add wl-500w diag support (untested, based on patch from #1298)
[openwrt.git] / package / d80211 / src / ieee80211_sta.c
1 /*
2 * BSS client mode implementation
3 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
4 * Copyright 2004, Instant802 Networks, Inc.
5 * Copyright 2005, Devicescape Software, Inc.
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
10 */
11
12 /* TODO:
13 * BSS table: use <BSSID,SSID> as the key to support multi-SSID APs
14 * order BSS list by RSSI(?) ("quality of AP")
15 * scan result table filtering (by capability (privacy, IBSS/BSS, WPA/RSN IE,
16 * SSID)
17 */
18 #include <linux/if_ether.h>
19 #include <linux/skbuff.h>
20 #include <linux/netdevice.h>
21 #include <linux/if_arp.h>
22 #include <linux/wireless.h>
23 #include <linux/random.h>
24 #include <net/iw_handler.h>
25 #include <asm/types.h>
26 #include <asm/delay.h>
27
28 #include <net/d80211.h>
29 #include "ieee80211_i.h"
30 #include "ieee80211_rate.h"
31 #include "hostapd_ioctl.h"
32
33 #define IEEE80211_AUTH_TIMEOUT (HZ / 5)
34 #define IEEE80211_AUTH_MAX_TRIES 3
35 #define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
36 #define IEEE80211_ASSOC_MAX_TRIES 3
37 #define IEEE80211_MONITORING_INTERVAL (2 * HZ)
38 #define IEEE80211_PROBE_INTERVAL (60 * HZ)
39 #define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ)
40 #define IEEE80211_SCAN_INTERVAL (2 * HZ)
41 #define IEEE80211_SCAN_INTERVAL_SLOW (15 * HZ)
42 #define IEEE80211_IBSS_JOIN_TIMEOUT (20 * HZ)
43
44 #define IEEE80211_PROBE_DELAY (HZ / 33)
45 #define IEEE80211_CHANNEL_TIME (HZ / 33)
46 #define IEEE80211_PASSIVE_CHANNEL_TIME (HZ / 5)
47 #define IEEE80211_SCAN_RESULT_EXPIRE (10 * HZ)
48 #define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
49 #define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
50
51 #define IEEE80211_IBSS_MAX_STA_ENTRIES 128
52
53
54 #define IEEE80211_FC(type, stype) cpu_to_le16(type | stype)
55
56 #define ERP_INFO_USE_PROTECTION BIT(1)
57
58 static void ieee80211_send_probe_req(struct net_device *dev, u8 *dst,
59 u8 *ssid, size_t ssid_len);
60 static struct ieee80211_sta_bss *
61 ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid);
62 static void ieee80211_rx_bss_put(struct net_device *dev,
63 struct ieee80211_sta_bss *bss);
64 static int ieee80211_sta_find_ibss(struct net_device *dev,
65 struct ieee80211_if_sta *ifsta);
66 static int ieee80211_sta_wep_configured(struct net_device *dev);
67
68
69 /* Parsed Information Elements */
70 struct ieee802_11_elems {
71 u8 *ssid;
72 u8 ssid_len;
73 u8 *supp_rates;
74 u8 supp_rates_len;
75 u8 *fh_params;
76 u8 fh_params_len;
77 u8 *ds_params;
78 u8 ds_params_len;
79 u8 *cf_params;
80 u8 cf_params_len;
81 u8 *tim;
82 u8 tim_len;
83 u8 *ibss_params;
84 u8 ibss_params_len;
85 u8 *challenge;
86 u8 challenge_len;
87 u8 *wpa;
88 u8 wpa_len;
89 u8 *rsn;
90 u8 rsn_len;
91 u8 *erp_info;
92 u8 erp_info_len;
93 u8 *ext_supp_rates;
94 u8 ext_supp_rates_len;
95 u8 *wmm_info;
96 u8 wmm_info_len;
97 u8 *wmm_param;
98 u8 wmm_param_len;
99 };
100
101 typedef enum { ParseOK = 0, ParseUnknown = 1, ParseFailed = -1 } ParseRes;
102
103
104 static ParseRes ieee802_11_parse_elems(u8 *start, size_t len,
105 struct ieee802_11_elems *elems)
106 {
107 size_t left = len;
108 u8 *pos = start;
109 int unknown = 0;
110
111 memset(elems, 0, sizeof(*elems));
112
113 while (left >= 2) {
114 u8 id, elen;
115
116 id = *pos++;
117 elen = *pos++;
118 left -= 2;
119
120 if (elen > left) {
121 #if 0
122 if (net_ratelimit())
123 printk(KERN_DEBUG "IEEE 802.11 element parse "
124 "failed (id=%d elen=%d left=%d)\n",
125 id, elen, left);
126 #endif
127 return ParseFailed;
128 }
129
130 switch (id) {
131 case WLAN_EID_SSID:
132 elems->ssid = pos;
133 elems->ssid_len = elen;
134 break;
135 case WLAN_EID_SUPP_RATES:
136 elems->supp_rates = pos;
137 elems->supp_rates_len = elen;
138 break;
139 case WLAN_EID_FH_PARAMS:
140 elems->fh_params = pos;
141 elems->fh_params_len = elen;
142 break;
143 case WLAN_EID_DS_PARAMS:
144 elems->ds_params = pos;
145 elems->ds_params_len = elen;
146 break;
147 case WLAN_EID_CF_PARAMS:
148 elems->cf_params = pos;
149 elems->cf_params_len = elen;
150 break;
151 case WLAN_EID_TIM:
152 elems->tim = pos;
153 elems->tim_len = elen;
154 break;
155 case WLAN_EID_IBSS_PARAMS:
156 elems->ibss_params = pos;
157 elems->ibss_params_len = elen;
158 break;
159 case WLAN_EID_CHALLENGE:
160 elems->challenge = pos;
161 elems->challenge_len = elen;
162 break;
163 case WLAN_EID_WPA:
164 if (elen >= 4 && pos[0] == 0x00 && pos[1] == 0x50 &&
165 pos[2] == 0xf2) {
166 /* Microsoft OUI (00:50:F2) */
167 if (pos[3] == 1) {
168 /* OUI Type 1 - WPA IE */
169 elems->wpa = pos;
170 elems->wpa_len = elen;
171 } else if (elen >= 5 && pos[3] == 2) {
172 if (pos[4] == 0) {
173 elems->wmm_info = pos;
174 elems->wmm_info_len = elen;
175 } else if (pos[4] == 1) {
176 elems->wmm_param = pos;
177 elems->wmm_param_len = elen;
178 }
179 }
180 }
181 break;
182 case WLAN_EID_RSN:
183 elems->rsn = pos;
184 elems->rsn_len = elen;
185 break;
186 case WLAN_EID_ERP_INFO:
187 elems->erp_info = pos;
188 elems->erp_info_len = elen;
189 break;
190 case WLAN_EID_EXT_SUPP_RATES:
191 elems->ext_supp_rates = pos;
192 elems->ext_supp_rates_len = elen;
193 break;
194 default:
195 #if 0
196 printk(KERN_DEBUG "IEEE 802.11 element parse ignored "
197 "unknown element (id=%d elen=%d)\n",
198 id, elen);
199 #endif
200 unknown++;
201 break;
202 }
203
204 left -= elen;
205 pos += elen;
206 }
207
208 /* Do not trigger error if left == 1 as Apple Airport base stations
209 * send AssocResps that are one spurious byte too long. */
210
211 return unknown ? ParseUnknown : ParseOK;
212 }
213
214
215
216
217 static int ecw2cw(int ecw)
218 {
219 int cw = 1;
220 while (ecw > 0) {
221 cw <<= 1;
222 ecw--;
223 }
224 return cw - 1;
225 }
226
227
228 static void ieee80211_sta_wmm_params(struct net_device *dev,
229 struct ieee80211_if_sta *ifsta,
230 u8 *wmm_param, size_t wmm_param_len)
231 {
232 struct ieee80211_local *local = dev->ieee80211_ptr;
233 struct ieee80211_tx_queue_params params;
234 size_t left;
235 int count;
236 u8 *pos;
237
238 if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1)
239 return;
240 count = wmm_param[6] & 0x0f;
241 if (count == ifsta->wmm_last_param_set)
242 return;
243 ifsta->wmm_last_param_set = count;
244
245 pos = wmm_param + 8;
246 left = wmm_param_len - 8;
247
248 memset(&params, 0, sizeof(params));
249
250 if (!local->ops->conf_tx)
251 return;
252
253 local->wmm_acm = 0;
254 for (; left >= 4; left -= 4, pos += 4) {
255 int aci = (pos[0] >> 5) & 0x03;
256 int acm = (pos[0] >> 4) & 0x01;
257 int queue;
258
259 switch (aci) {
260 case 1:
261 queue = IEEE80211_TX_QUEUE_DATA3;
262 if (acm) {
263 local->wmm_acm |= BIT(1) | BIT(2);
264 }
265 break;
266 case 2:
267 queue = IEEE80211_TX_QUEUE_DATA1;
268 if (acm) {
269 local->wmm_acm |= BIT(4) | BIT(5);
270 }
271 break;
272 case 3:
273 queue = IEEE80211_TX_QUEUE_DATA0;
274 if (acm) {
275 local->wmm_acm |= BIT(6) | BIT(7);
276 }
277 break;
278 case 0:
279 default:
280 queue = IEEE80211_TX_QUEUE_DATA2;
281 if (acm) {
282 local->wmm_acm |= BIT(0) | BIT(3);
283 }
284 break;
285 }
286
287 params.aifs = pos[0] & 0x0f;
288 params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4);
289 params.cw_min = ecw2cw(pos[1] & 0x0f);
290 /* TXOP is in units of 32 usec; burst_time in 0.1 ms */
291 params.burst_time = (pos[2] | (pos[3] << 8)) * 32 / 100;
292 printk(KERN_DEBUG "%s: WMM queue=%d aci=%d acm=%d aifs=%d "
293 "cWmin=%d cWmax=%d burst=%d\n",
294 dev->name, queue, aci, acm, params.aifs, params.cw_min,
295 params.cw_max, params.burst_time);
296 /* TODO: handle ACM (block TX, fallback to next lowest allowed
297 * AC for now) */
298 if (local->ops->conf_tx(local_to_hw(local), queue, &params)) {
299 printk(KERN_DEBUG "%s: failed to set TX queue "
300 "parameters for queue %d\n", dev->name, queue);
301 }
302 }
303 }
304
305
306 static void ieee80211_sta_send_associnfo(struct net_device *dev,
307 struct ieee80211_if_sta *ifsta)
308 {
309 char *buf;
310 size_t len;
311 int i;
312 union iwreq_data wrqu;
313
314 if (!ifsta->assocreq_ies && !ifsta->assocresp_ies)
315 return;
316
317 buf = kmalloc(50 + 2 * (ifsta->assocreq_ies_len +
318 ifsta->assocresp_ies_len), GFP_ATOMIC);
319 if (!buf)
320 return;
321
322 len = sprintf(buf, "ASSOCINFO(");
323 if (ifsta->assocreq_ies) {
324 len += sprintf(buf + len, "ReqIEs=");
325 for (i = 0; i < ifsta->assocreq_ies_len; i++) {
326 len += sprintf(buf + len, "%02x",
327 ifsta->assocreq_ies[i]);
328 }
329 }
330 if (ifsta->assocresp_ies) {
331 if (ifsta->assocreq_ies)
332 len += sprintf(buf + len, " ");
333 len += sprintf(buf + len, "RespIEs=");
334 for (i = 0; i < ifsta->assocresp_ies_len; i++) {
335 len += sprintf(buf + len, "%02x",
336 ifsta->assocresp_ies[i]);
337 }
338 }
339 len += sprintf(buf + len, ")");
340
341 if (len > IW_CUSTOM_MAX) {
342 len = sprintf(buf, "ASSOCRESPIE=");
343 for (i = 0; i < ifsta->assocresp_ies_len; i++) {
344 len += sprintf(buf + len, "%02x",
345 ifsta->assocresp_ies[i]);
346 }
347 }
348
349 memset(&wrqu, 0, sizeof(wrqu));
350 wrqu.data.length = len;
351 wireless_send_event(dev, IWEVCUSTOM, &wrqu, buf);
352
353 kfree(buf);
354 }
355
356
357 static void ieee80211_set_associated(struct net_device *dev,
358 struct ieee80211_if_sta *ifsta, int assoc)
359 {
360 union iwreq_data wrqu;
361
362 if (ifsta->associated == assoc)
363 return;
364
365 ifsta->associated = assoc;
366
367 if (assoc) {
368 struct ieee80211_sub_if_data *sdata;
369 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
370 if (sdata->type != IEEE80211_IF_TYPE_STA)
371 return;
372 ifsta->prev_bssid_set = 1;
373 memcpy(ifsta->prev_bssid, sdata->u.sta.bssid, ETH_ALEN);
374 memcpy(wrqu.ap_addr.sa_data, sdata->u.sta.bssid, ETH_ALEN);
375 ieee80211_sta_send_associnfo(dev, ifsta);
376 } else {
377 memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
378 }
379 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
380 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
381 ifsta->last_probe = jiffies;
382 }
383
384 static void ieee80211_set_disassoc(struct net_device *dev,
385 struct ieee80211_if_sta *ifsta, int deauth)
386 {
387 if (deauth)
388 ifsta->auth_tries = 0;
389 ifsta->assoc_tries = 0;
390 ieee80211_set_associated(dev, ifsta, 0);
391 }
392
393 static void ieee80211_sta_tx(struct net_device *dev, struct sk_buff *skb,
394 int encrypt)
395 {
396 struct ieee80211_sub_if_data *sdata;
