skb_queue, skb);
1808 queue_work(local->hw.workqueue, &ifsta->work);
1809 return;
1810 default:
1811 printk(KERN_DEBUG "%s: received unknown management frame - "
1812 "stype=%d\n", dev->name,
1813 (fc & IEEE80211_FCTL_STYPE) >> 4);
1814 break;
1815 }
1816
1817 fail:
1818 kfree_skb(skb);
1819}
1820
1821
1822static void ieee80211_sta_rx_queued_mgmt(struct net_device *dev,
1823 struct sk_buff *skb)
1824{
1825 struct ieee80211_rx_status *rx_status;
1826 struct ieee80211_sub_if_data *sdata;
1827 struct ieee80211_if_sta *ifsta;
1828 struct ieee80211_mgmt *mgmt;
1829 u16 fc;
1830
1831 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1832 ifsta = &sdata->u.sta;
1833
1834 rx_status = (struct ieee80211_rx_status *) skb->cb;
1835 mgmt = (struct ieee80211_mgmt *) skb->data;
1836 fc = le16_to_cpu(mgmt->frame_control);
1837
1838 switch (fc & IEEE80211_FCTL_STYPE) {
1839 case IEEE80211_STYPE_PROBE_REQ:
1840 ieee80211_rx_mgmt_probe_req(dev, ifsta, mgmt, skb->len,
1841 rx_status);
1842 break;
1843 case IEEE80211_STYPE_PROBE_RESP:
1844 ieee80211_rx_mgmt_probe_resp(dev, mgmt, skb->len, rx_status);
1845 break;
1846 case IEEE80211_STYPE_BEACON:
1847 ieee80211_rx_mgmt_beacon(dev, mgmt, skb->len, rx_status);
1848 break;
1849 case IEEE80211_STYPE_AUTH:
1850 ieee80211_rx_mgmt_auth(dev, ifsta, mgmt, skb->len);
1851 break;
1852 case IEEE80211_STYPE_ASSOC_RESP:
1853 ieee80211_rx_mgmt_assoc_resp(dev, ifsta, mgmt, skb->len, 0);
1854 break;
1855 case IEEE80211_STYPE_REASSOC_RESP:
1856 ieee80211_rx_mgmt_assoc_resp(dev, ifsta, mgmt, skb->len, 1);
1857 break;
1858 case IEEE80211_STYPE_DEAUTH:
1859 ieee80211_rx_mgmt_deauth(dev, ifsta, mgmt, skb->len);
1860 break;
1861 case IEEE80211_STYPE_DISASSOC:
1862 ieee80211_rx_mgmt_disassoc(dev, ifsta, mgmt, skb->len);
1863 break;
1864 }
1865
1866 kfree_skb(skb);
1867}
1868
1869
1870void ieee80211_sta_rx_scan(struct net_device *dev, struct sk_buff *skb,
1871 struct ieee80211_rx_status *rx_status)
1872{
1873 struct ieee80211_mgmt *mgmt;
1874 u16 fc;
1875
1876 if (skb->len < 24) {
1877 dev_kfree_skb(skb);
1878 return;
1879 }
1880
1881 mgmt = (struct ieee80211_mgmt *) skb->data;
1882 fc = le16_to_cpu(mgmt->frame_control);
1883
1884 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT) {
1885 if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PROBE_RESP) {
1886 ieee80211_rx_mgmt_probe_resp(dev, mgmt,
1887 skb->len, rx_status);
1888 } else if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_BEACON) {
1889 ieee80211_rx_mgmt_beacon(dev, mgmt, skb->len,
1890 rx_status);
1891 }
1892 }
1893
1894 dev_kfree_skb(skb);
1895}
1896
1897
1898static int ieee80211_sta_active_ibss(struct net_device *dev)
1899{
1900 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1901 int active = 0;
1902 struct sta_info *sta;
1903
1904 read_lock_bh(&local->sta_lock);
1905 list_for_each_entry(sta, &local->sta_list, list) {
1906 if (sta->dev == dev &&
1907 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL,
1908 jiffies)) {
1909 active++;
1910 break;
1911 }
1912 }
1913 read_unlock_bh(&local->sta_lock);
1914
1915 return active;
1916}
1917
1918
1919static void ieee80211_sta_expire(struct net_device *dev)
1920{
1921 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1922 struct sta_info *sta, *tmp;
1923 LIST_HEAD(tmp_list);
1924 DECLARE_MAC_BUF(mac);
1925
1926 write_lock_bh(&local->sta_lock);
1927 list_for_each_entry_safe(sta, tmp, &local->sta_list, list)
1928 if (time_after(jiffies, sta->last_rx +
1929 IEEE80211_IBSS_INACTIVITY_LIMIT)) {
1930 printk(KERN_DEBUG "%s: expiring inactive STA %s\n",
1931 dev->name, print_mac(mac, sta->addr));
1932 __sta_info_get(sta);
1933 sta_info_remove(sta);
1934 list_add(&sta->list, &tmp_list);
1935 }
1936 write_unlock_bh(&local->sta_lock);
1937
1938 list_for_each_entry_safe(sta, tmp, &tmp_list, list) {
1939 sta_info_free(sta);
1940 sta_info_put(sta);
1941 }
1942}
1943
1944
1945static void ieee80211_sta_merge_ibss(struct net_device *dev,
1946 struct ieee80211_if_sta *ifsta)
1947{
1948 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
1949
1950 ieee80211_sta_expire(dev);
1951 if (ieee80211_sta_active_ibss(dev))
1952 return;
1953
1954 printk(KERN_DEBUG "%s: No active IBSS STAs - trying to scan for other "
1955 "IBSS networks with same SSID (merge)\n", dev->name);
1956 ieee80211_sta_req_scan(dev, ifsta->ssid, ifsta->ssid_len);
1957}
1958
1959
1960void ieee80211_sta_timer(unsigned long data)
1961{
1962 struct ieee80211_sub_if_data *sdata =
1963 (struct ieee80211_sub_if_data *) data;
1964 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
1965 struct ieee80211_local *local = wdev_priv(&sdata->wdev);
1966
1967 set_bit(IEEE80211_STA_REQ_RUN, &ifsta->request);
1968 queue_work(local->hw.workqueue, &ifsta->work);
1969}
1970
1971
1972void ieee80211_sta_work(struct work_struct *work)
1973{
1974 struct ieee80211_sub_if_data *sdata =
1975 container_of(work, struct ieee80211_sub_if_data, u.sta.work);
1976 struct net_device *dev = sdata->dev;
