1/* 2 * BSS client mode implementation 3 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi> 4 * Copyright 2004, Instant802 Networks, Inc. 5 * Copyright 2005, Devicescape Software, Inc. 6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 7 * Copyright 2007, Michael Wu <flamingice@sourmilk.net> 8 * 9 * This program is free software; you can redistribute it and/or modify 10 * it under the terms of the GNU General Public License version 2 as 11 * published by the Free Software Foundation. 12 */ 13 14/* TODO: 15 * BSS table: use <BSSID,SSID> as the key to support multi-SSID APs 16 * order BSS list by RSSI(?) ("quality of AP") 17 * scan result table filtering (by capability (privacy, IBSS/BSS, WPA/RSN IE, 18 * SSID) 19 */ 20#include <linux/delay.h> 21#include <linux/if_ether.h> 22#include <linux/skbuff.h> 23#include <linux/netdevice.h> 24#include <linux/if_arp.h> 25#include <linux/wireless.h> 26#include <linux/random.h> 27#include <linux/etherdevice.h> 28#include <linux/rtnetlink.h> 29#include <net/iw_handler.h> 30#include <asm/types.h> 31 32#include <net/mac80211.h> 33#include "ieee80211_i.h" 34#include "ieee80211_rate.h" 35#include "hostapd_ioctl.h" 36 37#define IEEE80211_AUTH_TIMEOUT (HZ / 5) 38#define IEEE80211_AUTH_MAX_TRIES 3 39#define IEEE80211_ASSOC_TIMEOUT (HZ / 5) 40#define IEEE80211_ASSOC_MAX_TRIES 3 41#define IEEE80211_MONITORING_INTERVAL (2 * HZ) 42#define IEEE80211_PROBE_INTERVAL (60 * HZ) 43#define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ) 44#define IEEE80211_SCAN_INTERVAL (2 * HZ) 45#define IEEE80211_SCAN_INTERVAL_SLOW (15 * HZ) 46#define IEEE80211_IBSS_JOIN_TIMEOUT (20 * HZ) 47 48#define IEEE80211_PROBE_DELAY (HZ / 33) 49#define IEEE80211_CHANNEL_TIME (HZ / 33) 50#define IEEE80211_PASSIVE_CHANNEL_TIME (HZ / 5) 51#define IEEE80211_SCAN_RESULT_EXPIRE (10 * HZ) 52#define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ) 53#define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ) 54 55#define IEEE80211_IBSS_MAX_STA_ENTRIES 128 56 57 58#define IEEE80211_FC(type, stype) cpu_to_le16(type | stype) 59 60#define ERP_INFO_USE_PROTECTION BIT(1) 61 62static void ieee80211_send_probe_req(struct net_device *dev, u8 *dst, 63 u8 *ssid, size_t ssid_len); 64static struct ieee80211_sta_bss * 65ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid); 66static void ieee80211_rx_bss_put(struct net_device *dev, 67 struct ieee80211_sta_bss *bss); 68static int ieee80211_sta_find_ibss(struct net_device *dev, 69 struct ieee80211_if_sta *ifsta); 70static int ieee80211_sta_wep_configured(struct net_device *dev); 71static int ieee80211_sta_start_scan(struct net_device *dev, 72 u8 *ssid, size_t ssid_len); 73static int ieee80211_sta_config_auth(struct net_device *dev, 74 struct ieee80211_if_sta *ifsta); 75 76 77/* Parsed Information Elements */ 78struct ieee802_11_elems { 79 u8 *ssid; 80 u8 ssid_len; 81 u8 *supp_rates; 82 u8 supp_rates_len; 83 u8 *fh_params; 84 u8 fh_params_len; 85 u8 *ds_params; 86 u8 ds_params_len; 87 u8 *cf_params; 88 u8 cf_params_len; 89 u8 *tim; 