397 struct ieee80211_tx_packet_data *pkt_data;
398
399 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
400 skb->dev = sdata->local->mdev;
401 skb->mac.raw = skb->nh.raw = skb->h.raw = skb->data;
402
403 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb;
404 memset(pkt_data, 0, sizeof(struct ieee80211_tx_packet_data));
405 pkt_data->ifindex = sdata->dev->ifindex;
406 pkt_data->mgmt_iface = (sdata->type == IEEE80211_IF_TYPE_MGMT);
407 pkt_data->do_not_encrypt = !encrypt;
408
409 dev_queue_xmit(skb);
410 }
411
412
413 static void ieee80211_send_auth(struct net_device *dev,
414 struct ieee80211_if_sta *ifsta,
415 int transaction, u8 *extra, size_t extra_len,
416 int encrypt)
417 {
418 struct sk_buff *skb;
419 struct ieee80211_mgmt *mgmt;
420
421 skb = dev_alloc_skb(sizeof(*mgmt) + 6 + extra_len);
422 if (!skb) {
423 printk(KERN_DEBUG "%s: failed to allocate buffer for auth "
424 "frame\n", dev->name);
425 return;
426 }
427
428 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24 + 6);
429 memset(mgmt, 0, 24 + 6);
430 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
431 IEEE80211_STYPE_AUTH);
432 if (encrypt)
433 mgmt->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
434 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
435 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
436 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
437 mgmt->u.auth.auth_alg = cpu_to_le16(ifsta->auth_alg);
438 mgmt->u.auth.auth_transaction = cpu_to_le16(transaction);
439 ifsta->auth_transaction = transaction + 1;
440 mgmt->u.auth.status_code = cpu_to_le16(0);
441 if (extra)
442 memcpy(skb_put(skb, extra_len), extra, extra_len);
443
444 ieee80211_sta_tx(dev, skb, encrypt);
445 }
446
447
448 static void ieee80211_authenticate(struct net_device *dev,
449 struct ieee80211_if_sta *ifsta)
450 {
451 ifsta->auth_tries++;
452 if (ifsta->auth_tries > IEEE80211_AUTH_MAX_TRIES) {
453 printk(KERN_DEBUG "%s: authentication with AP " MAC_FMT
454 " timed out\n",
455 dev->name, MAC_ARG(ifsta->bssid));
456 return;
457 }
458
459 ifsta->state = IEEE80211_AUTHENTICATE;
460 printk(KERN_DEBUG "%s: authenticate with AP " MAC_FMT "\n",
461 dev->name, MAC_ARG(ifsta->bssid));
462
463 ieee80211_send_auth(dev, ifsta, 1, NULL, 0, 0);
464
465 schedule_delayed_work(&ifsta->work, IEEE80211_AUTH_TIMEOUT);
466 }
467
468
469 static void ieee80211_send_assoc(struct net_device *dev,
470 struct ieee80211_if_sta *ifsta)
471 {
472 struct ieee80211_local *local = dev->ieee80211_ptr;
473 struct sk_buff *skb;
474 struct ieee80211_mgmt *mgmt;
475 u8 *pos, *ies;
476 int i, len;
477 u16 capab;
478 struct ieee80211_sta_bss *bss;
479 int wmm = 0;
480
481 skb = dev_alloc_skb(sizeof(*mgmt) + 200 + ifsta->extra_ie_len +
482 ifsta->ssid_len);
483 if (!skb) {
484 printk(KERN_DEBUG "%s: failed to allocate buffer for assoc "
485 "frame\n", dev->name);
486 return;
487 }
488
489 capab = ifsta->capab;
490 if (local->hw.conf.phymode == MODE_IEEE80211G) {
491 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME |
492 WLAN_CAPABILITY_SHORT_PREAMBLE;
493 }
494 bss = ieee80211_rx_bss_get(dev, ifsta->bssid);
495 if (bss) {
496 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
497 capab |= WLAN_CAPABILITY_PRIVACY;
498 if (bss->wmm_ie) {
499 wmm = 1;
500 }
501 ieee80211_rx_bss_put(dev, bss);
502 }
503
504 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
505 memset(mgmt, 0, 24);
506 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
507 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
508 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
509
510 if (ifsta->prev_bssid_set) {
511 skb_put(skb, 10);
512 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
513 IEEE80211_STYPE_REASSOC_REQ);
514 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
515 mgmt->u.reassoc_req.listen_interval = cpu_to_le16(1);
516 memcpy(mgmt->u.reassoc_req.current_ap, ifsta->prev_bssid,
517 ETH_ALEN);
518 } else {
519 skb_put(skb, 4);
520 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
521 IEEE80211_STYPE_ASSOC_REQ);
522 mgmt->u.assoc_req.capab_info = cpu_to_le16(capab);
523 mgmt->u.assoc_req.listen_interval = cpu_to_le16(1);
524 }
525
526 /* SSID */
527 ies = pos = skb_put(skb, 2 + ifsta->ssid_len);
528 *pos++ = WLAN_EID_SSID;
529 *pos++ = ifsta->ssid_len;
530 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
531
532 len = local->num_curr_rates;
533 if (len > 8)
534 len = 8;
535 pos = skb_put(skb, len + 2);
536 *pos++ = WLAN_EID_SUPP_RATES;
537 *pos++ = len;
538 for (i = 0; i < len; i++) {
539 int rate = local->curr_rates[i].rate;
540 if (local->hw.conf.phymode == MODE_ATHEROS_TURBO)
541 rate /= 2;
542 *pos++ = (u8) (rate / 5);
543 }
544
545 if (local->num_curr_rates > len) {
546 pos = skb_put(skb, local->num_curr_rates - len + 2);
547 *pos++ = WLAN_EID_EXT_SUPP_RATES;
548 *pos++ = local->num_curr_rates - len;
549 for (i = len; i < local->num_curr_rates; i++) {
550 int rate = local->curr_rates[i].rate;
551 if (local->hw.conf.phymode == MODE_ATHEROS_TURBO)
552 rate /= 2;
553 *pos++ = (u8) (rate / 5);
554 }
555 }
556
557 if (ifsta->extra_ie) {
558 pos = skb_put(skb, ifsta->extra_ie_len);
559 memcpy(pos, ifsta->extra_ie, ifsta->extra_ie_len);
560 }
561
562 if (wmm && ifsta->wmm_enabled) {
563 pos = skb_put(skb, 9);
564 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
565 *pos++ = 7; /* len */
566 *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */
567 *pos++ = 0x50;
568 *pos++ = 0xf2;
569 *pos++ = 2; /* WME */
570 *pos++ = 0; /* WME info */
571 *pos++ = 1; /* WME ver */
572 *pos++ = 0;
573 }
574
575 kfree(ifsta->assocreq_ies);
576 ifsta->assocreq_ies_len = (skb->data + skb->len) - ies;
577 ifsta->assocreq_ies = kmalloc(ifsta->assocreq_ies_len, GFP_ATOMIC);
578 if (ifsta->assocreq_ies)
579 memcpy(ifsta->assocreq_ies, ies, ifsta->assocreq_ies_len);
580
581 ieee80211_sta_tx(dev, skb, 0);
582 }
583
584
585 static void ieee80211_send_deauth(struct net_device *dev,
586 struct ieee80211_if_sta *ifsta, u16 reason)
587 {
588 struct sk_buff *skb;
589 struct ieee80211_mgmt *mgmt;
590
591 skb = dev_alloc_skb(sizeof(*mgmt));
592 if (!skb) {
593 printk(KERN_DEBUG "%s: failed to allocate buffer for deauth "
594 "frame\n", dev->name);
595 return;
596 }
597
598 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
599 memset(mgmt, 0, 24);
600 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
601 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
602 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
603 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
604 IEEE80211_STYPE_DEAUTH);
605 skb_put(skb, 2);
606 mgmt->u.deauth.reason_code = cpu_to_le16(reason);
607
608 ieee80211_sta_tx(dev, skb, 0);
609 }
610
611
612 static void ieee80211_send_disassoc(struct net_device *dev,
613 struct ieee80211_if_sta *ifsta, u16 reason)
614 {
615 struct sk_buff *skb;
616 struct ieee80211_mgmt *mgmt;
617
618 skb = dev_alloc_skb(sizeof(*mgmt));
619 if (!skb) {
620 printk(KERN_DEBUG "%s: failed to allocate buffer for disassoc "
621 "frame\n", dev->name);
622 return;
623 }
624
625 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
626 memset(mgmt, 0, 24);
627 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
628 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
629 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
630 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
631 IEEE80211_STYPE_DISASSOC);
632 skb_put(skb, 2);
633 mgmt->u.disassoc.reason_code = cpu_to_le16(reason);
634
635 ieee80211_sta_tx(dev, skb, 0);
636 }
637
638
639 static int ieee80211_privacy_mismatch(struct net_device *dev,
640 struct ieee80211_if_sta *ifsta)
641 {
642 struct ieee80211_sta_bss *bss;
643 int res = 0;
644
645 if (!ifsta || ifsta->mixed_cell ||
646 ifsta->key_mgmt != IEEE80211_KEY_MGMT_NONE)
647 return 0;
648
649 bss = ieee80211_rx_bss_get(dev, ifsta->bssid);
650 if (!bss)
651 return 0;
652
653 if (ieee80211_sta_wep_configured(dev) !=
654 !!(bss->capability & WLAN_CAPABILITY_PRIVACY))
655 res = 1;
656
657 ieee80211_rx_bss_put(dev, bss);
658
659 return res;
660 }
661
662
663 static void ieee80211_associate(struct net_device *dev,
664 struct ieee80211_if_sta *ifsta)
665 {
666 ifsta->assoc_tries++;
667 if (ifsta->assoc_tries > IEEE80211_ASSOC_MAX_TRIES) {
668 printk(KERN_DEBUG "%s: association with AP " MAC_FMT
669 " timed out\n",
670 dev->name, MAC_ARG(ifsta->bssid));
671 return;
672 }
673
674 ifsta->state = IEEE80211_ASSOCIATE;
675 printk(KERN_DEBUG "%s: associate with AP " MAC_FMT "\n",
676 dev->name, MAC_ARG(ifsta->bssid));
677 if (ieee80211_privacy_mismatch(dev, ifsta)) {
678 printk(KERN_DEBUG "%s: mismatch in privacy configuration and "
679 "mixed-cell disabled - abort association\n", dev->name);
680 return;
681 }
682
683 ieee80211_send_assoc(dev, ifsta);
684
685 schedule_delayed_work(&ifsta->work, IEEE80211_ASSOC_TIMEOUT);
686 }
687
688
689 static void ieee80211_associated(struct net_device *dev,
690 struct ieee80211_if_sta *ifsta)
691 {
692 struct ieee80211_local *local = dev->ieee80211_ptr;
693 struct sta_info *sta;
694 int disassoc;
695
696 /* TODO: start monitoring current AP signal quality and number of
697 * missed beacons. Scan other channels every now and then and search
698 * for better APs. */
699 /* TODO: remove expired BSSes */
700
701 ifsta->state = IEEE80211_ASSOCIATED;
702
703 sta = sta_info_get(local, ifsta->bssid);
704 if (!sta) {
705 printk(KERN_DEBUG "%s: No STA entry for own AP " MAC_FMT "\n",
706 dev->name, MAC_ARG(ifsta->bssid));
707 disassoc = 1;
708 } else {
709 disassoc = 0;
710 if (time_after(jiffies,
711 sta->last_rx + IEEE80211_MONITORING_INTERVAL)) {
712 if (ifsta->probereq_poll) {
713 printk(KERN_DEBUG "%s: No ProbeResp from "
714 "current AP " MAC_FMT " - assume out of "
715 "range\n",
716 dev->name, MAC_ARG(ifsta->bssid));
717 disassoc = 1;
718 sta_info_free(sta, 0);
719 ifsta->probereq_poll = 0;
720 } else {
721 ieee80211_send_probe_req(dev, ifsta->bssid,
722 local->scan_ssid,
723 local->scan_ssid_len);
724 ifsta->probereq_poll = 1;
725 }
726 } else {
727 ifsta->probereq_poll = 0;
728 if (time_after(jiffies, ifsta->last_probe +
729 IEEE80211_PROBE_INTERVAL)) {
730 ifsta->last_probe = jiffies;
731 ieee80211_send_probe_req(dev, ifsta->bssid,
732 ifsta->ssid,
733 ifsta->ssid_len);
734 }
735 }
736 sta_info_put(sta);
737 }
738 if (disassoc) {
739 union iwreq_data wrqu;
740 memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
741 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