1977 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1978 struct ieee80211_if_sta *ifsta;
1979 struct sk_buff *skb;
1980
1981 if (!netif_running(dev))
1982 return;
1983
1984 if (local->sta_scanning)
1985 return;
1986
1987 if (sdata->type != IEEE80211_IF_TYPE_STA &&
1988 sdata->type != IEEE80211_IF_TYPE_IBSS) {
1989 printk(KERN_DEBUG "%s: ieee80211_sta_work: non-STA interface "
1990 "(type=%d)\n", dev->name, sdata->type);
1991 return;
1992 }
1993 ifsta = &sdata->u.sta;
1994
1995 while ((skb = skb_dequeue(&ifsta->skb_queue)))
1996 ieee80211_sta_rx_queued_mgmt(dev, skb);
1997
1998 if (ifsta->state != IEEE80211_AUTHENTICATE &&
1999 ifsta->state != IEEE80211_ASSOCIATE &&
2000 test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request)) {
2001 if (ifsta->scan_ssid_len)
2002 ieee80211_sta_start_scan(dev, ifsta->scan_ssid, ifsta->scan_ssid_len);
2003 else
2004 ieee80211_sta_start_scan(dev, NULL, 0);
2005 return;
2006 }
2007
2008 if (test_and_clear_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request)) {
2009 if (ieee80211_sta_config_auth(dev, ifsta))
2010 return;
2011 clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request);
2012 } else if (!test_and_clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request))
2013 return;
2014
2015 switch (ifsta->state) {
2016 case IEEE80211_DISABLED:
2017 break;
2018 case IEEE80211_AUTHENTICATE:
2019 ieee80211_authenticate(dev, ifsta);
2020 break;
2021 case IEEE80211_ASSOCIATE:
2022 ieee80211_associate(dev, ifsta);
2023 break;
2024 case IEEE80211_ASSOCIATED:
2025 ieee80211_associated(dev, ifsta);
2026 break;
2027 case IEEE80211_IBSS_SEARCH:
2028 ieee80211_sta_find_ibss(dev, ifsta);
2029 break;
2030 case IEEE80211_IBSS_JOINED:
2031 ieee80211_sta_merge_ibss(dev, ifsta);
2032 break;
2033 default:
2034 printk(KERN_DEBUG "ieee80211_sta_work: Unknown state %d\n",
2035 ifsta->state);
2036 break;
2037 }
2038
2039 if (ieee80211_privacy_mismatch(dev, ifsta)) {
2040 printk(KERN_DEBUG "%s: privacy configuration mismatch and "
2041 "mixed-cell disabled - disassociate\n", dev->name);
2042
2043 ieee80211_send_disassoc(dev, ifsta, WLAN_REASON_UNSPECIFIED);
2044 ieee80211_set_disassoc(dev, ifsta, 0);
2045 }
2046}
2047
2048
2049static void ieee80211_sta_reset_auth(struct net_device *dev,
2050 struct ieee80211_if_sta *ifsta)
2051{
2052 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2053
2054 if (local->ops->reset_tsf) {
2055
2056 local->ops->reset_tsf(local_to_hw(local));
2057 }
2058
2059 ifsta->wmm_last_param_set = -1;
2060
2061
2062 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN)
2063 ifsta->auth_alg = WLAN_AUTH_OPEN;
2064 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
2065 ifsta->auth_alg = WLAN_AUTH_SHARED_KEY;
2066 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP)
2067 ifsta->auth_alg = WLAN_AUTH_LEAP;
2068 else
2069 ifsta->auth_alg = WLAN_AUTH_OPEN;
2070 printk(KERN_DEBUG "%s: Initial auth_alg=%d\n", dev->name,
2071 ifsta->auth_alg);
2072 ifsta->auth_transaction = -1;
2073 ifsta->flags &= ~IEEE80211_STA_ASSOCIATED;
2074 ifsta->auth_tries = ifsta->assoc_tries = 0;
2075 netif_carrier_off(dev);
2076}
2077
2078
2079void ieee80211_sta_req_auth(struct net_device *dev,
2080 struct ieee80211_if_sta *ifsta)
2081{
2082 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2083 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2084
2085 if (sdata->type != IEEE80211_IF_TYPE_STA)
2086 return;
2087
2088 if ((ifsta->flags & (IEEE80211_STA_BSSID_SET |
2089 IEEE80211_STA_AUTO_BSSID_SEL)) &&
2090 (ifsta->flags & (IEEE80211_STA_SSID_SET |
2091 IEEE80211_STA_AUTO_SSID_SEL))) {
2092 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request);
2093 queue_work(local->hw.workqueue, &ifsta->work);
2094 }
2095}
2096
2097static int ieee80211_sta_match_ssid(struct ieee80211_if_sta *ifsta,
2098 const char *ssid, int ssid_len)
2099{
2100 int tmp, hidden_ssid;
2101
2102 if (ssid_len == ifsta->ssid_len &&
2103 !memcmp(ifsta->ssid, ssid, ssid_len))
2104 return 1;
2105
2106 if (ifsta->flags & IEEE80211_STA_AUTO_BSSID_SEL)
2107 return 0;
2108
2109 hidden_ssid = 1;
2110 tmp = ssid_len;
2111 while (tmp--) {
2112 if (ssid[tmp] != '\0') {
2113 hidden_ssid = 0;
2114 break;
2115 }
2116 }
2117
2118 if (hidden_ssid && ifsta->ssid_len == ssid_len)
2119 return 1;
2120
2121 if (ssid_len == 1 && ssid[0] == ' ')
2122 return 1;
2123
2124 return 0;
2125}
2126
2127static int ieee80211_sta_config_auth(struct net_device *dev,
2128 struct ieee80211_if_sta *ifsta)
2129{
2130 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2131 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2132 struct ieee80211_sta_bss *bss, *selected = NULL;
2133 int top_rssi = 0, freq;
2134
2135 if (!(ifsta->flags & (IEEE80211_STA_AUTO_SSID_SEL |
2136 IEEE80211_STA_AUTO_BSSID_SEL | IEEE80211_STA_AUTO_CHANNEL_SEL))) {
2137 ifsta->state = IEEE80211_AUTHENTICATE;
2138 ieee80211_sta_reset_auth(dev, ifsta);
2139 return 0;
2140 }
2141
2142 spin_lock_bh(&local->sta_bss_lock);
2143 freq = local->oper_channel->freq;