90 u8 tim_len; 91 u8 *ibss_params; 92 u8 ibss_params_len; 93 u8 *challenge; 94 u8 challenge_len; 95 u8 *wpa; 96 u8 wpa_len; 97 u8 *rsn; 98 u8 rsn_len; 99 u8 *erp_info; 100 u8 erp_info_len; 101 u8 *ext_supp_rates; 102 u8 ext_supp_rates_len; 103 u8 *wmm_info; 104 u8 wmm_info_len; 105 u8 *wmm_param; 106 u8 wmm_param_len; 107}; 108 109typedef enum { ParseOK = 0, ParseUnknown = 1, ParseFailed = -1 } ParseRes; 110 111 112static ParseRes ieee802_11_parse_elems(u8 *start, size_t len, 113 struct ieee802_11_elems *elems) 114{ 115 size_t left = len; 116 u8 *pos = start; 117 int unknown = 0; 118 119 memset(elems, 0, sizeof(*elems)); 120 121 while (left >= 2) { 122 u8 id, elen; 123 124 id = *pos++; 125 elen = *pos++; 126 left -= 2; 127 128 if (elen > left) { 129 return ParseFailed; 130 } 131 132 switch (id) { 133 case WLAN_EID_SSID: 134 elems->ssid = pos; 135 elems->ssid_len = elen; 136 break; 137 case WLAN_EID_SUPP_RATES: 138 elems->supp_rates = pos; 139 elems->supp_rates_len = elen; 140 break; 141 case WLAN_EID_FH_PARAMS: 142 elems->fh_params = pos; 143 elems->fh_params_len = elen; 144 break; 145 case WLAN_EID_DS_PARAMS: 146 elems->ds_params = pos; 147 elems->ds_params_len = elen; 148 break; 149 case WLAN_EID_CF_PARAMS: 150 elems->cf_params = pos; 151 elems->cf_params_len = elen; 152 break; 153 case WLAN_EID_TIM: 154 elems->tim = pos; 155 elems->tim_len = elen; 156 break; 157 case WLAN_EID_IBSS_PARAMS: 158 elems->ibss_params = pos; 159 elems->ibss_params_len = elen; 160 break; 161 case WLAN_EID_CHALLENGE: 162 elems->challenge = pos; 163 elems->challenge_len = elen; 164 break; 165 case WLAN_EID_WPA: 166 if (elen >= 4 && pos[0] == 0x00 && pos[1] == 0x50 && 167 pos[2] == 0xf2) { 168 /* Microsoft OUI (00:50:F2) */ 169 if (pos[3] == 1) { 170 /* OUI Type 1 - WPA IE */ 171 elems->wpa = pos; 172 elems->wpa_len = elen; 173 } else if (elen >= 5 && pos[3] == 2) { 174 if (pos[4] == 0) { 175 elems->wmm_info = pos; 176 elems->wmm_info_len = elen; 177 } else if (pos[4] == 1) { 178 elems->wmm_param = pos; 179 elems->wmm_param_len = elen; 180 } 181 } 182 } 183 break; 184 case WLAN_EID_RSN: 185 elems->rsn = pos; 186 elems->rsn_len = elen; 187 break; 188 case WLAN_EID_ERP_INFO: 189 elems->erp_info = pos; 190 elems->erp_info_len = elen; 191 break; 192 case WLAN_EID_EXT_SUPP_RATES: 193 elems->ext_supp_rates = pos; 194 elems->ext_supp_rates_len = elen; 195 break; 196 default: 197 unknown++; 198 break; 199 } 200 201 left -= elen; 202 pos += elen; 203 } 204 205 /* Do not trigger error if left == 1 as Apple Airport base stations 206 * send AssocResps that are one spurious byte too long. */ 207 208 return unknown ? ParseUnknown : ParseOK; 209} 210 211 212 213 214static int ecw2cw(int ecw) 215{ 216 int cw = 1; 217 while (ecw > 0) { 218 cw <<= 1; 219 ecw--; 220 } 221 return cw - 1; 222} 223 224 225static void ieee80211_sta_wmm_params(struct net_device *dev, 226 struct ieee80211_if_sta *ifsta, 227 u8 *wmm_param, size_t wmm_param_len) 228{ 229 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 230 struct