742 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
743 schedule_delayed_work(&ifsta->work,
744 IEEE80211_MONITORING_INTERVAL + 30 * HZ);
745 } else {
746 schedule_delayed_work(&ifsta->work,
747 IEEE80211_MONITORING_INTERVAL);
748 }
749 }
750
751
752 static void ieee80211_send_probe_req(struct net_device *dev, u8 *dst,
753 u8 *ssid, size_t ssid_len)
754 {
755 struct ieee80211_local *local = dev->ieee80211_ptr;
756 struct sk_buff *skb;
757 struct ieee80211_mgmt *mgmt;
758 u8 *pos, *supp_rates, *esupp_rates = NULL;
759 int i;
760
761 skb = dev_alloc_skb(sizeof(*mgmt) + 200);
762 if (!skb) {
763 printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
764 "request\n", dev->name);
765 return;
766 }
767
768 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
769 memset(mgmt, 0, 24);
770 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
771 IEEE80211_STYPE_PROBE_REQ);
772 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
773 if (dst) {
774 memcpy(mgmt->da, dst, ETH_ALEN);
775 memcpy(mgmt->bssid, dst, ETH_ALEN);
776 } else {
777 memset(mgmt->da, 0xff, ETH_ALEN);
778 memset(mgmt->bssid, 0xff, ETH_ALEN);
779 }
780 pos = skb_put(skb, 2 + ssid_len);
781 *pos++ = WLAN_EID_SSID;
782 *pos++ = ssid_len;
783 memcpy(pos, ssid, ssid_len);
784
785 supp_rates = skb_put(skb, 2);
786 supp_rates[0] = WLAN_EID_SUPP_RATES;
787 supp_rates[1] = 0;
788 for (i = 0; i < local->num_curr_rates; i++) {
789 struct ieee80211_rate *rate = &local->curr_rates[i];
790 if (!(rate->flags & IEEE80211_RATE_SUPPORTED))
791 continue;
792 if (esupp_rates) {
793 pos = skb_put(skb, 1);
794 esupp_rates[1]++;
795 } else if (supp_rates[1] == 8) {
796 esupp_rates = skb_put(skb, 3);
797 esupp_rates[0] = WLAN_EID_EXT_SUPP_RATES;
798 esupp_rates[1] = 1;
799 pos = &esupp_rates[2];
800 } else {
801 pos = skb_put(skb, 1);
802 supp_rates[1]++;
803 }
804 if (local->hw.conf.phymode == MODE_ATHEROS_TURBO)
805 *pos = rate->rate / 10;
806 else
807 *pos = rate->rate / 5;
808 }
809
810 ieee80211_sta_tx(dev, skb, 0);
811 }
812
813
814 static int ieee80211_sta_wep_configured(struct net_device *dev)
815 {
816 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
817 if (!sdata || !sdata->default_key ||
818 sdata->default_key->alg != ALG_WEP)
819 return 0;
820 return 1;
821 }
822
823
824 static void ieee80211_auth_completed(struct net_device *dev,
825 struct ieee80211_if_sta *ifsta)
826 {
827 printk(KERN_DEBUG "%s: authenticated\n", dev->name);
828 ifsta->authenticated = 1;
829 ieee80211_associate(dev, ifsta);
830 }
831
832
833 static void ieee80211_auth_challenge(struct net_device *dev,
834 struct ieee80211_if_sta *ifsta,
835 struct ieee80211_mgmt *mgmt,
836 size_t len,
837 struct ieee80211_rx_status *rx_status)
838 {
839 u8 *pos;
840 struct ieee802_11_elems elems;
841
842 printk(KERN_DEBUG "%s: replying to auth challenge\n", dev->name);
843 pos = mgmt->u.auth.variable;
844 if (ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems)
845 == ParseFailed) {
846 printk(KERN_DEBUG "%s: failed to parse Auth(challenge)\n",
847 dev->name);
848 return;
849 }
850 if (!elems.challenge) {
851 printk(KERN_DEBUG "%s: no challenge IE in shared key auth "
852 "frame\n", dev->name);
853 return;
854 }
855 ieee80211_send_auth(dev, ifsta, 3, elems.challenge - 2,
856 elems.challenge_len + 2, 1);
857 }
858
859
860 static void ieee80211_rx_mgmt_auth(struct net_device *dev,
861 struct ieee80211_if_sta *ifsta,
862 struct ieee80211_mgmt *mgmt,
863 size_t len,
864 struct ieee80211_rx_status *rx_status)
865 {
866 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
867 u16 auth_alg, auth_transaction, status_code;
868
869 if (ifsta->state != IEEE80211_AUTHENTICATE &&
870 sdata->type != IEEE80211_IF_TYPE_IBSS) {
871 printk(KERN_DEBUG "%s: authentication frame received from "
872 MAC_FMT ", but not in authenticate state - ignored\n",
873 dev->name, MAC_ARG(mgmt->sa));
874 return;
875 }
876
877 if (len < 24 + 6) {
878 printk(KERN_DEBUG "%s: too short (%zd) authentication frame "
879 "received from " MAC_FMT " - ignored\n",
880 dev->name, len, MAC_ARG(mgmt->sa));
881 return;
882 }
883
884 if (sdata->type != IEEE80211_IF_TYPE_IBSS &&
885 memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
886 printk(KERN_DEBUG "%s: authentication frame received from "
887 "unknown AP (SA=" MAC_FMT " BSSID=" MAC_FMT ") - "
888 "ignored\n", dev->name, MAC_ARG(mgmt->sa),
889 MAC_ARG(mgmt->bssid));
890 return;
891 }
892
893 if (sdata->type != IEEE80211_IF_TYPE_IBSS &&
894 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0) {
895 printk(KERN_DEBUG "%s: authentication frame received from "
896 "unknown BSSID (SA=" MAC_FMT " BSSID=" MAC_FMT ") - "
897 "ignored\n", dev->name, MAC_ARG(mgmt->sa),
898 MAC_ARG(mgmt->bssid));
899 return;
900 }
901
902 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
903 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
904 status_code = le16_to_cpu(mgmt->u.auth.status_code);
905
906 printk(KERN_DEBUG "%s: RX authentication from " MAC_FMT " (alg=%d "
907 "transaction=%d status=%d)\n",
908 dev->name, MAC_ARG(mgmt->sa), auth_alg,
909 auth_transaction, status_code);
910
911 if (sdata->type == IEEE80211_IF_TYPE_IBSS) {
912 /* IEEE 802.11 standard does not require authentication in IBSS
913 * networks and most implementations do not seem to use it.
914 * However, try to reply to authentication attempts if someone
915 * has actually implemented this.
916 * TODO: Could implement shared key authentication. */
917 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1) {
918 printk(KERN_DEBUG "%s: unexpected IBSS authentication "
919 "frame (alg=%d transaction=%d)\n",
920 dev->name, auth_alg, auth_transaction);
921 return;
922 }
923 ieee80211_send_auth(dev, ifsta, 2, NULL, 0, 0);
924 }
925
926 if (auth_alg != ifsta->auth_alg ||
927 auth_transaction != ifsta->auth_transaction) {
928 printk(KERN_DEBUG "%s: unexpected authentication frame "
929 "(alg=%d transaction=%d)\n",
930 dev->name, auth_alg, auth_transaction);
931 return;
932 }
933
934 if (status_code != WLAN_STATUS_SUCCESS) {
935 printk(KERN_DEBUG "%s: AP denied authentication (auth_alg=%d "
936 "code=%d)\n", dev->name, ifsta->auth_alg, status_code);
937 if (status_code == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) {
938 u8 algs[3];
939 const int num_algs = ARRAY_SIZE(algs);
940 int i, pos;
941 algs[0] = algs[1] = algs[2] = 0xff;
942 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN)
943 algs[0] = WLAN_AUTH_OPEN;
944 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
945 algs[1] = WLAN_AUTH_SHARED_KEY;
946 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP)
947 algs[2] = WLAN_AUTH_LEAP;
948 if (ifsta->auth_alg == WLAN_AUTH_OPEN)
949 pos = 0;
950 else if (ifsta->auth_alg == WLAN_AUTH_SHARED_KEY)
951 pos = 1;
952 else
953 pos = 2;
954 for (i = 0; i < num_algs; i++) {
955 pos++;
956 if (pos >= num_algs)
957 pos = 0;
958 if (algs[pos] == ifsta->auth_alg ||
959 algs[pos] == 0xff)
960 continue;
961 if (algs[pos] == WLAN_AUTH_SHARED_KEY &&
962 !ieee80211_sta_wep_configured(dev))
963 continue;
964 ifsta->auth_alg = algs[pos];
965 printk(KERN_DEBUG "%s: set auth_alg=%d for "
966 "next try\n",
967 dev->name, ifsta->auth_alg);
968 break;
969 }
970 }
971 return;
972 }
973
974 switch (ifsta->auth_alg) {
975 case WLAN_AUTH_OPEN:
976 case WLAN_AUTH_LEAP:
977 ieee80211_auth_completed(dev, ifsta);
978 break;
979 case WLAN_AUTH_SHARED_KEY:
980 if (ifsta->auth_transaction == 4)
981 ieee80211_auth_completed(dev, ifsta);
982 else
983 ieee80211_auth_challenge(dev, ifsta, mgmt, len,
984 rx_status);
985 break;
986 }
987 }
988
989
990 static void ieee80211_rx_mgmt_deauth(struct net_device *dev,
991 struct ieee80211_if_sta *ifsta,
992 struct ieee80211_mgmt *mgmt,
993 size_t len,
994 struct ieee80211_rx_status *rx_status)
995 {
996 u16 reason_code;
997
998 if (len < 24 + 2) {
999 printk(KERN_DEBUG "%s: too short (%zd) deauthentication frame "
1000 "received from " MAC_FMT " - ignored\n",
1001 dev->name, len, MAC_ARG(mgmt->sa));
1002 return;
1003 }
1004
1005 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1006 printk(KERN_DEBUG "%s: deauthentication frame received from "
1007 "unknown AP (SA=" MAC_FMT " BSSID=" MAC_FMT ") - "
1008 "ignored\n", dev->name, MAC_ARG(mgmt->sa),
1009 MAC_ARG(mgmt->bssid));
1010 return;
1011 }
1012
1013 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code);
1014
1015 printk(KERN_DEBUG "%s: RX deauthentication from " MAC_FMT
1016 " (reason=%d)\n",
1017 dev->name, MAC_ARG(mgmt->sa), reason_code);
1018
1019 if (ifsta->authenticated) {
1020 printk(KERN_DEBUG "%s: deauthenticated\n", dev->name);
1021 }
1022
1023 if (ifsta->state == IEEE80211_AUTHENTICATE ||
1024 ifsta->state == IEEE80211_ASSOCIATE ||
1025 ifsta->state == IEEE80211_ASSOCIATED) {
1026 ifsta->state = IEEE80211_AUTHENTICATE;
1027 schedule_delayed_work(&ifsta->work,
1028 IEEE80211_RETRY_AUTH_INTERVAL);
1029 }
1030
1031 ieee80211_set_disassoc(dev, ifsta, 1);
1032 ifsta->authenticated = 0;
1033 }
1034
1035
1036 static void ieee80211_rx_mgmt_disassoc(struct net_device *dev,
1037 struct ieee80211_if_sta *ifsta,
1038 struct ieee80211_mgmt *mgmt,
1039 size_t len,
1040 struct ieee80211_rx_status *rx_status)
1041 {
1042 u16 reason_code;
1043
1044 if (len < 24 + 2) {
1045 printk(KERN_DEBUG "%s: too short (%zd) disassociation frame "
1046 "received from " MAC_FMT " - ignored\n",
1047 dev->name, len, MAC_ARG(mgmt->sa));
1048 return;
1049 }
1050
1051 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1052 printk(KERN_DEBUG "%s: disassociation frame received from "
1053 "unknown AP (SA=" MAC_FMT " BSSID=" MAC_FMT ") - "
1054 "ignored\n", dev->name, MAC_ARG(mgmt->sa),
1055 MAC_ARG(mgmt->bssid));
1056 return;
1057 }
1058
1059 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
1060
1061 printk(KERN_DEBUG "%s: RX disassociation from " MAC_FMT
1062 " (reason=%d)\n",
1063 dev->name, MAC_ARG(mgmt->sa), reason_code);
1064
1065 if (ifsta->associated)
1066 printk(KERN_DEBUG "%s: disassociated\n", dev->name);
1067
1068 if (ifsta->state == IEEE80211_ASSOCIATED) {
1069 ifsta->state = IEEE80211_ASSOCIATE;
1070 schedule_delayed_work(&ifsta->work,
1071 IEEE80211_RETRY_AUTH_INTERVAL);
1072 }
1073
1074 ieee80211_set_disassoc(dev, ifsta, 0);
1075 }
1076
1077
1078 static void ieee80211_rx_mgmt_assoc_resp(struct net_device *dev,
1079 struct ieee80211_if_sta *ifsta,
1080 struct ieee80211_mgmt *mgmt,
1081 size_t len,
1082 struct ieee80211_rx_status *rx_status,
1083 int reassoc)