2144 list_for_each_entry(bss, &local->sta_bss_list, list) {
2145 if (!(bss->capability & WLAN_CAPABILITY_ESS))
2146 continue;
2147
2148 if (!!(bss->capability & WLAN_CAPABILITY_PRIVACY) ^
2149 !!sdata->default_key)
2150 continue;
2151
2152 if (!(ifsta->flags & IEEE80211_STA_AUTO_CHANNEL_SEL) &&
2153 bss->freq != freq)
2154 continue;
2155
2156 if (!(ifsta->flags & IEEE80211_STA_AUTO_BSSID_SEL) &&
2157 memcmp(bss->bssid, ifsta->bssid, ETH_ALEN))
2158 continue;
2159
2160 if (!(ifsta->flags & IEEE80211_STA_AUTO_SSID_SEL) &&
2161 !ieee80211_sta_match_ssid(ifsta, bss->ssid, bss->ssid_len))
2162 continue;
2163
2164 if (!selected || top_rssi < bss->rssi) {
2165 selected = bss;
2166 top_rssi = bss->rssi;
2167 }
2168 }
2169 if (selected)
2170 atomic_inc(&selected->users);
2171 spin_unlock_bh(&local->sta_bss_lock);
2172
2173 if (selected) {
2174 ieee80211_set_channel(local, -1, selected->freq);
2175 if (!(ifsta->flags & IEEE80211_STA_SSID_SET))
2176 ieee80211_sta_set_ssid(dev, selected->ssid,
2177 selected->ssid_len);
2178 ieee80211_sta_set_bssid(dev, selected->bssid);
2179 ieee80211_rx_bss_put(dev, selected);
2180 ifsta->state = IEEE80211_AUTHENTICATE;
2181 ieee80211_sta_reset_auth(dev, ifsta);
2182 return 0;
2183 } else {
2184 if (ifsta->state != IEEE80211_AUTHENTICATE) {
2185 if (ifsta->flags & IEEE80211_STA_AUTO_SSID_SEL)
2186 ieee80211_sta_start_scan(dev, NULL, 0);
2187 else
2188 ieee80211_sta_start_scan(dev, ifsta->ssid,
2189 ifsta->ssid_len);
2190 ifsta->state = IEEE80211_AUTHENTICATE;
2191 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request);
2192 } else
2193 ifsta->state = IEEE80211_DISABLED;
2194 }
2195 return -1;
2196}
2197
2198static int ieee80211_sta_join_ibss(struct net_device *dev,
2199 struct ieee80211_if_sta *ifsta,
2200 struct ieee80211_sta_bss *bss)
2201{
2202 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2203 int res, rates, i, j;
2204 struct sk_buff *skb;
2205 struct ieee80211_mgmt *mgmt;
2206 struct ieee80211_tx_control control;
2207 struct ieee80211_rate *rate;
2208 struct ieee80211_hw_mode *mode;
2209 struct rate_control_extra extra;
2210 u8 *pos;
2211 struct ieee80211_sub_if_data *sdata;
2212
2213
2214 sta_info_flush(local, NULL);
2215
2216 if (local->ops->reset_tsf) {
2217
2218 local->ops->reset_tsf(local_to_hw(local));
2219 }
2220 memcpy(ifsta->bssid, bss->bssid, ETH_ALEN);
2221 res = ieee80211_if_config(dev);
2222 if (res)
2223 return res;
2224
2225 local->hw.conf.beacon_int = bss->beacon_int >= 10 ? bss->beacon_int : 10;
2226
2227 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2228 sdata->drop_unencrypted = bss->capability &
2229 WLAN_CAPABILITY_PRIVACY ? 1 : 0;
2230
2231 res = ieee80211_set_channel(local, -1, bss->freq);
2232
2233 if (!(local->oper_channel->flag & IEEE80211_CHAN_W_IBSS)) {
2234 printk(KERN_DEBUG "%s: IBSS not allowed on channel %d "
2235 "(%d MHz)\n", dev->name, local->hw.conf.channel,
2236 local->hw.conf.freq);
2237 return -1;
2238 }
2239
2240
2241 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400);
2242 do {
2243 if (!skb)
2244 break;
2245
2246 skb_reserve(skb, local->hw.extra_tx_headroom);
2247
2248 mgmt = (struct ieee80211_mgmt *)
2249 skb_put(skb, 24 + sizeof(mgmt->u.beacon));
2250 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon));
2251 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
2252 IEEE80211_STYPE_BEACON);
2253 memset(mgmt->da, 0xff, ETH_ALEN);
2254 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
2255 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
2256 mgmt->u.beacon.beacon_int =
2257 cpu_to_le16(local->hw.conf.beacon_int);
2258 mgmt->u.beacon.capab_info = cpu_to_le16(bss->capability);
2259
2260 pos = skb_put(skb, 2 + ifsta->ssid_len);
2261 *pos++ = WLAN_EID_SSID;
2262 *pos++ = ifsta->ssid_len;
2263 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
2264
2265 rates = bss->supp_rates_len;
2266 if (rates > 8)
2267 rates = 8;
2268 pos = skb_put(skb, 2 + rates);
2269 *pos++ = WLAN_EID_SUPP_RATES;
2270 *pos++ = rates;
2271 memcpy(pos, bss->supp_rates, rates);
2272
2273 pos = skb_put(skb, 2 + 1);
2274 *pos++ = WLAN_EID_DS_PARAMS;
2275 *pos++ = 1;
2276 *pos++ = bss->channel;
2277
2278 pos = skb_put(skb, 2 + 2);
2279 *pos++ = WLAN_EID_IBSS_PARAMS;
2280 *pos++ = 2;
2281
2282 *pos++ = 0;
2283 *pos++ = 0;
2284
2285 if (bss->supp_rates_len > 8) {
2286 rates = bss->supp_rates_len - 8;
2287 pos = skb_put(skb, 2 + rates);
2288 *pos++ = WLAN_EID_EXT_SUPP_RATES;
2289 *pos++ = rates;
2290 memcpy(pos, &bss->supp_rates[8], rates);
2291 }
2292
2293 memset(&control, 0, sizeof(control));
2294 memset(&extra, 0, sizeof(extra));
2295 extra.mode = local->oper_hw_mode;
2296 rate = rate_control_get_rate(local, dev, skb, &extra);
2297 if (!rate) {
2298 printk(KERN_DEBUG "%s: Failed to determine TX rate "
2299 "for IBSS beacon\n", dev->name);
2300 break;
2301 }
2302 control.tx_rate =
2303 ((sdata->flags & IEEE80211_SDATA_SHORT_PREAMBLE) &&
2304 (rate->flags & IEEE80211_RATE_PREAMBLE2)) ?