ieee80211_tx_queue_params params; 231 size_t left; 232 int count; 233 u8 *pos; 234 235 if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1) 236 return; 237 count = wmm_param[6] & 0x0f; 238 if (count == ifsta->wmm_last_param_set) 239 return; 240 ifsta->wmm_last_param_set = count; 241 242 pos = wmm_param + 8; 243 left = wmm_param_len - 8; 244 245 memset(¶ms, 0, sizeof(params)); 246 247 if (!local->ops->conf_tx) 248 return; 249 250 local->wmm_acm = 0; 251 for (; left >= 4; left -= 4, pos += 4) { 252 int aci = (pos[0] >> 5) & 0x03; 253 int acm = (pos[0] >> 4) & 0x01; 254 int queue; 255 256 switch (aci) { 257 case 1: 258 queue = IEEE80211_TX_QUEUE_DATA3; 259 if (acm) { 260 local->wmm_acm |= BIT(0) | BIT(3); 261 } 262 break; 263 case 2: 264 queue = IEEE80211_TX_QUEUE_DATA1; 265 if (acm) { 266 local->wmm_acm |= BIT(4) | BIT(5); 267 } 268 break; 269 case 3: 270 queue = IEEE80211_TX_QUEUE_DATA0; 271 if (acm) { 272 local->wmm_acm |= BIT(6) | BIT(7); 273 } 274 break; 275 case 0: 276 default: 277 queue = IEEE80211_TX_QUEUE_DATA2; 278 if (acm) { 279 local->wmm_acm |= BIT(1) | BIT(2); 280 } 281 break; 282 } 283 284 params.aifs = pos[0] & 0x0f; 285 params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4); 286 params.cw_min = ecw2cw(pos[1] & 0x0f); 287 /* TXOP is in units of 32 usec; burst_time in 0.1 ms */ 288 params.burst_time = (pos[2] | (pos[3] << 8)) * 32 / 100; 289 printk(KERN_DEBUG "%s: WMM queue=%d aci=%d acm=%d aifs=%d " 290 "cWmin=%d cWmax=%d burst=%d\n", 291 dev->name, queue, aci, acm, params.aifs, params.cw_min, 292 params.cw_max, params.burst_time); 293 /* TODO: handle ACM (block TX, fallback to next lowest allowed 294 * AC for now) */ 295 if (local->ops->conf_tx(local_to_hw(local), queue, ¶ms)) { 296 printk(KERN_DEBUG "%s: failed to set TX queue " 297 "parameters for queue %d\n", dev->name, queue); 298 } 299 } 300} 301 302 303static void ieee80211_sta_send_associnfo(struct net_device *dev, 304 struct ieee80211_if_sta *ifsta) 305{ 306 char *buf; 307 size_t len; 308 int i; 309 union iwreq_data wrqu; 310 311 if (!ifsta->assocreq_ies && !ifsta->assocresp_ies) 312 return; 313 314 buf = kmalloc(50 + 2 * (ifsta->assocreq_ies_len + 315 ifsta->assocresp_ies_len), GFP_ATOMIC); 316 if (!buf) 317 return; 318 319 len = sprintf(buf, "ASSOCINFO("); 320 if (ifsta->assocreq_ies) { 321 len += sprintf(buf + len, "ReqIEs="); 322 for (i = 0; i < ifsta->assocreq_ies_len; i++) { 323 len += sprintf(buf + len, "%02x", 324 ifsta->assocreq_ies[i]); 325 } 326 } 327 if (ifsta->assocresp_ies) { 328 if (ifsta->assocreq_ies) 329 len += sprintf(buf + len, " "); 330 len += sprintf(buf + len, "RespIEs="); 331 for (i = 0; i < ifsta->assocresp_ies_len; i++) { 332 len += sprintf(buf + len, "%02x", 333 ifsta->assocresp_ies[i]); 334 } 335 } 336 len += sprintf(buf + len, ")"); 337 338 if (len > IW_CUSTOM_MAX) { 339 len = sprintf(buf, "ASSOCRESPIE="); 340 for (i = 0; i < ifsta->assocresp_ies_len; i++) { 341 len += sprintf(buf + len, "%02x", 342 ifsta->assocresp_ies[i]); 343 } 344 } 345 346 memset(&wrqu, 