1084 {
1085 struct ieee80211_local *local = dev->ieee80211_ptr;
1086 struct sta_info *sta;
1087 u32 rates;
1088 u16 capab_info, status_code, aid;
1089 struct ieee802_11_elems elems;
1090 u8 *pos;
1091 int i, j;
1092
1093 /* AssocResp and ReassocResp have identical structure, so process both
1094 * of them in this function. */
1095
1096 if (ifsta->state != IEEE80211_ASSOCIATE) {
1097 printk(KERN_DEBUG "%s: association frame received from "
1098 MAC_FMT ", but not in associate state - ignored\n",
1099 dev->name, MAC_ARG(mgmt->sa));
1100 return;
1101 }
1102
1103 if (len < 24 + 6) {
1104 printk(KERN_DEBUG "%s: too short (%zd) association frame "
1105 "received from " MAC_FMT " - ignored\n",
1106 dev->name, len, MAC_ARG(mgmt->sa));
1107 return;
1108 }
1109
1110 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1111 printk(KERN_DEBUG "%s: association frame received from "
1112 "unknown AP (SA=" MAC_FMT " BSSID=" MAC_FMT ") - "
1113 "ignored\n", dev->name, MAC_ARG(mgmt->sa),
1114 MAC_ARG(mgmt->bssid));
1115 return;
1116 }
1117
1118 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
1119 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code);
1120 aid = le16_to_cpu(mgmt->u.assoc_resp.aid);
1121 if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14)))
1122 printk(KERN_DEBUG "%s: invalid aid value %d; bits 15:14 not "
1123 "set\n", dev->name, aid);
1124 aid &= ~(BIT(15) | BIT(14));
1125
1126 printk(KERN_DEBUG "%s: RX %sssocResp from " MAC_FMT " (capab=0x%x "
1127 "status=%d aid=%d)\n",
1128 dev->name, reassoc ? "Rea" : "A", MAC_ARG(mgmt->sa),
1129 capab_info, status_code, aid);
1130
1131 if (status_code != WLAN_STATUS_SUCCESS) {
1132 printk(KERN_DEBUG "%s: AP denied association (code=%d)\n",
1133 dev->name, status_code);
1134 return;
1135 }
1136
1137 pos = mgmt->u.assoc_resp.variable;
1138 if (ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems)
1139 == ParseFailed) {
1140 printk(KERN_DEBUG "%s: failed to parse AssocResp\n",
1141 dev->name);
1142 return;
1143 }
1144
1145 if (!elems.supp_rates) {
1146 printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n",
1147 dev->name);
1148 return;
1149 }
1150
1151 printk(KERN_DEBUG "%s: associated\n", dev->name);
1152 ifsta->aid = aid;
1153 ifsta->ap_capab = capab_info;
1154
1155 kfree(ifsta->assocresp_ies);
1156 ifsta->assocresp_ies_len = len - (pos - (u8 *) mgmt);
1157 ifsta->assocresp_ies = kmalloc(ifsta->assocresp_ies_len, GFP_ATOMIC);
1158 if (ifsta->assocresp_ies)
1159 memcpy(ifsta->assocresp_ies, pos, ifsta->assocresp_ies_len);
1160
1161 ieee80211_set_associated(dev, ifsta, 1);
1162
1163 /* Add STA entry for the AP */
1164 sta = sta_info_get(local, ifsta->bssid);
1165 if (!sta) {
1166 sta = sta_info_add(local, dev, ifsta->bssid, GFP_ATOMIC);
1167 if (!sta) {
1168 printk(KERN_DEBUG "%s: failed to add STA entry for the"
1169 " AP\n", dev->name);
1170 return;
1171 }
1172 }
1173
1174 sta->dev = dev;
1175 sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC;
1176 sta->assoc_ap = 1;
1177
1178 rates = 0;
1179 for (i = 0; i < elems.supp_rates_len; i++) {
1180 int rate = (elems.supp_rates[i] & 0x7f) * 5;
1181 if (local->hw.conf.phymode == MODE_ATHEROS_TURBO)
1182 rate *= 2;
1183 for (j = 0; j < local->num_curr_rates; j++)
1184 if (local->curr_rates[j].rate == rate)
1185 rates |= BIT(j);
1186 }
1187 for (i = 0; i < elems.ext_supp_rates_len; i++) {
1188 int rate = (elems.ext_supp_rates[i] & 0x7f) * 5;
1189 if (local->hw.conf.phymode == MODE_ATHEROS_TURBO)
1190 rate *= 2;
1191 for (j = 0; j < local->num_curr_rates; j++)
1192 if (local->curr_rates[j].rate == rate)
1193 rates |= BIT(j);
1194 }
1195 sta->supp_rates = rates;
1196
1197 rate_control_rate_init(sta, local);
1198
1199 if (elems.wmm_param && ifsta->wmm_enabled) {
1200 sta->flags |= WLAN_STA_WME;
1201 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param,
1202 elems.wmm_param_len);
1203 }
1204
1205
1206 sta_info_put(sta);
1207
1208 ieee80211_associated(dev, ifsta);
1209 }
1210
1211
1212 /* Caller must hold local->sta_bss_lock */
1213 static void __ieee80211_rx_bss_hash_add(struct net_device *dev,
1214 struct ieee80211_sta_bss *bss)
1215 {
1216 struct ieee80211_local *local = dev->ieee80211_ptr;
1217 bss->hnext = local->sta_bss_hash[STA_HASH(bss->bssid)];
1218 local->sta_bss_hash[STA_HASH(bss->bssid)] = bss;
1219 }
1220
1221
1222 /* Caller must hold local->sta_bss_lock */
1223 static void __ieee80211_rx_bss_hash_del(struct net_device *dev,
1224 struct ieee80211_sta_bss *bss)
1225 {
1226 struct ieee80211_local *local = dev->ieee80211_ptr;
1227 struct ieee80211_sta_bss *b, *prev = NULL;
1228 b = local->sta_bss_hash[STA_HASH(bss->bssid)];
1229 while (b) {
1230 if (b == bss) {
1231 if (!prev)
1232 local->sta_bss_hash[STA_HASH(bss->bssid)] =
1233 bss->hnext;
1234 else
1235 prev->hnext = bss->hnext;
1236 break;
1237 }
1238 prev = b;
1239 b = b->hnext;
1240 }
1241 }
1242
1243
1244 static struct ieee80211_sta_bss *
1245 ieee80211_rx_bss_add(struct net_device *dev, u8 *bssid)
1246 {
1247 struct ieee80211_local *local = dev->ieee80211_ptr;
1248 struct ieee80211_sta_bss *bss;
1249
1250 bss = kmalloc(sizeof(*bss), GFP_ATOMIC);
1251 if (!bss)
1252 return NULL;
1253 memset(bss, 0, sizeof(*bss));
1254 atomic_inc(&bss->users);
1255 atomic_inc(&bss->users);
1256 memcpy(bss->bssid, bssid, ETH_ALEN);
1257
1258 spin_lock_bh(&local->sta_bss_lock);
1259 /* TODO: order by RSSI? */
1260 list_add_tail(&bss->list, &local->sta_bss_list);
1261 __ieee80211_rx_bss_hash_add(dev, bss);
1262 spin_unlock_bh(&local->sta_bss_lock);
1263 return bss;
1264 }
1265
1266
1267 static struct ieee80211_sta_bss *
1268 ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid)
1269 {
1270 struct ieee80211_local *local = dev->ieee80211_ptr;
1271 struct ieee80211_sta_bss *bss;
1272
1273 spin_lock_bh(&local->sta_bss_lock);
1274 bss = local->sta_bss_hash[STA_HASH(bssid)];
1275 while (bss) {
1276 if (memcmp(bss->bssid, bssid, ETH_ALEN) == 0) {
1277 atomic_inc(&bss->users);
1278 break;
1279 }
1280 bss = bss->hnext;
1281 }
1282 spin_unlock_bh(&local->sta_bss_lock);
1283 return bss;
1284 }
1285
1286
1287 static void ieee80211_rx_bss_free(struct ieee80211_sta_bss *bss)
1288 {
1289 kfree(bss->wpa_ie);
1290 kfree(bss->rsn_ie);
1291 kfree(bss->wmm_ie);
1292 kfree(bss);
1293 }
1294
1295
1296 static void ieee80211_rx_bss_put(struct net_device *dev,
1297 struct ieee80211_sta_bss *bss)
1298 {
1299 struct ieee80211_local *local = dev->ieee80211_ptr;
1300 if (!atomic_dec_and_test(&bss->users))
1301 return;
1302
1303 spin_lock_bh(&local->sta_bss_lock);
1304 __ieee80211_rx_bss_hash_del(dev, bss);
1305 list_del(&bss->list);
1306 spin_unlock_bh(&local->sta_bss_lock);
1307 ieee80211_rx_bss_free(bss);
1308 }
1309
1310
1311 void ieee80211_rx_bss_list_init(struct net_device *dev)
1312 {
1313 struct ieee80211_local *local = dev->ieee80211_ptr;
1314 spin_lock_init(&local->sta_bss_lock);
1315 INIT_LIST_HEAD(&local->sta_bss_list);
1316 }
1317
1318
1319 void ieee80211_rx_bss_list_deinit(struct net_device *dev)
1320 {
1321 struct ieee80211_local *local = dev->ieee80211_ptr;
1322 struct ieee80211_sta_bss *bss, *tmp;
1323
1324 list_for_each_entry_safe(bss, tmp, &local->sta_bss_list, list)
1325 ieee80211_rx_bss_put(dev, bss);
1326 }
1327
1328
1329 static void ieee80211_rx_bss_info(struct net_device *dev,
1330 struct ieee80211_mgmt *mgmt,
1331 size_t len,
1332 struct ieee80211_rx_status *rx_status,
1333 int beacon)
1334 {
1335 struct ieee80211_local *local = dev->ieee80211_ptr;
1336 struct ieee802_11_elems elems;
1337 size_t baselen;
1338 int channel, invalid = 0, clen;
1339 struct ieee80211_sta_bss *bss;
1340 struct sta_info *sta;
1341 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1342 u64 timestamp;
1343
1344 if (!beacon && memcmp(mgmt->da, dev->dev_addr, ETH_ALEN))
1345 return; /* ignore ProbeResp to foreign address */
1346
1347 #if 0
1348 printk(KERN_DEBUG "%s: RX %s from " MAC_FMT " to " MAC_FMT "\n",
1349 dev->name, beacon ? "Beacon" : "Probe Response",
1350 MAC_ARG(mgmt->sa), MAC_ARG(mgmt->da));
1351 #endif
1352
1353 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
1354 if (baselen > len)
1355 return;
1356
1357 timestamp = le64_to_cpu(mgmt->u.beacon.timestamp);
1358
1359 if (sdata->type == IEEE80211_IF_TYPE_IBSS && beacon &&
1360 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0) {
1361 #ifdef CONFIG_D80211_IBSS_DEBUG
1362 static unsigned long last_tsf_debug = 0;
1363 u64 tsf;
1364 if (local->ops->get_tsf)
1365 tsf = local->ops->get_tsf(local_to_hw(local));
1366 else
1367 tsf = -1LLU;
1368 if (time_after(jiffies, last_tsf_debug + 5 * HZ)) {
1369 printk(KERN_DEBUG "RX beacon SA=" MAC_FMT " BSSID="
1370 MAC_FMT " TSF=0x%llx BCN=0x%llx diff=%lld "
1371 "@%lu\n",
1372 MAC_ARG(mgmt->sa), MAC_ARG(mgmt->bssid),
1373 (unsigned long long)tsf,
1374 (unsigned long long)timestamp,
1375 (unsigned long long)(tsf - timestamp),
1376 jiffies);
1377 last_tsf_debug = jiffies;
1378 }
1379 #endif /* CONFIG_D80211_IBSS_DEBUG */
1380 }
1381
1382 if (ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen,
1383 &elems) == ParseFailed)
1384 invalid = 1;
1385
1386 if (sdata->type == IEEE80211_IF_TYPE_IBSS && elems.supp_rates &&
1387 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0 &&
1388 (sta = sta_info_get(local, mgmt->sa))) {
1389 struct ieee80211_hw_mode *mode;
1390 struct ieee80211_rate *rates;
1391 size_t num_rates;
1392 u32 supp_rates, prev_rates;
1393 int i, j, oper_mode;
1394
1395 rates = local->curr_rates;
1396 num_rates = local->num_curr_rates;
1397 oper_mode = local->sta_scanning ? local->scan_oper_phymode :
1398 local->hw.conf.phymode;
1399 list_for_each_entry(mode, &local->modes_list, list) {
1400 if (oper_mode == mode->mode) {
1401 rates = mode->rates;
1402 num_rates = mode->num_rates;
1403 break;
1404 }
1405 }
1406
1407 supp_rates = 0;
1408 for (i = 0; i < elems.supp_rates_len +
1409 elems.ext_supp_rates_len; i++) {
1410 u8 rate = 0;
1411 int own_rate;
1412 if (i < elems.supp_rates_len)
1413 rate = elems.supp_rates[i];
1414 else if (elems.ext_supp_rates)
1415 rate = elems.ext_supp_rates
1416 [i - elems.supp_rates_len];
1417 own_rate = 5 * (rate & 0x7f);
1418 if (oper_mode == MODE_ATHEROS_TURBO)
1419 own_rate *= 2;
1420 for (j = 0; j < num_rates; j++)
1421 if (rates[j].rate == own_rate)
1422 supp_rates |= BIT(j);
1423 }
1424
1425 prev_rates = sta->supp_rates;
1426 sta->supp_rates &= supp_rates;
1427 if (sta->supp_rates == 0) {
1428 /* No matching rates - this should not really happen.