2305 rate->val2 : rate->val;
2306 control.antenna_sel_tx = local->hw.conf.antenna_sel_tx;
2307 control.power_level = local->hw.conf.power_level;
2308 control.flags |= IEEE80211_TXCTL_NO_ACK;
2309 control.retry_limit = 1;
2310
2311 ifsta->probe_resp = skb_copy(skb, GFP_ATOMIC);
2312 if (ifsta->probe_resp) {
2313 mgmt = (struct ieee80211_mgmt *)
2314 ifsta->probe_resp->data;
2315 mgmt->frame_control =
2316 IEEE80211_FC(IEEE80211_FTYPE_MGMT,
2317 IEEE80211_STYPE_PROBE_RESP);
2318 } else {
2319 printk(KERN_DEBUG "%s: Could not allocate ProbeResp "
2320 "template for IBSS\n", dev->name);
2321 }
2322
2323 if (local->ops->beacon_update &&
2324 local->ops->beacon_update(local_to_hw(local),
2325 skb, &control) == 0) {
2326 printk(KERN_DEBUG "%s: Configured IBSS beacon "
2327 "template based on scan results\n", dev->name);
2328 skb = NULL;
2329 }
2330
2331 rates = 0;
2332 mode = local->oper_hw_mode;
2333 for (i = 0; i < bss->supp_rates_len; i++) {
2334 int bitrate = (bss->supp_rates[i] & 0x7f) * 5;
2335 for (j = 0; j < mode->num_rates; j++)
2336 if (mode->rates[j].rate == bitrate)
2337 rates |= BIT(j);
2338 }
2339 ifsta->supp_rates_bits = rates;
2340 } while (0);
2341
2342 if (skb) {
2343 printk(KERN_DEBUG "%s: Failed to configure IBSS beacon "
2344 "template\n", dev->name);
2345 dev_kfree_skb(skb);
2346 }
2347
2348 ifsta->state = IEEE80211_IBSS_JOINED;
2349 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
2350
2351 ieee80211_rx_bss_put(dev, bss);
2352
2353 return res;
2354}
2355
2356
2357static int ieee80211_sta_create_ibss(struct net_device *dev,
2358 struct ieee80211_if_sta *ifsta)
2359{
2360 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2361 struct ieee80211_sta_bss *bss;
2362 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2363 struct ieee80211_hw_mode *mode;
2364 u8 bssid[ETH_ALEN], *pos;
2365 int i;
2366 DECLARE_MAC_BUF(mac);
2367
2368#if 0
2369
2370 memset(bssid, 0xfe, ETH_ALEN);
2371#else
2372
2373
2374
2375 get_random_bytes(bssid, ETH_ALEN);
2376 for (i = 0; i < ETH_ALEN; i++)
2377 bssid[i] ^= dev->dev_addr[i];
2378 bssid[0] &= ~0x01;
2379 bssid[0] |= 0x02;
2380#endif
2381
2382 printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID %s\n",
2383 dev->name, print_mac(mac, bssid));
2384
2385 bss = ieee80211_rx_bss_add(dev, bssid, local->hw.conf.channel,
2386 sdata->u.sta.ssid, sdata->u.sta.ssid_len);
2387 if (!bss)
2388 return -ENOMEM;
2389
2390 mode = local->oper_hw_mode;
2391
2392 if (local->hw.conf.beacon_int == 0)
2393 local->hw.conf.beacon_int = 100;
2394 bss->beacon_int = local->hw.conf.beacon_int;
2395 bss->hw_mode = local->hw.conf.phymode;
2396 bss->freq = local->hw.conf.freq;
2397 bss->last_update = jiffies;
2398 bss->capability = WLAN_CAPABILITY_IBSS;
2399 if (sdata->default_key) {
2400 bss->capability |= WLAN_CAPABILITY_PRIVACY;
2401 } else
2402 sdata->drop_unencrypted = 0;
2403 bss->supp_rates_len = mode->num_rates;
2404 pos = bss->supp_rates;
2405 for (i = 0; i < mode->num_rates; i++) {
2406 int rate = mode->rates[i].rate;
2407 *pos++ = (u8) (rate / 5);
2408 }
2409
2410 return ieee80211_sta_join_ibss(dev, ifsta, bss);
2411}
2412
2413
2414static int ieee80211_sta_find_ibss(struct net_device *dev,
2415 struct ieee80211_if_sta *ifsta)
2416{
2417 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2418 struct ieee80211_sta_bss *bss;
2419 int found = 0;
2420 u8 bssid[ETH_ALEN];
2421 int active_ibss;
2422 DECLARE_MAC_BUF(mac);
2423 DECLARE_MAC_BUF(mac2);
2424
2425 if (ifsta->ssid_len == 0)
2426 return -EINVAL;
2427
2428 active_ibss = ieee80211_sta_active_ibss(dev);
2429#ifdef CONFIG_MAC80211_IBSS_DEBUG
2430 printk(KERN_DEBUG "%s: sta_find_ibss (active_ibss=%d)\n",
2431 dev->name, active_ibss);
2432#endif
2433 spin_lock_bh(&local->sta_bss_lock);
2434 list_for_each_entry(bss, &local->sta_bss_list, list) {
2435 if (ifsta->ssid_len != bss->ssid_len ||
2436 memcmp(ifsta->ssid, bss->ssid, bss->ssid_len) != 0
2437 || !(bss->capability & WLAN_CAPABILITY_IBSS))
2438 continue;
2439#ifdef CONFIG_MAC80211_IBSS_DEBUG
2440 printk(KERN_DEBUG " bssid=%s found\n",
2441 print_mac(mac, bss->bssid));
2442#endif
2443 memcpy(bssid, bss->bssid, ETH_ALEN);
2444 found = 1;
2445 if (active_ibss || memcmp(bssid, ifsta->bssid, ETH_ALEN) != 0)
2446 break;
2447 }
2448 spin_unlock_bh(&local->sta_bss_lock);
2449
2450#ifdef CONFIG_MAC80211_IBSS_DEBUG
2451 printk(KERN_DEBUG " sta_find_ibss: selected %s current "
2452 "%s\n", print_mac(mac, bssid), print_mac(mac2, ifsta->bssid));
2453#endif
2454 if (found && memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0 &&
2455 (bss = ieee80211_rx_bss_get(dev, bssid, local->hw.conf.channel,
2456 ifsta->ssid, ifsta->ssid_len))) {
2457 printk(KERN_DEBUG "%s: Selected IBSS BSSID %s"
2458 " based on configured SSID\n",
2459 dev->name, print_mac(mac, bssid));
2460 return ieee80211_sta_join_ibss(dev, ifsta, bss);
2461 }
2462#ifdef CONFIG_MAC80211_IBSS_DEBUG
2463 printk(KERN_DEBUG " did not try to join ibss\n");
2464#endif
2465
2466
2467 if (ifsta->state == IEEE80211_IBSS_JOINED &&
2468 !ieee80211_sta_active_ibss(dev)) {
2469 mod_timer(&ifsta->timer, jiffies +
2470 IEEE80211_IBSS_MERGE_INTERVAL);
2471 } else if (time_after(jiffies, local->last_scan_completed +
2472 IEEE80211_SCAN_INTERVAL)) {
2473 printk(KERN_DEBUG "%s: Trigger new scan to find an IBSS to "
2474 "join\n", dev->name);
2475 return ieee80211_sta_req_scan(dev, ifsta->ssid,
2476 ifsta->ssid_len);
2477 } else if (ifsta->state != IEEE80211_IBSS_JOINED) {
2478 int interval = IEEE80211_SCAN_INTERVAL;
2479
2480 if (time_after(jiffies, ifsta->ibss_join_req +
2481 IEEE80211_IBSS_JOIN_TIMEOUT)) {
2482 if ((ifsta->flags & IEEE80211_STA_CREATE_IBSS) &&
2483 local->oper_channel->flag & IEEE80211_CHAN_W_IBSS)
2484 return ieee80211_sta_create_ibss(dev, ifsta);
2485 if (ifsta->flags & IEEE80211_STA_CREATE_IBSS) {
2486 printk(KERN_DEBUG "%s: IBSS not allowed on the"
2487 " configured channel %d (%d MHz)\n",
2488 dev->name, local->hw.conf.channel,
2489 local->hw.conf.freq);
2490 }
2491
2492
2493
2494 interval = IEEE80211_SCAN_INTERVAL_SLOW;
2495 }
2496
2497 ifsta->state = IEEE80211_IBSS_SEARCH;
2498 mod_timer(&ifsta->timer, jiffies + interval);
2499 return 0;
2500 }
2501
2502 return 0;
2503}
2504
2505
2506int ieee80211_sta_set_ssid(struct net_device *dev, char *ssid, size_t len)
2507{
2508 struct ieee80211_sub_if_data *sdata;
2509 struct ieee80211_if_sta *ifsta;
2510 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2511
2512 if (len > IEEE80211_MAX_SSID_LEN)
2513 return -EINVAL;
2514
2515
2516
2517 if (local->ops->conf_tx) {
2518 struct ieee80211_tx_queue_params qparam;
2519 int i;
2520
2521 memset(&qparam, 0, sizeof(qparam));
2522
2523 qparam.aifs = 2;
2524 qparam.cw_min =
2525 local->hw.conf.phymode == MODE_IEEE80211B ? 31 : 15;
2526 qparam.cw_max = 1023;
2527 qparam.burst_time = 0;
2528 for (i = IEEE80211_TX_QUEUE_DATA0; i < NUM_TX_DATA_QUEUES; i++)
2529 {
2530 local->ops->conf_tx(local_to_hw(local),
2531 i + IEEE80211_TX_QUEUE_DATA0,
2532 &qparam);
2533 }
2534
2535 qparam.cw_min++;
2536 qparam.cw_min *= 2;
2537 qparam.cw_min--;
2538 local->ops->conf_tx(local_to_hw(local),
2539 IEEE80211_TX_QUEUE_BEACON, &qparam);
2540 }
2541
2542 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2543 ifsta = &sdata->u.sta;
2544
2545 if (ifsta->ssid_len != len || memcmp(ifsta->ssid, ssid, len) != 0)
2546 ifsta->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
2547 memcpy(ifsta->ssid, ssid, len);
2548 memset(ifsta->ssid + len, 0, IEEE80211_MAX_SSID_LEN - len);
2549 ifsta->ssid_len = len;
2550
2551 if (len)
2552 ifsta->flags |= IEEE80211_STA_SSID_SET;
2553 else
2554 ifsta->flags &= ~IEEE80211_STA_SSID_SET;
2555 if (sdata->type == IEEE80211_IF_TYPE_IBSS &&
2556 !(ifsta->flags & IEEE80211_STA_BSSID_SET)) {
2557 ifsta->ibss_join_req = jiffies;
2558 ifsta->state = IEEE80211_IBSS_SEARCH;
2559 return ieee80211_sta_find_ibss(dev, ifsta);
2560 }
2561 return 0;
2562}
2563
2564
2565int ieee80211_sta_get_ssid(struct net_device *dev, char *ssid, size_t *len)
2566{
2567 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2568 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2569 memcpy(ssid, ifsta->ssid, ifsta->ssid_len);
2570 *len = ifsta->ssid_len;
2571 return 0;
2572}
2573
2574
2575int ieee80211_sta_set_bssid(struct net_device *dev, u8 *bssid)
2576{
2577 struct ieee80211_sub_if_data *sdata;
2578 struct ieee80211_if_sta *ifsta;
2579 int res;
2580
2581 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2582 ifsta = &sdata->u.sta;
2583
2584 if (memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0) {
2585 memcpy(ifsta->bssid, bssid, ETH_ALEN);
2586 res = ieee80211_if_config(dev);
2587 if (res) {
2588 printk(KERN_DEBUG "%s: Failed to config new BSSID to "
2589 "the low-level driver\n", dev->name);
2590 return res;
2591 }
2592 }
2593
2594 if (is_valid_ether_addr(bssid))
2595 ifsta->flags |= IEEE80211_STA_BSSID_SET;
2596 else
2597 ifsta->flags &= ~IEEE80211_STA_BSSID_SET;
2598
2599 return 0;
2600}
2601
2602
2603static void ieee80211_send_nullfunc(struct ieee80211_local *local,
2604 struct ieee80211_sub_if_data *sdata,
2605 int powersave)
2606{
2607 struct sk_buff *skb;
2608 struct ieee80211_hdr *nullfunc;
2609 u16 fc;
2610
2611 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 24);
2612 if (!skb) {
2613 printk(KERN_DEBUG "%s: failed to allocate buffer for nullfunc "
2614 "frame\n", sdata->dev->name);
2615 return;
2616 }
2617 skb_reserve(skb, local->hw.extra_tx_headroom);
2618
2619 nullfunc = (struct ieee80211_hdr *) skb_put(skb, 24);
2620 memset(nullfunc, 0, 24);
2621 fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC |
2622 IEEE80211_FCTL_TODS;
2623 if (powersave)
2624 fc |= IEEE80211_FCTL_PM;
2625 nullfunc->frame_control = cpu_to_le16(fc);
2626 memcpy(nullfunc->addr1, sdata->u.sta.bssid, ETH_ALEN);
2627 memcpy(nullfunc->addr2, sdata->dev->dev_addr, ETH_ALEN);