1429 * Make sure that at least one rate is marked
1430 * supported to avoid issues with TX rate ctrl. */
1431 sta->supp_rates = sdata->u.sta.supp_rates_bits;
1432 }
1433 if (sta->supp_rates != prev_rates) {
1434 printk(KERN_DEBUG "%s: updated supp_rates set for "
1435 MAC_FMT " based on beacon info (0x%x & 0x%x -> "
1436 "0x%x)\n",
1437 dev->name, MAC_ARG(sta->addr), prev_rates,
1438 supp_rates, sta->supp_rates);
1439 }
1440 sta_info_put(sta);
1441 }
1442
1443 if (!elems.ssid)
1444 return;
1445
1446 if (elems.ds_params && elems.ds_params_len == 1)
1447 channel = elems.ds_params[0];
1448 else
1449 channel = rx_status->channel;
1450
1451 bss = ieee80211_rx_bss_get(dev, mgmt->bssid);
1452 if (!bss) {
1453 bss = ieee80211_rx_bss_add(dev, mgmt->bssid);
1454 if (!bss)
1455 return;
1456 } else {
1457 #if 0
1458 /* TODO: order by RSSI? */
1459 spin_lock_bh(&local->sta_bss_lock);
1460 list_move_tail(&bss->list, &local->sta_bss_list);
1461 spin_unlock_bh(&local->sta_bss_lock);
1462 #endif
1463 }
1464
1465 if (bss->probe_resp && beacon) {
1466 /* Do not allow beacon to override data from Probe Response. */
1467 ieee80211_rx_bss_put(dev, bss);
1468 return;
1469 }
1470
1471 bss->beacon_int = le16_to_cpu(mgmt->u.beacon.beacon_int);
1472 bss->capability = le16_to_cpu(mgmt->u.beacon.capab_info);
1473 if (elems.ssid && elems.ssid_len <= IEEE80211_MAX_SSID_LEN) {
1474 memcpy(bss->ssid, elems.ssid, elems.ssid_len);
1475 bss->ssid_len = elems.ssid_len;
1476 }
1477
1478 bss->supp_rates_len = 0;
1479 if (elems.supp_rates) {
1480 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len;
1481 if (clen > elems.supp_rates_len)
1482 clen = elems.supp_rates_len;
1483 memcpy(&bss->supp_rates[bss->supp_rates_len], elems.supp_rates,
1484 clen);
1485 bss->supp_rates_len += clen;
1486 }
1487 if (elems.ext_supp_rates) {
1488 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len;
1489 if (clen > elems.ext_supp_rates_len)
1490 clen = elems.ext_supp_rates_len;
1491 memcpy(&bss->supp_rates[bss->supp_rates_len],
1492 elems.ext_supp_rates, clen);
1493 bss->supp_rates_len += clen;
1494 }
1495
1496 if (elems.wpa &&
1497 (!bss->wpa_ie || bss->wpa_ie_len != elems.wpa_len ||
1498 memcmp(bss->wpa_ie, elems.wpa, elems.wpa_len))) {
1499 kfree(bss->wpa_ie);
1500 bss->wpa_ie = kmalloc(elems.wpa_len + 2, GFP_ATOMIC);
1501 if (bss->wpa_ie) {
1502 memcpy(bss->wpa_ie, elems.wpa - 2, elems.wpa_len + 2);
1503 bss->wpa_ie_len = elems.wpa_len + 2;
1504 } else
1505 bss->wpa_ie_len = 0;
1506 } else if (!elems.wpa && bss->wpa_ie) {
1507 kfree(bss->wpa_ie);
1508 bss->wpa_ie = NULL;
1509 bss->wpa_ie_len = 0;
1510 }
1511
1512 if (elems.rsn &&
1513 (!bss->rsn_ie || bss->rsn_ie_len != elems.rsn_len ||
1514 memcmp(bss->rsn_ie, elems.rsn, elems.rsn_len))) {
1515 kfree(bss->rsn_ie);
1516 bss->rsn_ie = kmalloc(elems.rsn_len + 2, GFP_ATOMIC);
1517 if (bss->rsn_ie) {
1518 memcpy(bss->rsn_ie, elems.rsn - 2, elems.rsn_len + 2);
1519 bss->rsn_ie_len = elems.rsn_len + 2;
1520 } else
1521 bss->rsn_ie_len = 0;
1522 } else if (!elems.rsn && bss->rsn_ie) {
1523 kfree(bss->rsn_ie);
1524 bss->rsn_ie = NULL;
1525 bss->rsn_ie_len = 0;
1526 }
1527
1528 if (elems.wmm_param &&
1529 (!bss->wmm_ie || bss->wmm_ie_len != elems.wmm_param_len ||
1530 memcmp(bss->wmm_ie, elems.wmm_param, elems.wmm_param_len))) {
1531 kfree(bss->wmm_ie);
1532 bss->wmm_ie = kmalloc(elems.wmm_param_len + 2, GFP_ATOMIC);
1533 if (bss->wmm_ie) {
1534 memcpy(bss->wmm_ie, elems.wmm_param - 2,
1535 elems.wmm_param_len + 2);
1536 bss->wmm_ie_len = elems.wmm_param_len + 2;
1537 } else
1538 bss->wmm_ie_len = 0;
1539 } else if (!elems.wmm_param && bss->wmm_ie) {
1540 kfree(bss->wmm_ie);
1541 bss->wmm_ie = NULL;
1542 bss->wmm_ie_len = 0;
1543 }
1544
1545
1546 bss->hw_mode = rx_status->phymode;
1547 bss->channel = channel;
1548 bss->freq = rx_status->freq;
1549 if (channel != rx_status->channel &&
1550 (bss->hw_mode == MODE_IEEE80211G ||
1551 bss->hw_mode == MODE_IEEE80211B) &&
1552 channel >= 1 && channel <= 14) {
1553 static const int freq_list[] = {
1554 2412, 2417, 2422, 2427, 2432, 2437, 2442,
1555 2447, 2452, 2457, 2462, 2467, 2472, 2484
1556 };
1557 /* IEEE 802.11g/b mode can receive packets from neighboring
1558 * channels, so map the channel into frequency. */
1559 bss->freq = freq_list[channel - 1];
1560 }
1561 bss->timestamp = timestamp;
1562 bss->last_update = jiffies;
1563 bss->rssi = rx_status->ssi;
1564 if (!beacon)
1565 bss->probe_resp++;
1566 ieee80211_rx_bss_put(dev, bss);
1567 }
1568
1569
1570 static void ieee80211_rx_mgmt_probe_resp(struct net_device *dev,
1571 struct ieee80211_mgmt *mgmt,
1572 size_t len,
1573 struct ieee80211_rx_status *rx_status)
1574 {
1575 ieee80211_rx_bss_info(dev, mgmt, len, rx_status, 0);
1576 }
1577
1578
1579 static void ieee80211_rx_mgmt_beacon(struct net_device *dev,
1580 struct ieee80211_mgmt *mgmt,
1581 size_t len,
1582 struct ieee80211_rx_status *rx_status)
1583 {
1584 struct ieee80211_local *local = dev->ieee80211_ptr;
1585 struct ieee80211_sub_if_data *sdata;
1586 struct ieee80211_if_sta *ifsta;
1587 int use_protection;
1588 size_t baselen;
1589 struct ieee802_11_elems elems;
1590
1591 ieee80211_rx_bss_info(dev, mgmt, len, rx_status, 1);
1592
1593 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1594 if (sdata->type != IEEE80211_IF_TYPE_STA)
1595 return;
1596 ifsta = &sdata->u.sta;
1597
1598 if (!ifsta->associated ||
1599 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0)
1600 return;
1601
1602 /* Process beacon from the current BSS */
1603 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
1604 if (baselen > len)
1605 return;
1606
1607 if (ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen,
1608 &elems) == ParseFailed)
1609 return;
1610
1611 use_protection = 0;
1612 if (elems.erp_info && elems.erp_info_len >= 1) {
1613 use_protection =
1614 (elems.erp_info[0] & ERP_INFO_USE_PROTECTION) != 0;
1615 }
1616
1617 if (use_protection != !!ifsta->use_protection) {
1618 if (net_ratelimit()) {
1619 printk(KERN_DEBUG "%s: CTS protection %s (BSSID="
1620 MAC_FMT ")\n",
1621 dev->name,
1622 use_protection ? "enabled" : "disabled",
1623 MAC_ARG(ifsta->bssid));
1624 }
1625 ifsta->use_protection = use_protection ? 1 : 0;
1626 local->cts_protect_erp_frames = use_protection;
1627 }
1628
1629 if (elems.wmm_param && ifsta->wmm_enabled) {
1630 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param,
1631 elems.wmm_param_len);
1632 }
1633 }
1634
1635
1636 static void ieee80211_rx_mgmt_probe_req(struct net_device *dev,
1637 struct ieee80211_if_sta *ifsta,
1638 struct ieee80211_mgmt *mgmt,
1639 size_t len,
1640 struct ieee80211_rx_status *rx_status)
1641 {
1642 struct ieee80211_local *local = dev->ieee80211_ptr;
1643 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1644 int tx_last_beacon;
1645 struct sk_buff *skb;
1646 struct ieee80211_mgmt *resp;
1647 u8 *pos, *end;
1648
1649 if (sdata->type != IEEE80211_IF_TYPE_IBSS ||
1650 ifsta->state != IEEE80211_IBSS_JOINED ||
1651 len < 24 + 2 || !ifsta->probe_resp)
1652 return;
1653
1654 if (local->ops->tx_last_beacon)
1655 tx_last_beacon = local->ops->tx_last_beacon(local_to_hw(local));
1656 else
1657 tx_last_beacon = 1;
1658
1659 #ifdef CONFIG_D80211_IBSS_DEBUG
1660 printk(KERN_DEBUG "%s: RX ProbeReq SA=" MAC_FMT " DA=" MAC_FMT " BSSID="
1661 MAC_FMT " (tx_last_beacon=%d)\n",
1662 dev->name, MAC_ARG(mgmt->sa), MAC_ARG(mgmt->da),
1663 MAC_ARG(mgmt->bssid), tx_last_beacon);
1664 #endif /* CONFIG_D80211_IBSS_DEBUG */
1665
1666 if (!tx_last_beacon)
1667 return;
1668
1669 if (memcmp(mgmt->bssid, ifsta->bssid, ETH_ALEN) != 0 &&
1670 memcmp(mgmt->bssid, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0)
1671 return;
1672
1673 end = ((u8 *) mgmt) + len;
1674 pos = mgmt->u.probe_req.variable;
1675 if (pos[0] != WLAN_EID_SSID ||
1676 pos + 2 + pos[1] > end) {
1677 if (net_ratelimit()) {
1678 printk(KERN_DEBUG "%s: Invalid SSID IE in ProbeReq "
1679 "from " MAC_FMT "\n",
1680 dev->name, MAC_ARG(mgmt->sa));
1681 }
1682 return;
1683 }
1684 if (pos[1] != 0 &&
1685 (pos[1] != ifsta->ssid_len ||
1686 memcmp(pos + 2, ifsta->ssid, ifsta->ssid_len) != 0)) {
1687 /* Ignore ProbeReq for foreign SSID */
1688 return;
1689 }
1690
1691 /* Reply with ProbeResp */
1692 skb = skb_copy(ifsta->probe_resp, GFP_ATOMIC);
1693 if (!skb)
1694 return;
1695
1696 resp = (struct ieee80211_mgmt *) skb->data;
1697 memcpy(resp->da, mgmt->sa, ETH_ALEN);
1698 #ifdef CONFIG_D80211_IBSS_DEBUG
1699 printk(KERN_DEBUG "%s: Sending ProbeResp to " MAC_FMT "\n",
1700 dev->name, MAC_ARG(resp->da));
1701 #endif /* CONFIG_D80211_IBSS_DEBUG */
1702 ieee80211_sta_tx(dev, skb, 0);
1703 }
1704
1705
1706 void ieee80211_sta_rx_mgmt(struct net_device *dev, struct sk_buff *skb,
1707 struct ieee80211_rx_status *rx_status)
1708 {
1709 struct ieee80211_sub_if_data *sdata;
1710 struct ieee80211_if_sta *ifsta;
1711 struct ieee80211_mgmt *mgmt;
1712 u16 fc;
1713
1714 if (skb->len < 24)
1715 goto fail;
1716
1717 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1718 ifsta = &sdata->u.sta;
1719
1720 mgmt = (struct ieee80211_mgmt *) skb->data;
1721 fc = le16_to_cpu(mgmt->frame_control);
1722
1723 switch (fc & IEEE80211_FCTL_STYPE) {
1724 case IEEE80211_STYPE_PROBE_REQ:
1725 ieee80211_rx_mgmt_probe_req(dev, ifsta, mgmt, skb->len,
1726 rx_status);
1727 break;
1728 case IEEE80211_STYPE_PROBE_RESP:
1729 ieee80211_rx_mgmt_probe_resp(dev, mgmt, skb->len, rx_status);
1730 break;
1731 case IEEE80211_STYPE_BEACON:
1732 ieee80211_rx_mgmt_beacon(dev, mgmt, skb->len, rx_status);
1733 break;
1734 case IEEE80211_STYPE_AUTH:
1735 ieee80211_rx_mgmt_auth(dev, ifsta, mgmt, skb->len, rx_status);
1736 break;
1737 case IEEE80211_STYPE_ASSOC_RESP:
1738 ieee80211_rx_mgmt_assoc_resp(dev, ifsta, mgmt, skb->len,
1739 rx_status, 0);
1740 break;
1741 case IEEE80211_STYPE_REASSOC_RESP:
1742 ieee80211_rx_mgmt_assoc_resp(dev, ifsta, mgmt, skb->len,
1743 rx_status, 1);
1744 break;
1745 case IEEE80211_STYPE_DEAUTH:
1746 ieee80211_rx_mgmt_deauth(dev, ifsta, mgmt, skb->len,
1747 rx_status);
1748 break;
1749 case IEEE80211_STYPE_DISASSOC:
1750 ieee80211_rx_mgmt_disassoc(dev, ifsta, mgmt, skb->len,
1751 rx_status);
1752 break;
1753 default:
1754 printk(KERN_DEBUG "%s: received unknown management frame - "
1755 "stype=%d\n", dev->name,
1756 (fc & IEEE80211_FCTL_STYPE) >> 4);
1757 break;
1758 }
1759
1760 fail:
1761 dev_kfree_skb(skb);
1762 }
1763
1764
1765 void ieee80211_sta_rx_scan(struct net_device *dev, struct sk_buff *skb,
1766 struct ieee80211_rx_status *rx_status)
1767 {
1768 struct ieee80211_mgmt *mgmt;
1769 u16 fc;
1770
1771 if (skb->len < 24) {
1772 dev_kfree_skb(skb);
1773 return;
1774 }
1775
1776 mgmt = (struct ieee80211_mgmt *) skb->data;
1777 fc = le16_to_cpu(mgmt->frame_control);
1778
1779 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT) {
1780 if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PROBE_RESP) {
1781 ieee80211_rx_mgmt_probe_resp(dev, mgmt,
1782 skb->len, rx_status);
1783 } else if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_BEACON) {
1784 ieee80211_rx_mgmt_beacon(dev, mgmt, skb->len,
1785 rx_status);
1786 }
1787 }
1788
1789 dev_kfree_skb(skb);
1790 }
1791
1792
1793 static int ieee80211_sta_active_ibss(struct net_device *dev)
1794 {
1795 struct ieee80211_local *local = dev->ieee80211_ptr;
1796 int active = 0;
1797 struct sta_info *sta;
1798
1799 spin_lock_bh(&local->sta_lock);