2628 memcpy(nullfunc->addr3, sdata->u.sta.bssid, ETH_ALEN);
2629
2630 ieee80211_sta_tx(sdata->dev, skb, 0);
2631}
2632
2633
2634void ieee80211_scan_completed(struct ieee80211_hw *hw)
2635{
2636 struct ieee80211_local *local = hw_to_local(hw);
2637 struct net_device *dev = local->scan_dev;
2638 struct ieee80211_sub_if_data *sdata;
2639 union iwreq_data wrqu;
2640
2641 local->last_scan_completed = jiffies;
2642 wmb();
2643 local->sta_scanning = 0;
2644
2645 if (ieee80211_hw_config(local))
2646 printk(KERN_DEBUG "%s: failed to restore operational "
2647 "channel after scan\n", dev->name);
2648
2649
2650 netif_tx_lock_bh(local->mdev);
2651 local->filter_flags &= ~FIF_BCN_PRBRESP_PROMISC;
2652 local->ops->configure_filter(local_to_hw(local),
2653 FIF_BCN_PRBRESP_PROMISC,
2654 &local->filter_flags,
2655 local->mdev->mc_count,
2656 local->mdev->mc_list);
2657
2658 netif_tx_unlock_bh(local->mdev);
2659
2660 memset(&wrqu, 0, sizeof(wrqu));
2661 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL);
2662
2663 rcu_read_lock();
2664 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
2665
2666
2667 if (sdata->dev == local->mdev)
2668 continue;
2669
2670 if (sdata->type == IEEE80211_IF_TYPE_STA) {
2671 if (sdata->u.sta.flags & IEEE80211_STA_ASSOCIATED)
2672 ieee80211_send_nullfunc(local, sdata, 0);
2673 ieee80211_sta_timer((unsigned long)sdata);
2674 }
2675
2676 netif_wake_queue(sdata->dev);
2677 }
2678 rcu_read_unlock();
2679
2680 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2681 if (sdata->type == IEEE80211_IF_TYPE_IBSS) {
2682 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2683 if (!(ifsta->flags & IEEE80211_STA_BSSID_SET) ||
2684 (!ifsta->state == IEEE80211_IBSS_JOINED &&
2685 !ieee80211_sta_active_ibss(dev)))
2686 ieee80211_sta_find_ibss(dev, ifsta);
2687 }
2688}
2689EXPORT_SYMBOL(ieee80211_scan_completed);
2690
2691void ieee80211_sta_scan_work(struct work_struct *work)
2692{
2693 struct ieee80211_local *local =
2694 container_of(work, struct ieee80211_local, scan_work.work);
2695 struct net_device *dev = local->scan_dev;
2696 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2697 struct ieee80211_hw_mode *mode;
2698 struct ieee80211_channel *chan;
2699 int skip;
2700 unsigned long next_delay = 0;
2701
2702 if (!local->sta_scanning)
2703 return;
2704
2705 switch (local->scan_state) {
2706 case SCAN_SET_CHANNEL:
2707 mode = local->scan_hw_mode;
2708 if (local->scan_hw_mode->list.next == &local->modes_list &&
2709 local->scan_channel_idx >= mode->num_channels) {
2710 ieee80211_scan_completed(local_to_hw(local));
2711 return;
2712 }
2713 skip = !(local->enabled_modes & (1 << mode->mode));
2714 chan = &mode->channels[local->scan_channel_idx];
2715 if (!(chan->flag & IEEE80211_CHAN_W_SCAN) ||
2716 (sdata->type == IEEE80211_IF_TYPE_IBSS &&
2717 !(chan->flag & IEEE80211_CHAN_W_IBSS)) ||
2718 (local->hw_modes & local->enabled_modes &
2719 (1 << MODE_IEEE80211G) && mode->mode == MODE_IEEE80211B))
2720 skip = 1;
2721
2722 if (!skip) {
2723#if 0
2724 printk(KERN_DEBUG "%s: scan channel %d (%d MHz)\n",
2725 dev->name, chan->chan, chan->freq);
2726#endif
2727
2728 local->scan_channel = chan;
2729 if (ieee80211_hw_config(local)) {
2730 printk(KERN_DEBUG "%s: failed to set channel "
2731 "%d (%d MHz) for scan\n", dev->name,
2732 chan->chan, chan->freq);
2733 skip = 1;
2734 }
2735 }
2736
2737 local->scan_channel_idx++;
2738 if (local->scan_channel_idx >= local->scan_hw_mode->num_channels) {
2739 if (local->scan_hw_mode->list.next != &local->modes_list) {
2740 local->scan_hw_mode = list_entry(local->scan_hw_mode->list.next,
2741 struct ieee80211_hw_mode,
2742 list);
2743 local->scan_channel_idx = 0;
2744 }
2745 }
2746
2747 if (skip)
2748 break;
2749
2750 next_delay = IEEE80211_PROBE_DELAY +
2751 usecs_to_jiffies(local->hw.channel_change_time);
2752 local->scan_state = SCAN_SEND_PROBE;
2753 break;
2754 case SCAN_SEND_PROBE:
2755 if (local->scan_channel->flag & IEEE80211_CHAN_W_ACTIVE_SCAN) {
2756 ieee80211_send_probe_req(dev, NULL, local->scan_ssid,
2757 local->scan_ssid_len);
2758 next_delay = IEEE80211_CHANNEL_TIME;
2759 } else
2760 next_delay = IEEE80211_PASSIVE_CHANNEL_TIME;
2761 local->scan_state = SCAN_SET_CHANNEL;
2762 break;
2763 }
2764
2765 if (local->sta_scanning)
2766 queue_delayed_work(local->hw.workqueue, &local->scan_work,
2767 next_delay);
2768}
2769
2770
2771static int ieee80211_sta_start_scan(struct net_device *dev,
2772 u8 *ssid, size_t ssid_len)
2773{
2774 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2775 struct ieee80211_sub_if_data *sdata;
2776
2777 if (ssid_len > IEEE80211_MAX_SSID_LEN)
2778 return -EINVAL;
2779
2780
2781
2782
2783
2784
2785
2786
2787
2788
2789
2790
2791
2792
2793
2794
2795
2796
2797 if (local->sta_scanning) {
2798 if (local->scan_dev == dev)
2799 return 0;
2800 return -EBUSY;
2801 }
2802
2803 if (local->ops->hw_scan) {
2804 int rc = local->ops->hw_scan(local_to_hw(local),
2805 ssid, ssid_len);
2806 if (!rc) {