1800 list_for_each_entry(sta, &local->sta_list, list) {
1801 if (sta->dev == dev &&
1802 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL,
1803 jiffies)) {
1804 active++;
1805 break;
1806 }
1807 }
1808 spin_unlock_bh(&local->sta_lock);
1809
1810 return active;
1811 }
1812
1813
1814 static void ieee80211_sta_expire(struct net_device *dev)
1815 {
1816 struct ieee80211_local *local = dev->ieee80211_ptr;
1817 struct sta_info *sta, *tmp;
1818
1819 spin_lock_bh(&local->sta_lock);
1820 list_for_each_entry_safe(sta, tmp, &local->sta_list, list)
1821 if (time_after(jiffies, sta->last_rx +
1822 IEEE80211_IBSS_INACTIVITY_LIMIT)) {
1823 printk(KERN_DEBUG "%s: expiring inactive STA " MAC_FMT
1824 "\n", dev->name, MAC_ARG(sta->addr));
1825 sta_info_free(sta, 1);
1826 }
1827 spin_unlock_bh(&local->sta_lock);
1828 }
1829
1830
1831 static void ieee80211_sta_merge_ibss(struct net_device *dev,
1832 struct ieee80211_if_sta *ifsta)
1833 {
1834 schedule_delayed_work(&ifsta->work, IEEE80211_IBSS_MERGE_INTERVAL);
1835
1836 ieee80211_sta_expire(dev);
1837 if (ieee80211_sta_active_ibss(dev))
1838 return;
1839
1840 printk(KERN_DEBUG "%s: No active IBSS STAs - trying to scan for other "
1841 "IBSS networks with same SSID (merge)\n", dev->name);
1842 ieee80211_sta_req_scan(dev, ifsta->ssid, ifsta->ssid_len);
1843 }
1844
1845
1846 void ieee80211_sta_work(struct work_struct *work)
1847 {
1848 struct ieee80211_sub_if_data *sdata =
1849 container_of(work, struct ieee80211_sub_if_data, u.sta.work.work);
1850 struct net_device *dev = sdata->dev;
1851 struct ieee80211_if_sta *ifsta;
1852
1853 if (!netif_running(dev))
1854 return;
1855
1856 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1857 if (sdata->type != IEEE80211_IF_TYPE_STA &&
1858 sdata->type != IEEE80211_IF_TYPE_IBSS) {
1859 printk(KERN_DEBUG "%s: ieee80211_sta_work: non-STA interface "
1860 "(type=%d)\n", dev->name, sdata->type);
1861 return;
1862 }
1863 ifsta = &sdata->u.sta;
1864
1865 switch (ifsta->state) {
1866 case IEEE80211_DISABLED:
1867 break;
1868 case IEEE80211_AUTHENTICATE:
1869 ieee80211_authenticate(dev, ifsta);
1870 break;
1871 case IEEE80211_ASSOCIATE:
1872 ieee80211_associate(dev, ifsta);
1873 break;
1874 case IEEE80211_ASSOCIATED:
1875 ieee80211_associated(dev, ifsta);
1876 break;
1877 case IEEE80211_IBSS_SEARCH:
1878 ieee80211_sta_find_ibss(dev, ifsta);
1879 break;
1880 case IEEE80211_IBSS_JOINED:
1881 ieee80211_sta_merge_ibss(dev, ifsta);
1882 break;
1883 default:
1884 printk(KERN_DEBUG "ieee80211_sta_work: Unknown state %d\n",
1885 ifsta->state);
1886 break;
1887 }
1888
1889 if (ieee80211_privacy_mismatch(dev, ifsta)) {
1890 printk(KERN_DEBUG "%s: privacy configuration mismatch and "
1891 "mixed-cell disabled - disassociate\n", dev->name);
1892
1893 ieee80211_send_disassoc(dev, ifsta, WLAN_REASON_UNSPECIFIED);
1894 ieee80211_set_disassoc(dev, ifsta, 0);
1895 }
1896 }
1897
1898
1899 static void ieee80211_sta_new_auth(struct net_device *dev,
1900 struct ieee80211_if_sta *ifsta)
1901 {
1902 struct ieee80211_local *local = dev->ieee80211_ptr;
1903 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1904
1905 if (sdata->type != IEEE80211_IF_TYPE_STA)
1906 return;
1907
1908 if (local->ops->reset_tsf) {
1909 /* Reset own TSF to allow time synchronization work. */
1910 local->ops->reset_tsf(local_to_hw(local));
1911 }
1912
1913 ifsta->wmm_last_param_set = -1; /* allow any WMM update */
1914
1915
1916 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN)
1917 ifsta->auth_alg = WLAN_AUTH_OPEN;
1918 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
1919 ifsta->auth_alg = WLAN_AUTH_SHARED_KEY;
1920 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP)
1921 ifsta->auth_alg = WLAN_AUTH_LEAP;
1922 else
1923 ifsta->auth_alg = WLAN_AUTH_OPEN;
1924 printk(KERN_DEBUG "%s: Initial auth_alg=%d\n", dev->name,
1925 ifsta->auth_alg);
1926 ifsta->auth_transaction = -1;
1927 ifsta->associated = ifsta->auth_tries = ifsta->assoc_tries = 0;
1928 ieee80211_authenticate(dev, ifsta);
1929 }
1930
1931
1932 static int ieee80211_ibss_allowed(struct ieee80211_local *local)
1933 {
1934 struct ieee80211_hw_mode *mode;
1935 int c;
1936
1937 list_for_each_entry(mode, &local->modes_list, list) {
1938 if (mode->mode != local->hw.conf.phymode)
1939 continue;
1940 for (c = 0; c < mode->num_channels; c++) {
1941 struct ieee80211_channel *chan = &mode->channels[c];
1942 if (chan->flag & IEEE80211_CHAN_W_SCAN &&
1943 chan->chan == local->hw.conf.channel) {
1944 if (chan->flag & IEEE80211_CHAN_W_IBSS)
1945 return 1;
1946 break;
1947 }
1948 }
1949 }
1950
1951 return 0;
1952 }
1953
1954
1955 extern int ieee80211_ioctl_siwfreq(struct net_device *dev,
1956 struct iw_request_info *info,
1957 struct iw_freq *freq, char *extra);
1958
1959 static int ieee80211_sta_join_ibss(struct net_device *dev,
1960 struct ieee80211_if_sta *ifsta,
1961 struct ieee80211_sta_bss *bss)
1962 {
1963 struct ieee80211_local *local = dev->ieee80211_ptr;
1964 struct iw_freq rq;
1965 int res, rates, i, j;
1966 struct sk_buff *skb;
1967 struct ieee80211_mgmt *mgmt;
1968 struct ieee80211_tx_control control;
1969 struct ieee80211_rate *rate;
1970 struct rate_control_extra extra;
1971 u8 *pos;
1972 struct ieee80211_sub_if_data *sdata;
1973
1974 /* Remove possible STA entries from other IBSS networks. */
1975 sta_info_flush(local, NULL);
1976
1977 if (local->ops->reset_tsf) {
1978 /* Reset own TSF to allow time synchronization work. */
1979 local->ops->reset_tsf(local_to_hw(local));
1980 }
1981 memcpy(ifsta->bssid, bss->bssid, ETH_ALEN);
1982 res = ieee80211_if_config(dev);
1983 if (res)
1984 return res;
1985
1986 local->hw.conf.beacon_int = bss->beacon_int >= 10 ? bss->beacon_int : 10;
1987
1988 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1989 sdata->drop_unencrypted = bss->capability &
1990 WLAN_CAPABILITY_PRIVACY ? 1 : 0;
1991
1992 memset(&rq, 0, sizeof(rq));
1993 rq.m = bss->freq * 100000;
1994 rq.e = 1;
1995 res = ieee80211_ioctl_siwfreq(dev, NULL, &rq, NULL);
1996
1997 if (!ieee80211_ibss_allowed(local)) {
1998 printk(KERN_DEBUG "%s: IBSS not allowed on channel %d "
1999 "(%d MHz)\n", dev->name, local->hw.conf.channel,
2000 local->hw.conf.freq);
2001 return -1;
2002 }
2003
2004 /* Set beacon template based on scan results */
2005 skb = dev_alloc_skb(400);
2006 do {
2007 if (!skb)
2008 break;
2009
2010 mgmt = (struct ieee80211_mgmt *)
2011 skb_put(skb, 24 + sizeof(mgmt->u.beacon));
2012 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon));
2013 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
2014 IEEE80211_STYPE_BEACON);
2015 memset(mgmt->da, 0xff, ETH_ALEN);
2016 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
2017 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
2018 mgmt->u.beacon.beacon_int =
2019 cpu_to_le16(local->hw.conf.beacon_int);
2020 mgmt->u.beacon.capab_info = cpu_to_le16(bss->capability);
2021
2022 pos = skb_put(skb, 2 + ifsta->ssid_len);
2023 *pos++ = WLAN_EID_SSID;
2024 *pos++ = ifsta->ssid_len;
2025 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
2026
2027 rates = bss->supp_rates_len;
2028 if (rates > 8)
2029 rates = 8;
2030 pos = skb_put(skb, 2 + rates);
2031 *pos++ = WLAN_EID_SUPP_RATES;
2032 *pos++ = rates;
2033 memcpy(pos, bss->supp_rates, rates);
2034
2035 pos = skb_put(skb, 2 + 1);
2036 *pos++ = WLAN_EID_DS_PARAMS;
2037 *pos++ = 1;
2038 *pos++ = bss->channel;
2039
2040 pos = skb_put(skb, 2 + 2);
2041 *pos++ = WLAN_EID_IBSS_PARAMS;
2042 *pos++ = 2;
2043 /* FIX: set ATIM window based on scan results */
2044 *pos++ = 0;
2045 *pos++ = 0;
2046
2047 if (bss->supp_rates_len > 8) {
2048 rates = bss->supp_rates_len - 8;
2049 pos = skb_put(skb, 2 + rates);
2050 *pos++ = WLAN_EID_EXT_SUPP_RATES;
2051 *pos++ = rates;
2052 memcpy(pos, &bss->supp_rates[8], rates);
2053 }
2054
2055 memset(&control, 0, sizeof(control));
2056 memset(&extra, 0, sizeof(extra));
2057 extra.endidx = local->num_curr_rates;
2058 rate = rate_control_get_rate(local, dev, skb, &extra);
2059 if (!rate) {
2060 printk(KERN_DEBUG "%s: Failed to determine TX rate "
2061 "for IBSS beacon\n", dev->name);
2062 break;
2063 }
2064 control.tx_rate = (local->short_preamble &&
2065 (rate->flags & IEEE80211_RATE_PREAMBLE2)) ?
2066 rate->val2 : rate->val;
2067 control.antenna_sel = local->hw.conf.antenna_sel;
2068 control.power_level = local->hw.conf.power_level;
2069 control.flags |= IEEE80211_TXCTL_NO_ACK;
2070 control.retry_limit = 1;
2071 control.rts_cts_duration = 0;
2072
2073 ifsta->probe_resp = skb_copy(skb, GFP_ATOMIC);
2074 if (ifsta->probe_resp) {
2075 mgmt = (struct ieee80211_mgmt *)
2076 ifsta->probe_resp->data;
2077 mgmt->frame_control =
2078 IEEE80211_FC(IEEE80211_FTYPE_MGMT,
2079 IEEE80211_STYPE_PROBE_RESP);
2080 } else {
2081 printk(KERN_DEBUG "%s: Could not allocate ProbeResp "
2082 "template for IBSS\n", dev->name);
2083 }
2084
2085 if (local->ops->beacon_update &&
2086 local->ops->beacon_update(local_to_hw(local),
2087 skb, &control) == 0) {
2088 printk(KERN_DEBUG "%s: Configured IBSS beacon "
2089 "template based on scan results\n", dev->name);
2090 skb = NULL;
2091 }
2092
2093 rates = 0;
2094 for (i = 0; i < bss->supp_rates_len; i++) {
2095 int rate = (bss->supp_rates[i] & 0x7f) * 5;
2096 if (local->hw.conf.phymode == MODE_ATHEROS_TURBO)
2097 rate *= 2;
2098 for (j = 0; j < local->num_curr_rates; j++)
2099 if (local->curr_rates[j].rate == rate)
2100 rates |= BIT(j);
2101 }
2102 ifsta->supp_rates_bits = rates;
2103 } while (0);
2104
2105 if (skb) {
2106 printk(KERN_DEBUG "%s: Failed to configure IBSS beacon "
2107 "template\n", dev->name);
2108 dev_kfree_skb(skb);
2109 }
2110
2111 ifsta->state = IEEE80211_IBSS_JOINED;
2112 schedule_delayed_work(&ifsta->work, IEEE80211_IBSS_MERGE_INTERVAL);
2113
2114 ieee80211_rx_bss_put(dev, bss);
2115
2116 return res;
2117 }
2118
2119
2120 static int ieee80211_sta_create_ibss(struct net_device *dev,
2121 struct ieee80211_if_sta *ifsta)
2122 {
2123 struct ieee80211_local *local = dev->ieee80211_ptr;
2124 struct ieee80211_sta_bss *bss;
2125 struct ieee80211_sub_if_data *sdata;
2126 u8 bssid[ETH_ALEN], *pos;
2127 int i;
2128
2129 #if 0
2130 /* Easier testing, use fixed BSSID. */
2131 memset(bssid, 0xfe, ETH_ALEN);
2132 #else
2133 /* Generate random, not broadcast, locally administered BSSID. Mix in
2134 * own MAC address to make sure that devices that do not have proper
2135 * random number generator get different BSSID. */
2136 get_random_bytes(bssid, ETH_ALEN);
2137 for (i = 0; i < ETH_ALEN; i++)
2138 bssid[i] ^= dev->dev_addr[i];
2139 bssid[0] &= ~0x01;
2140 bssid[0] |= 0x02;
2141 #endif
2142
2143 printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID " MAC_FMT "\n",
2144 dev->name, MAC_ARG(bssid));
2145
2146 bss = ieee80211_rx_bss_add(dev, bssid);
2147 if (!bss)
2148 return -ENOMEM;
2149
2150 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2151
2152 if (local->hw.conf.beacon_int == 0)
2153 local->hw.conf.beacon_int = 100;
2154 bss->beacon_int = local->hw.conf.beacon_int;
2155 bss->hw_mode = local->hw.conf.phymode;
2156 bss->channel = local->hw.conf.channel;
2157 bss->freq = local->hw.conf.freq;
2158 bss->last_update = jiffies;
2159 bss->capability = WLAN_CAPABILITY_IBSS;
2160 if (sdata->default_key) {
2161 bss->capability |= WLAN_CAPABILITY_PRIVACY;
2162 } else
2163 sdata->drop_unencrypted = 0;