2807 local->sta_scanning = 1;
2808 local->scan_dev = dev;
2809 }
2810 return rc;
2811 }
2812
2813 local->sta_scanning = 1;
2814
2815 rcu_read_lock();
2816 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
2817
2818
2819
2820 if (sdata->dev == local->mdev)
2821 continue;
2822
2823 netif_stop_queue(sdata->dev);
2824 if (sdata->type == IEEE80211_IF_TYPE_STA &&
2825 (sdata->u.sta.flags & IEEE80211_STA_ASSOCIATED))
2826 ieee80211_send_nullfunc(local, sdata, 1);
2827 }
2828 rcu_read_unlock();
2829
2830 if (ssid) {
2831 local->scan_ssid_len = ssid_len;
2832 memcpy(local->scan_ssid, ssid, ssid_len);
2833 } else
2834 local->scan_ssid_len = 0;
2835 local->scan_state = SCAN_SET_CHANNEL;
2836 local->scan_hw_mode = list_entry(local->modes_list.next,
2837 struct ieee80211_hw_mode,
2838 list);
2839 local->scan_channel_idx = 0;
2840 local->scan_dev = dev;
2841
2842 netif_tx_lock_bh(local->mdev);
2843 local->filter_flags |= FIF_BCN_PRBRESP_PROMISC;
2844 local->ops->configure_filter(local_to_hw(local),
2845 FIF_BCN_PRBRESP_PROMISC,
2846 &local->filter_flags,
2847 local->mdev->mc_count,
2848 local->mdev->mc_list);
2849 netif_tx_unlock_bh(local->mdev);
2850
2851
2852 queue_delayed_work(local->hw.workqueue, &local->scan_work,
2853 IEEE80211_CHANNEL_TIME);
2854
2855 return 0;
2856}
2857
2858
2859int ieee80211_sta_req_scan(struct net_device *dev, u8 *ssid, size_t ssid_len)
2860{
2861 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2862 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2863 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2864
2865 if (sdata->type != IEEE80211_IF_TYPE_STA)
2866 return ieee80211_sta_start_scan(dev, ssid, ssid_len);
2867
2868 if (local->sta_scanning) {
2869 if (local->scan_dev == dev)
2870 return 0;
2871 return -EBUSY;
2872 }
2873
2874 ifsta->scan_ssid_len = ssid_len;
2875 if (ssid_len)
2876 memcpy(ifsta->scan_ssid, ssid, ssid_len);
2877 set_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request);
2878 queue_work(local->hw.workqueue, &ifsta->work);
2879 return 0;
2880}
2881
2882static char *
2883ieee80211_sta_scan_result(struct net_device *dev,
2884 struct ieee80211_sta_bss *bss,
2885 char *current_ev, char *end_buf)
2886{
2887 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2888 struct iw_event iwe;
2889
2890 if (time_after(jiffies,
2891 bss->last_update + IEEE80211_SCAN_RESULT_EXPIRE))
2892 return current_ev;
2893
2894 if (!(local->enabled_modes & (1 << bss->hw_mode)))
2895 return current_ev;
2896
2897 if (local->scan_flags & IEEE80211_SCAN_WPA_ONLY &&
2898 !bss->wpa_ie && !bss->rsn_ie)
2899 return current_ev;
2900
2901 if (local->scan_flags & IEEE80211_SCAN_MATCH_SSID &&
2902 (local->scan_ssid_len != bss->ssid_len ||
2903 memcmp(local->scan_ssid, bss->ssid, bss->ssid_len) != 0))
2904 return current_ev;
2905
2906 memset(&iwe, 0, sizeof(iwe));
2907 iwe.cmd = SIOCGIWAP;
2908 iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
2909 memcpy(iwe.u.ap_addr.sa_data, bss->bssid, ETH_ALEN);
2910 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
2911 IW_EV_ADDR_LEN);
2912
2913 memset(&iwe, 0, sizeof(iwe));
2914 iwe.cmd = SIOCGIWESSID;
2915 iwe.u.data.length = bss->ssid_len;
2916 iwe.u.data.flags = 1;
2917 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
2918 bss->ssid);
2919
2920 if (bss->capability & (WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_IBSS)) {
2921 memset(&iwe, 0, sizeof(iwe));
2922 iwe.cmd = SIOCGIWMODE;
2923 if (bss->capability & WLAN_CAPABILITY_ESS)
2924 iwe.u.mode = IW_MODE_MASTER;
2925 else
2926 iwe.u.mode = IW_MODE_ADHOC;
2927 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
2928 IW_EV_UINT_LEN);
2929 }
2930
2931 memset(&iwe, 0, sizeof(iwe));
2932 iwe.cmd = SIOCGIWFREQ;
2933 iwe.u.freq.m = bss->channel;
2934 iwe.u.freq.e = 0;
2935 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
2936 IW_EV_FREQ_LEN);
2937 iwe.u.freq.m = bss->freq * 100000;
2938 iwe.u.freq.e = 1;
2939 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
2940 IW_EV_FREQ_LEN);
2941
2942 memset(&iwe, 0, sizeof(iwe));
2943 iwe.cmd = IWEVQUAL;
2944 iwe.u.qual.qual = bss->signal;
2945 iwe.u.qual.level = bss->rssi;
2946 iwe.u.qual.noise = bss->noise;
2947 iwe.u.qual.updated = local->wstats_flags;
2948 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
2949 IW_EV_QUAL_LEN);
2950
2951 memset(&iwe, 0, sizeof(iwe));
2952 iwe.cmd = SIOCGIWENCODE;
2953 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
2954 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
2955 else
2956 iwe.u.data.flags = IW_ENCODE_DISABLED;
2957 iwe.u.data.length = 0;
2958 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe, "");
2959
2960 if (bss && bss->wpa_ie) {
2961 memset(&iwe, 0, sizeof(iwe));
2962 iwe.cmd = IWEVGENIE;
2963 iwe.u.data.length = bss->wpa_ie_len;
2964 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
2965 bss->wpa_ie);
2966 }
2967
2968 if (bss && bss->rsn_ie) {
2969 memset(&iwe, 0, sizeof(iwe));
2970 iwe.cmd = IWEVGENIE;