2164 bss->supp_rates_len = local->num_curr_rates;
2165 pos = bss->supp_rates;
2166 for (i = 0; i < local->num_curr_rates; i++) {
2167 int rate = local->curr_rates[i].rate;
2168 if (local->hw.conf.phymode == MODE_ATHEROS_TURBO)
2169 rate /= 2;
2170 *pos++ = (u8) (rate / 5);
2171 }
2172
2173 return ieee80211_sta_join_ibss(dev, ifsta, bss);
2174 }
2175
2176
2177 static int ieee80211_sta_find_ibss(struct net_device *dev,
2178 struct ieee80211_if_sta *ifsta)
2179 {
2180 struct ieee80211_local *local = dev->ieee80211_ptr;
2181 struct ieee80211_sta_bss *bss;
2182 int found = 0;
2183 u8 bssid[ETH_ALEN];
2184 int active_ibss;
2185
2186 if (ifsta->ssid_len == 0)
2187 return -EINVAL;
2188
2189 active_ibss = ieee80211_sta_active_ibss(dev);
2190 #ifdef CONFIG_D80211_IBSS_DEBUG
2191 printk(KERN_DEBUG "%s: sta_find_ibss (active_ibss=%d)\n",
2192 dev->name, active_ibss);
2193 #endif /* CONFIG_D80211_IBSS_DEBUG */
2194 spin_lock_bh(&local->sta_bss_lock);
2195 list_for_each_entry(bss, &local->sta_bss_list, list) {
2196 if (ifsta->ssid_len != bss->ssid_len ||
2197 memcmp(ifsta->ssid, bss->ssid, bss->ssid_len) != 0
2198 || !(bss->capability & WLAN_CAPABILITY_IBSS))
2199 continue;
2200 #ifdef CONFIG_D80211_IBSS_DEBUG
2201 printk(KERN_DEBUG " bssid=" MAC_FMT " found\n",
2202 MAC_ARG(bss->bssid));
2203 #endif /* CONFIG_D80211_IBSS_DEBUG */
2204 memcpy(bssid, bss->bssid, ETH_ALEN);
2205 found = 1;
2206 if (active_ibss || memcmp(bssid, ifsta->bssid, ETH_ALEN) != 0)
2207 break;
2208 }
2209 spin_unlock_bh(&local->sta_bss_lock);
2210
2211 #ifdef CONFIG_D80211_IBSS_DEBUG
2212 printk(KERN_DEBUG " sta_find_ibss: selected " MAC_FMT " current "
2213 MAC_FMT "\n", MAC_ARG(bssid), MAC_ARG(ifsta->bssid));
2214 #endif /* CONFIG_D80211_IBSS_DEBUG */
2215 if (found && memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0 &&
2216 (bss = ieee80211_rx_bss_get(dev, bssid))) {
2217 printk(KERN_DEBUG "%s: Selected IBSS BSSID " MAC_FMT
2218 " based on configured SSID\n",
2219 dev->name, MAC_ARG(bssid));
2220 return ieee80211_sta_join_ibss(dev, ifsta, bss);
2221 }
2222 #ifdef CONFIG_D80211_IBSS_DEBUG
2223 printk(KERN_DEBUG " did not try to join ibss\n");
2224 #endif /* CONFIG_D80211_IBSS_DEBUG */
2225
2226 /* Selected IBSS not found in current scan results - try to scan */
2227 if (ifsta->state == IEEE80211_IBSS_JOINED &&
2228 !ieee80211_sta_active_ibss(dev)) {
2229 schedule_delayed_work(&ifsta->work,
2230 IEEE80211_IBSS_MERGE_INTERVAL);
2231 } else if (time_after(jiffies, local->last_scan_completed +
2232 IEEE80211_SCAN_INTERVAL)) {
2233 printk(KERN_DEBUG "%s: Trigger new scan to find an IBSS to "
2234 "join\n", dev->name);
2235 return ieee80211_sta_req_scan(dev, ifsta->ssid,
2236 ifsta->ssid_len);
2237 } else if (ifsta->state != IEEE80211_IBSS_JOINED) {
2238 int interval = IEEE80211_SCAN_INTERVAL;
2239
2240 if (time_after(jiffies, ifsta->ibss_join_req +
2241 IEEE80211_IBSS_JOIN_TIMEOUT)) {
2242 if (ifsta->create_ibss &&
2243 ieee80211_ibss_allowed(local))
2244 return ieee80211_sta_create_ibss(dev, ifsta);
2245 if (ifsta->create_ibss) {
2246 printk(KERN_DEBUG "%s: IBSS not allowed on the"
2247 " configured channel %d (%d MHz)\n",
2248 dev->name, local->hw.conf.channel,
2249 local->hw.conf.freq);
2250 }
2251
2252 /* No IBSS found - decrease scan interval and continue
2253 * scanning. */
2254 interval = IEEE80211_SCAN_INTERVAL_SLOW;
2255 }
2256
2257 ifsta->state = IEEE80211_IBSS_SEARCH;
2258 schedule_delayed_work(&ifsta->work, interval);
2259 return 0;
2260 }
2261
2262 return 0;
2263 }
2264
2265
2266 int ieee80211_sta_set_ssid(struct net_device *dev, char *ssid, size_t len)
2267 {
2268 struct ieee80211_sub_if_data *sdata;
2269 struct ieee80211_if_sta *ifsta;
2270 struct ieee80211_local *local = dev->ieee80211_ptr;
2271
2272 if (len > IEEE80211_MAX_SSID_LEN)
2273 return -EINVAL;
2274
2275 /* TODO: This should always be done for IBSS, even if IEEE80211_QOS is
2276 * not defined. */
2277 if (local->ops->conf_tx) {
2278 struct ieee80211_tx_queue_params qparam;
2279 int i;
2280
2281 memset(&qparam, 0, sizeof(qparam));
2282 /* TODO: are these ok defaults for all hw_modes? */
2283 qparam.aifs = 2;
2284 qparam.cw_min =
2285 local->hw.conf.phymode == MODE_IEEE80211B ? 31 : 15;
2286 qparam.cw_max = 1023;
2287 qparam.burst_time = 0;
2288 for (i = IEEE80211_TX_QUEUE_DATA0; i < NUM_TX_DATA_QUEUES; i++)
2289 {
2290 local->ops->conf_tx(local_to_hw(local),
2291 i + IEEE80211_TX_QUEUE_DATA0,
2292 &qparam);
2293 }
2294 /* IBSS uses different parameters for Beacon sending */
2295 qparam.cw_min++;
2296 qparam.cw_min *= 2;
2297 qparam.cw_min--;
2298 local->ops->conf_tx(local_to_hw(local),
2299 IEEE80211_TX_QUEUE_BEACON, &qparam);
2300 }
2301
2302 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2303 ifsta = &sdata->u.sta;
2304
2305 if (ifsta->ssid_len != len || memcmp(ifsta->ssid, ssid, len) != 0)
2306 ifsta->prev_bssid_set = 0;
2307 memcpy(ifsta->ssid, ssid, len);
2308 memset(ifsta->ssid + len, 0, IEEE80211_MAX_SSID_LEN - len);
2309 ifsta->ssid_len = len;
2310
2311 ifsta->ssid_set = 1;
2312 if (sdata->type == IEEE80211_IF_TYPE_IBSS && !ifsta->bssid_set) {
2313 ifsta->ibss_join_req = jiffies;
2314 ifsta->state = IEEE80211_IBSS_SEARCH;
2315 return ieee80211_sta_find_ibss(dev, ifsta);
2316 }
2317
2318 if (ifsta->bssid_set && ifsta->state != IEEE80211_AUTHENTICATE)
2319 ieee80211_sta_new_auth(dev, ifsta);
2320
2321 return 0;
2322 }
2323
2324
2325 int ieee80211_sta_get_ssid(struct net_device *dev, char *ssid, size_t *len)
2326 {
2327 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2328 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2329 memcpy(ssid, ifsta->ssid, ifsta->ssid_len);
2330 *len = ifsta->ssid_len;
2331 return 0;
2332 }
2333
2334
2335 int ieee80211_sta_set_bssid(struct net_device *dev, u8 *bssid)
2336 {
2337 struct ieee80211_sub_if_data *sdata;
2338 struct ieee80211_if_sta *ifsta;
2339 int res;
2340
2341 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2342 ifsta = &sdata->u.sta;
2343
2344 if (memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0) {
2345 memcpy(ifsta->bssid, bssid, ETH_ALEN);
2346 res = ieee80211_if_config(dev);
2347 if (res) {
2348 printk(KERN_DEBUG "%s: Failed to config new BSSID to "
2349 "the low-level driver\n", dev->name);
2350 return res;
2351 }
2352 }
2353
2354 if (memcmp(bssid, "\x00\x00\x00\x00\x00\x00", ETH_ALEN) == 0)
2355 ifsta->bssid_set = 0;
2356 else
2357 ifsta->bssid_set = 1;
2358 if (ifsta->ssid_set && ifsta->state != IEEE80211_AUTHENTICATE)
2359 ieee80211_sta_new_auth(dev, ifsta);
2360
2361 return 0;
2362 }
2363
2364
2365 static void ieee80211_sta_save_oper_chan(struct net_device *dev)
2366 {
2367 struct ieee80211_local *local = dev->ieee80211_ptr;
2368 local->scan_oper_channel = local->hw.conf.channel;
2369 local->scan_oper_channel_val = local->hw.conf.channel_val;
2370 local->scan_oper_power_level = local->hw.conf.power_level;
2371 local->scan_oper_freq = local->hw.conf.freq;
2372 local->scan_oper_phymode = local->hw.conf.phymode;
2373 local->scan_oper_antenna_max = local->hw.conf.antenna_max;
2374 }
2375
2376
2377 static int ieee80211_sta_restore_oper_chan(struct net_device *dev)
2378 {
2379 struct ieee80211_local *local = dev->ieee80211_ptr;
2380 local->hw.conf.channel = local->scan_oper_channel;
2381 local->hw.conf.channel_val = local->scan_oper_channel_val;
2382 local->hw.conf.power_level = local->scan_oper_power_level;
2383 local->hw.conf.freq = local->scan_oper_freq;
2384 local->hw.conf.phymode = local->scan_oper_phymode;
2385 local->hw.conf.antenna_max = local->scan_oper_antenna_max;
2386 return ieee80211_hw_config(local);
2387 }
2388
2389
2390 static int ieee80211_active_scan(struct ieee80211_local *local)
2391 {
2392 struct ieee80211_hw_mode *mode;
2393 int c;
2394
2395 list_for_each_entry(mode, &local->modes_list, list) {
2396 if (mode->mode != local->hw.conf.phymode)
2397 continue;
2398 for (c = 0; c < mode->num_channels; c++) {
2399 struct ieee80211_channel *chan = &mode->channels[c];
2400 if (chan->flag & IEEE80211_CHAN_W_SCAN &&
2401 chan->chan == local->hw.conf.channel) {
2402 if (chan->flag & IEEE80211_CHAN_W_ACTIVE_SCAN)
2403 return 1;
2404 break;
2405 }
2406 }
2407 }
2408
2409 return 0;
2410 }
2411
2412
2413 void ieee80211_scan_completed(struct ieee80211_hw *hw)
2414 {
2415 struct ieee80211_local *local = hw_to_local(hw);
2416 struct net_device *dev = local->scan_dev;
2417 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2418 union iwreq_data wrqu;
2419
2420 printk(KERN_DEBUG "%s: scan completed\n", dev->name);
2421 local->sta_scanning = 0;
2422 local->last_scan_completed = jiffies;
2423
2424 memset(&wrqu, 0, sizeof(wrqu));
2425 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL);
2426
2427 if (sdata->type == IEEE80211_IF_TYPE_IBSS) {
2428 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2429 if (!ifsta->bssid_set ||
2430 (!ifsta->state == IEEE80211_IBSS_JOINED &&
2431 !ieee80211_sta_active_ibss(dev)))
2432 ieee80211_sta_find_ibss(dev, ifsta);
2433 }
2434 }
2435 EXPORT_SYMBOL(ieee80211_scan_completed);
2436
2437 void ieee80211_sta_scan_work(struct work_struct *work)
2438 {
2439 struct ieee80211_local *local =
2440 container_of(work, struct ieee80211_local, scan_work.work);
2441 struct net_device *dev = local->scan_dev;
2442 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2443 struct ieee80211_hw_mode *mode;
2444 struct ieee80211_channel *chan;
2445 int skip;
2446 unsigned long next_delay = 0;
2447
2448 if (!local->sta_scanning)
2449 return;
2450
2451 switch (local->scan_state) {
2452 case SCAN_SET_CHANNEL:
2453 mode = local->scan_hw_mode;
2454 if (local->scan_hw_mode->list.next == &local->modes_list &&
2455 local->scan_channel_idx >= mode->num_channels) {
2456 if (ieee80211_sta_restore_oper_chan(dev)) {
2457 printk(KERN_DEBUG "%s: failed to restore "
2458 "operational channel after scan\n",
2459 dev->name);
2460 }
2461
2462 ieee80211_scan_completed(local_to_hw(local));
2463 return;
2464 }
2465 skip = !(local->enabled_modes & (1 << mode->mode));
2466 chan = &mode->channels[local->scan_channel_idx];
2467 if (!(chan->flag & IEEE80211_CHAN_W_SCAN) ||
2468 (sdata->type == IEEE80211_IF_TYPE_IBSS &&
2469 !(chan->flag & IEEE80211_CHAN_W_IBSS)) ||
2470 (local->hw_modes & local->enabled_modes &
2471 (1 << MODE_IEEE80211G) && mode->mode == MODE_IEEE80211B))
2472 skip = 1;
2473
2474 if (!skip) {
2475 #if 0
2476 printk(KERN_DEBUG "%s: scan channel %d (%d MHz)\n",
2477 dev->name, chan->chan, chan->freq);
2478 #endif
2479
2480 local->hw.conf.channel = chan->chan;
2481 local->hw.conf.channel_val = chan->val;
2482 local->hw.conf.power_level = chan->power_level;
2483 local->hw.conf.freq = chan->freq;
2484 local->hw.conf.phymode = mode->mode;
2485 local->hw.conf.antenna_max = chan->antenna_max;
2486 if (ieee80211_hw_config(local)) {
2487 printk(KERN_DEBUG "%s: failed to set channel "
2488 "%d (%d MHz) for scan\n", dev->name,
2489 chan->chan, chan->freq);
2490 skip = 1;
2491 }
2492 }
2493
2494 local->scan_channel_idx++;
2495 if (local->scan_channel_idx >= local->scan_hw_mode->num_channels) {
2496 if (local->scan_hw_mode->list.next != &local->modes_list) {
2497 local->scan_hw_mode = list_entry(local->scan_hw_mode->list.next,
2498 struct ieee80211_hw_mode,
2499 list);
2500 local->scan_channel_idx = 0;
2501 }
2502 }
2503
2504 if (skip)
2505 break;
2506
2507 next_delay = IEEE80211_PROBE_DELAY +