2971 iwe.u.data.length = bss->rsn_ie_len;
2972 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
2973 bss->rsn_ie);
2974 }
2975
2976 if (bss && bss->supp_rates_len > 0) {
2977
2978 char *p = current_ev + IW_EV_LCP_LEN;
2979 int i;
2980
2981 memset(&iwe, 0, sizeof(iwe));
2982 iwe.cmd = SIOCGIWRATE;
2983
2984 iwe.u.bitrate.fixed = iwe.u.bitrate.disabled = 0;
2985
2986 for (i = 0; i < bss->supp_rates_len; i++) {
2987 iwe.u.bitrate.value = ((bss->supp_rates[i] &
2988 0x7f) * 500000);
2989 p = iwe_stream_add_value(current_ev, p,
2990 end_buf, &iwe, IW_EV_PARAM_LEN);
2991 }
2992 current_ev = p;
2993 }
2994
2995 if (bss) {
2996 char *buf;
2997 buf = kmalloc(30, GFP_ATOMIC);
2998 if (buf) {
2999 memset(&iwe, 0, sizeof(iwe));
3000 iwe.cmd = IWEVCUSTOM;
3001 sprintf(buf, "tsf=%016llx", (unsigned long long)(bss->timestamp));
3002 iwe.u.data.length = strlen(buf);
3003 current_ev = iwe_stream_add_point(current_ev, end_buf,
3004 &iwe, buf);
3005 kfree(buf);
3006 }
3007 }
3008
3009 do {
3010 char *buf;
3011
3012 if (!(local->scan_flags & IEEE80211_SCAN_EXTRA_INFO))
3013 break;
3014
3015 buf = kmalloc(100, GFP_ATOMIC);
3016 if (!buf)
3017 break;
3018
3019 memset(&iwe, 0, sizeof(iwe));
3020 iwe.cmd = IWEVCUSTOM;
3021 sprintf(buf, "bcn_int=%d", bss->beacon_int);
3022 iwe.u.data.length = strlen(buf);
3023 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
3024 buf);
3025
3026 memset(&iwe, 0, sizeof(iwe));
3027 iwe.cmd = IWEVCUSTOM;
3028 sprintf(buf, "capab=0x%04x", bss->capability);
3029 iwe.u.data.length = strlen(buf);
3030 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
3031 buf);
3032
3033 kfree(buf);
3034 break;
3035 } while (0);
3036
3037 return current_ev;
3038}
3039
3040
3041int ieee80211_sta_scan_results(struct net_device *dev, char *buf, size_t len)
3042{
3043 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3044 char *current_ev = buf;
3045 char *end_buf = buf + len;
3046 struct ieee80211_sta_bss *bss;
3047
3048 spin_lock_bh(&local->sta_bss_lock);
3049 list_for_each_entry(bss, &local->sta_bss_list, list) {
3050 if (buf + len - current_ev <= IW_EV_ADDR_LEN) {
3051 spin_unlock_bh(&local->sta_bss_lock);
3052 return -E2BIG;
3053 }
3054 current_ev = ieee80211_sta_scan_result(dev, bss, current_ev,
3055 end_buf);
3056 }
3057 spin_unlock_bh(&local->sta_bss_lock);
3058 return current_ev - buf;
3059}
3060
3061
3062int ieee80211_sta_set_extra_ie(struct net_device *dev, char *ie, size_t len)
3063{
3064 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3065 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3066 kfree(ifsta->extra_ie);
3067 if (len == 0) {
3068 ifsta->extra_ie = NULL;
3069 ifsta->extra_ie_len = 0;
3070 return 0;
3071 }
3072 ifsta->extra_ie = kmalloc(len, GFP_KERNEL);
3073 if (!ifsta->extra_ie) {
3074 ifsta->extra_ie_len = 0;
3075 return -ENOMEM;
3076 }
3077 memcpy(ifsta->extra_ie, ie, len);
3078 ifsta->extra_ie_len = len;
3079 return 0;
3080}
3081
3082
3083struct sta_info * ieee80211_ibss_add_sta(struct net_device *dev,
3084 struct sk_buff *skb, u8 *bssid,
3085 u8 *addr)
3086{
3087 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3088 struct sta_info *sta;
3089 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3090 DECLARE_MAC_BUF(mac);
3091
3092
3093
3094 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
3095 if (net_ratelimit()) {
3096 printk(KERN_DEBUG "%s: No room for a new IBSS STA "
3097 "entry %s\n", dev->name, print_mac(mac, addr));
3098 }
3099 return NULL;
3100 }
3101
3102 printk(KERN_DEBUG "%s: Adding new IBSS station %s (dev=%s)\n",
3103 wiphy_name(local->hw.wiphy), print_mac(mac, addr), dev->name);
3104
3105 sta = sta_info_add(local, dev, addr, GFP_ATOMIC);
3106 if (!sta)
3107 return NULL;
3108
3109 sta->supp_rates = sdata->u.sta.supp_rates_bits;
3110
3111 rate_control_rate_init(sta, local);
3112
3113 return sta;
3114}
3115
3116
3117int ieee80211_sta_deauthenticate(struct net_device *dev, u16 reason)
3118{
3119 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3120 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3121
3122 printk(KERN_DEBUG "%s: deauthenticate(reason=%d)\n",
3123 dev->name, reason);
3124
3125 if (sdata->type != IEEE80211_IF_TYPE_STA &&
3126 sdata->type != IEEE80211_IF_TYPE_IBSS)
3127 return -EINVAL;
3128
3129 ieee80211_send_deauth(dev, ifsta, reason);
3130 ieee80211_set_disassoc(dev, ifsta, 1);
3131 return 0;
3132}
3133
3134
3135int ieee80211_sta_disassociate(struct net_device *dev, u16 reason)
3136{
3137 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3138 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3139
3140 printk(KERN_DEBUG "%s: disassociate(reason=%d)\n",
3141 dev->name, reason);
3142
3143 if (sdata->type != IEEE80211_IF_TYPE_STA)
3144 return -EINVAL;
3145
3146 if (!(ifsta->flags & IEEE80211_STA_ASSOCIATED))
3147 return -1;
3148
3149 ieee80211_send_disassoc(dev, ifsta, reason);
3150 ieee80211_set_disassoc(dev, ifsta, 0);
3151 return 0;
3152}
3153