2508 usecs_to_jiffies(local->hw.channel_change_time);
2509 local->scan_state = SCAN_SEND_PROBE;
2510 break;
2511 case SCAN_SEND_PROBE:
2512 if (ieee80211_active_scan(local)) {
2513 ieee80211_send_probe_req(dev, NULL, local->scan_ssid,
2514 local->scan_ssid_len);
2515 next_delay = IEEE80211_CHANNEL_TIME;
2516 } else
2517 next_delay = IEEE80211_PASSIVE_CHANNEL_TIME;
2518 local->scan_state = SCAN_SET_CHANNEL;
2519 break;
2520 }
2521
2522 if (local->sta_scanning) {
2523 if (next_delay)
2524 schedule_delayed_work(&local->scan_work, next_delay);
2525 else
2526 schedule_work(&local->scan_work.work);
2527 }
2528 }
2529
2530
2531 int ieee80211_sta_req_scan(struct net_device *dev, u8 *ssid, size_t ssid_len)
2532 {
2533 struct ieee80211_local *local = dev->ieee80211_ptr;
2534
2535 if (ssid_len > IEEE80211_MAX_SSID_LEN)
2536 return -EINVAL;
2537
2538 /* MLME-SCAN.request (page 118) page 144 (11.1.3.1)
2539 * BSSType: INFRASTRUCTURE, INDEPENDENT, ANY_BSS
2540 * BSSID: MACAddress
2541 * SSID
2542 * ScanType: ACTIVE, PASSIVE
2543 * ProbeDelay: delay (in microseconds) to be used prior to transmitting
2544 * a Probe frame during active scanning
2545 * ChannelList
2546 * MinChannelTime (>= ProbeDelay), in TU
2547 * MaxChannelTime: (>= MinChannelTime), in TU
2548 */
2549
2550 /* MLME-SCAN.confirm
2551 * BSSDescriptionSet
2552 * ResultCode: SUCCESS, INVALID_PARAMETERS
2553 */
2554
2555 /* TODO: if assoc, move to power save mode for the duration of the
2556 * scan */
2557
2558 if (local->sta_scanning) {
2559 if (local->scan_dev == dev)
2560 return 0;
2561 return -EBUSY;
2562 }
2563
2564 printk(KERN_DEBUG "%s: starting scan\n", dev->name);
2565
2566 if (local->ops->hw_scan) {
2567 int rc = local->ops->hw_scan(local_to_hw(local),
2568 ssid, ssid_len);
2569 if (!rc) {
2570 local->sta_scanning = 1;
2571 local->scan_dev = dev;
2572 }
2573 return rc;
2574 }
2575
2576 ieee80211_sta_save_oper_chan(dev);
2577
2578 local->sta_scanning = 1;
2579 /* TODO: stop TX queue? */
2580
2581 if (ssid) {
2582 local->scan_ssid_len = ssid_len;
2583 memcpy(local->scan_ssid, ssid, ssid_len);
2584 } else
2585 local->scan_ssid_len = 0;
2586 local->scan_state = SCAN_SET_CHANNEL;
2587 local->scan_hw_mode = list_entry(local->modes_list.next,
2588 struct ieee80211_hw_mode,
2589 list);
2590 local->scan_channel_idx = 0;
2591 local->scan_dev = dev;
2592 schedule_work(&local->scan_work.work);
2593
2594 return 0;
2595 }
2596
2597
2598 static char *
2599 ieee80211_sta_scan_result(struct net_device *dev,
2600 struct ieee80211_sta_bss *bss,
2601 char *current_ev, char *end_buf)
2602 {
2603 struct ieee80211_local *local = dev->ieee80211_ptr;
2604 struct iw_event iwe;
2605
2606 if (time_after(jiffies,
2607 bss->last_update + IEEE80211_SCAN_RESULT_EXPIRE))
2608 return current_ev;
2609
2610 if (!(local->enabled_modes & (1 << bss->hw_mode)))
2611 return current_ev;
2612
2613 if (local->scan_flags & IEEE80211_SCAN_WPA_ONLY &&
2614 !bss->wpa_ie && !bss->rsn_ie)
2615 return current_ev;
2616
2617 if (local->scan_flags & IEEE80211_SCAN_MATCH_SSID &&
2618 (local->scan_ssid_len != bss->ssid_len ||
2619 memcmp(local->scan_ssid, bss->ssid, bss->ssid_len) != 0))
2620 return current_ev;
2621
2622 memset(&iwe, 0, sizeof(iwe));
2623 iwe.cmd = SIOCGIWAP;
2624 iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
2625 memcpy(iwe.u.ap_addr.sa_data, bss->bssid, ETH_ALEN);
2626 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
2627 IW_EV_ADDR_LEN);
2628
2629 memset(&iwe, 0, sizeof(iwe));
2630 iwe.cmd = SIOCGIWESSID;
2631 iwe.u.data.length = bss->ssid_len;
2632 iwe.u.data.flags = 1;
2633 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
2634 bss->ssid);
2635
2636 if (bss->capability & (WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_IBSS)) {
2637 memset(&iwe, 0, sizeof(iwe));
2638 iwe.cmd = SIOCGIWMODE;
2639 if (bss->capability & WLAN_CAPABILITY_ESS)
2640 iwe.u.mode = IW_MODE_MASTER;
2641 else
2642 iwe.u.mode = IW_MODE_ADHOC;
2643 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
2644 IW_EV_UINT_LEN);
2645 }
2646
2647 memset(&iwe, 0, sizeof(iwe));
2648 iwe.cmd = SIOCGIWFREQ;
2649 iwe.u.freq.m = bss->freq * 100000;
2650 iwe.u.freq.e = 1;
2651 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
2652 IW_EV_FREQ_LEN);
2653
2654 memset(&iwe, 0, sizeof(iwe));
2655 iwe.cmd = SIOCGIWENCODE;
2656 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
2657 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
2658 else
2659 iwe.u.data.flags = IW_ENCODE_DISABLED;
2660 iwe.u.data.length = 0;
2661 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe, "");
2662
2663 if (bss && bss->wpa_ie) {
2664 char *buf, *p;
2665 int i;
2666 buf = kmalloc(30 + bss->wpa_ie_len * 2, GFP_ATOMIC);
2667 if (buf) {
2668 p = buf;
2669 p += sprintf(p, "wpa_ie=");
2670 for (i = 0; i < bss->wpa_ie_len; i++)
2671 p+= sprintf(p, "%02x", bss->wpa_ie[i]);
2672 memset(&iwe, 0, sizeof(iwe));
2673 iwe.cmd = IWEVCUSTOM;
2674 iwe.u.data.length = strlen(buf);
2675 current_ev = iwe_stream_add_point(current_ev, end_buf,
2676 &iwe, buf);
2677 kfree(buf);
2678 }
2679 }
2680
2681 if (bss && bss->rsn_ie) {
2682 char *buf, *p;
2683 int i;
2684 buf = kmalloc(30 + bss->rsn_ie_len * 2, GFP_ATOMIC);
2685 if (buf) {
2686 p = buf;
2687 p += sprintf(p, "rsn_ie=");
2688 for (i = 0; i < bss->rsn_ie_len; i++)
2689 p+= sprintf(p, "%02x", bss->rsn_ie[i]);
2690 memset(&iwe, 0, sizeof(iwe));
2691 iwe.cmd = IWEVCUSTOM;
2692 iwe.u.data.length = strlen(buf);
2693 current_ev = iwe_stream_add_point(current_ev, end_buf,
2694 &iwe, buf);
2695 kfree(buf);
2696 }
2697 }
2698
2699 if (bss) {
2700 char *buf;
2701 buf = kmalloc(30, GFP_ATOMIC);
2702 if (buf) {
2703 memset(&iwe, 0, sizeof(iwe));
2704 iwe.cmd = IWEVCUSTOM;
2705 sprintf(buf, "tsf=%016llx", (unsigned long long)(bss->timestamp));
2706 iwe.u.data.length = strlen(buf);
2707 current_ev = iwe_stream_add_point(current_ev, end_buf,
2708 &iwe, buf);
2709 kfree(buf);
2710 }
2711 }
2712
2713 do {
2714 char *buf, *p;
2715 int i;
2716
2717 if (!(local->scan_flags & IEEE80211_SCAN_EXTRA_INFO))
2718 break;
2719
2720 buf = kmalloc(100, GFP_ATOMIC);
2721 if (!buf)
2722 break;
2723
2724 memset(&iwe, 0, sizeof(iwe));
2725 iwe.cmd = IWEVCUSTOM;
2726 sprintf(buf, "bcn_int=%d", bss->beacon_int);
2727 iwe.u.data.length = strlen(buf);
2728 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
2729 buf);
2730
2731 memset(&iwe, 0, sizeof(iwe));
2732 iwe.cmd = IWEVCUSTOM;
2733 sprintf(buf, "rssi=%d", bss->rssi);
2734 iwe.u.data.length = strlen(buf);
2735 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
2736 buf);
2737
2738 memset(&iwe, 0, sizeof(iwe));
2739 iwe.cmd = IWEVCUSTOM;
2740 sprintf(buf, "capab=0x%04x", bss->capability);
2741 iwe.u.data.length = strlen(buf);
2742 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
2743 buf);
2744
2745 /* dispaly all support rates in readable format */
2746 p = current_ev + IW_EV_LCP_LEN;
2747 iwe.cmd = SIOCGIWRATE;
2748 /* Those two flags are ignored... */
2749 iwe.u.bitrate.fixed = iwe.u.bitrate.disabled = 0;
2750
2751 for (i = 0; i < bss->supp_rates_len; i++) {
2752 iwe.u.bitrate.value = ((bss->supp_rates[i] &
2753 0x7f) * 500000);
2754 p = iwe_stream_add_value(current_ev, p,
2755 end_buf, &iwe, IW_EV_PARAM_LEN);
2756 }
2757 /* Check if we added any rate */
2758 if((p - current_ev) > IW_EV_LCP_LEN)
2759 current_ev = p;
2760
2761 kfree(buf);
2762 break;
2763 } while (0);
2764
2765 return current_ev;
2766 }
2767
2768
2769 int ieee80211_sta_scan_results(struct net_device *dev, char *buf, size_t len)
2770 {
2771 struct ieee80211_local *local = dev->ieee80211_ptr;
2772 char *current_ev = buf;
2773 char *end_buf = buf + len;
2774 struct ieee80211_sta_bss *bss;
2775
2776 spin_lock_bh(&local->sta_bss_lock);
2777 list_for_each_entry(bss, &local->sta_bss_list, list) {
2778 if (buf + len - current_ev <= IW_EV_ADDR_LEN) {
2779 spin_unlock_bh(&local->sta_bss_lock);
2780 return -E2BIG;
2781 }
2782 current_ev = ieee80211_sta_scan_result(dev, bss, current_ev,
2783 end_buf);
2784 }
2785 spin_unlock_bh(&local->sta_bss_lock);
2786 return current_ev - buf;
2787 }
2788
2789
2790 int ieee80211_sta_set_extra_ie(struct net_device *dev, char *ie, size_t len)
2791 {
2792 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2793 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2794 kfree(ifsta->extra_ie);
2795 if (len == 0) {
2796 ifsta->extra_ie = NULL;
2797 ifsta->extra_ie_len = 0;
2798 return 0;
2799 }
2800 ifsta->extra_ie = kmalloc(len, GFP_KERNEL);
2801 if (!ifsta->extra_ie) {
2802 ifsta->extra_ie_len = 0;
2803 return -ENOMEM;
2804 }
2805 memcpy(ifsta->extra_ie, ie, len);
2806 ifsta->extra_ie_len = len;
2807 if (ifsta->bssid_set && ifsta->ssid_set &&
2808 ifsta->state != IEEE80211_AUTHENTICATE)
2809 ieee80211_sta_new_auth(dev, ifsta);
2810 return 0;
2811 }
2812
2813
2814 struct sta_info * ieee80211_ibss_add_sta(struct net_device *dev,
2815 struct sk_buff *skb, u8 *bssid,
2816 u8 *addr)
2817 {
2818 struct ieee80211_local *local = dev->ieee80211_ptr;
2819 struct sta_info *sta;
2820 struct ieee80211_sub_if_data *sdata = NULL;
2821 struct net_device *sta_dev = NULL;
2822
2823 /* TODO: Could consider removing the least recently used entry and
2824 * allow new one to be added. */
2825 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
2826 if (net_ratelimit()) {
2827 printk(KERN_DEBUG "%s: No room for a new IBSS STA "
2828 "entry " MAC_FMT "\n", dev->name, MAC_ARG(addr));
2829 }
2830 return NULL;
2831 }
2832
2833 spin_lock_bh(&local->sub_if_lock);
2834 list_for_each_entry(sdata, &local->sub_if_list, list)
2835 if (sdata->type == IEEE80211_IF_TYPE_IBSS &&
2836 memcmp(bssid, sdata->u.sta.bssid, ETH_ALEN) == 0) {
2837 sta_dev = sdata->dev;
2838 break;
2839 }
2840 spin_unlock_bh(&local->sub_if_lock);
2841
2842 if (!sta_dev)
2843 return NULL;
2844
2845 printk(KERN_DEBUG "%s: Adding new IBSS station " MAC_FMT " (dev=%s)\n",
2846 dev->name, MAC_ARG(addr), sta_dev->name);
2847
2848 sta = sta_info_add(local, dev, addr, GFP_ATOMIC);
2849 if (!sta)
2850 return NULL;
2851
2852 sta->dev = sta_dev;
2853 sta->supp_rates = sdata->u.sta.supp_rates_bits;
2854
2855 rate_control_rate_init(sta, local);
2856
2857 return sta; /* caller will call sta_info_put() */
2858 }
2859
2860
2861 int ieee80211_sta_deauthenticate(struct net_device *dev, u16 reason)
2862 {
2863 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2864 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2865
2866 printk(KERN_DEBUG "%s: deauthenticate(reason=%d)\n",
2867 dev->name, reason);
2868
2869 if (sdata->type != IEEE80211_IF_TYPE_STA &&
2870 sdata->type != IEEE80211_IF_TYPE_IBSS)
2871 return -EINVAL;
2872
2873 ieee80211_send_deauth(dev, ifsta, reason);
2874 ieee80211_set_disassoc(dev, ifsta, 1);
2875 return 0;
2876 }
2877
2878
2879 int ieee80211_sta_disassociate(struct net_device *dev, u16 reason)
2880 {
2881 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2882 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2883
2884 printk(KERN_DEBUG "%s: disassociate(reason=%d)\n",
2885 dev->name, reason);
2886
2887 if (sdata->type != IEEE80211_IF_TYPE_STA)
2888 return -EINVAL;
2889
2890 if (!ifsta->associated)
2891 return -1;
2892
2893 ieee80211_send_disassoc(dev, ifsta, reason);
2894 ieee80211_set_disassoc(dev, ifsta, 0);
2895 return 0;
2896 }
This page took 0.193979 seconds and 5 git commands to generate.