0, sizeof(wrqu)); 347 wrqu.data.length = len; 348 wireless_send_event(dev, IWEVCUSTOM, &wrqu, buf); 349 350 kfree(buf); 351} 352 353 354static void ieee80211_set_associated(struct net_device *dev, 355 struct ieee80211_if_sta *ifsta, int assoc) 356{ 357 union iwreq_data wrqu; 358 359 if (ifsta->associated == assoc) 360 return; 361 362 ifsta->associated = assoc; 363 364 if (assoc) { 365 struct ieee80211_sub_if_data *sdata; 366 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 367 if (sdata->type != IEEE80211_IF_TYPE_STA) 368 return; 369 netif_carrier_on(dev); 370 ifsta->prev_bssid_set = 1; 371 memcpy(ifsta->prev_bssid, sdata->u.sta.bssid, ETH_ALEN); 372 memcpy(wrqu.ap_addr.sa_data, sdata->u.sta.bssid, ETH_ALEN); 373 ieee80211_sta_send_associnfo(dev, ifsta); 374 } else { 375 netif_carrier_off(dev); 376 memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN); 377 } 378 wrqu.ap_addr.sa_family = ARPHRD_ETHER; 379 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL); 380 ifsta->last_probe = jiffies; 381} 382 383static void ieee80211_set_disassoc(struct net_device *dev, 384 struct ieee80211_if_sta *ifsta, int deauth) 385{ 386 if (deauth) 387 ifsta->auth_tries = 0; 388 ifsta->assoc_tries = 0; 389 ieee80211_set_associated(dev, ifsta, 0); 390} 391 392static void ieee80211_sta_tx(struct net_device *dev, struct sk_buff *skb, 393 int encrypt) 394{ 395 struct ieee80211_sub_if_data *sdata; 396 struct ieee80211_tx_packet_data *pkt_data; 397 398 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 399 skb->dev = sdata->local->mdev; 400 skb_set_mac_header(skb, 0); 401 skb_set_network_header(skb, 0); 402 skb_set_transport_header(skb, 0); 403 404 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb; 405 memset(pkt_data, 0, sizeof(struct ieee80211_tx_packet_data)); 406 pkt_data->ifindex = sdata->dev->ifindex; 407 pkt_data->mgmt_iface = (sdata->type == IEEE80211_IF_TYPE_MGMT); 408 pkt_data->do_not_encrypt = !encrypt; 409 410 dev_queue_xmit(skb); 411} 412 413 414static void ieee80211_send_auth(struct net_device *dev, 415 struct ieee80211_if_sta *ifsta, 416 int transaction, u8 *extra, size_t extra_len, 417 int encrypt) 418{ 419 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 420 struct sk_buff *skb; 421 struct ieee80211_mgmt *mgmt; 422 423 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 424 sizeof(*mgmt) + 6 + extra_len); 425 if (!skb) { 426 printk(KERN_DEBUG "%s: failed to allocate buffer for auth " 427 "frame\n", dev->name); 428 return; 429 } 430 skb_reserve(skb, local->hw.extra_tx_headroom); 431 432 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24 + 6); 433 memset(mgmt, 0, 24 + 6); 434 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT, 435 IEEE80211_STYPE_AUTH); 436 if (encrypt) 437 mgmt->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED); 438 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN); 439 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN); 440 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN); 441 mgmt->u.auth.auth_alg = cpu_to_le16(ifsta->auth_alg); 442 mgmt->u.auth.auth_transaction = cpu_to_le16(transaction); 443 ifsta->auth_transaction = transaction + 1; 444 mgmt->u.auth.status_code = cpu_to_le16(0); 445 if (extra) 446 memcpy(skb_put(skb, extra_len), extra, extra_len); 447 448 ieee80211_sta_tx(dev, skb, encrypt); 449} 450 451 452static void ieee80211_authenticate(struct net_device *dev, 453 struct ieee80211_if_sta *ifsta) 454{ 455 ifsta->auth_tries++; 456 if (ifsta->auth_tries > IEEE80211_AUTH_MAX_TRIES) { 457 printk(KERN_DEBUG "%s: authentication with AP " MAC_FMT 458 " timed out\n", 459 dev->name, MAC_ARG(ifsta->bssid)); 460 ifsta->state = IEEE80211_DISABLED; 461 return; 462 } 463 464 ifsta->state = IEEE80211_AUTHENTICATE; 465 printk(KERN_DEBUG "%s: authenticate with AP " MAC_FMT "\n", 466 dev->name, MAC_ARG(ifsta->bssid)); 467 468 ieee80211_send_auth(dev, ifsta, 1, NULL, 0, 0); 469 470 mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT); 471} 472 473 474static void ieee80211_send_assoc(struct net_device *dev, 475 struct ieee80211_if_sta *ifsta) 476{ 477 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 478 struct ieee80211_hw_mode *mode; 479 struct sk_buff *skb; 480 struct ieee80211_mgmt *mgmt; 481 u8 *pos, *ies; 482 int i, len; 483 u16 capab; 484 struct ieee80211_sta_bss *bss; 485 int wmm = 0; 486 487 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 488 sizeof(*mgmt) + 200 + ifsta->extra_ie_len + 489 ifsta->ssid_len); 490 if (!skb) { 491 printk(KERN_DEBUG "%s: failed to allocate buffer for assoc " 492 "frame\n", dev->name); 493 return; 494 } 495 skb_reserve(skb, local->hw.extra_tx_headroom); 496 497 mode = local->oper_hw_mode; 498 capab = ifsta->capab; 499 if (mode->mode == MODE_IEEE80211G) { 500 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME | 501 WLAN_CAPABILITY_SHORT_PREAMBLE; 502 } 503 bss = ieee80211_rx_bss_get(dev, ifsta->bssid); 504 if (bss) { 505 if (bss->capability & WLAN_CAPABILITY_PRIVACY) 506 capab |= WLAN_CAPABILITY_PRIVACY; 507 if (bss->wmm_ie) { 508 wmm = 1; 509 } 510 ieee80211_rx_bss_put(dev, bss); 511 } 512 513 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24); 514 memset(mgmt, 0, 24); 515 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN); 516 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN); 517 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN); 518 519 if (ifsta->prev_bssid_set) { 520 skb_put(skb, 10); 521 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT, 522 IEEE80211_STYPE_REASSOC_REQ); 523 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab); 524 mgmt->u.reassoc_req.listen_interval = cpu_to_le16(1); 525 memcpy(mgmt->u.reassoc_req.current_ap, ifsta->prev_bssid, 526 ETH_ALEN); 527 } else { 528 skb_put(skb, 4); 529 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT, 530 IEEE80211_STYPE_ASSOC_REQ); 531 mgmt->u.assoc_req.capab_info = cpu_to_le16(capab); 532 mgmt->u.assoc_req.listen_interval = cpu_to_le16(1); 533 } 534 535 /* SSID */ 536 ies = pos = skb_put(skb, 2 + ifsta->ssid_len); 537 *pos++ = WLAN_EID_SSID; 538 *pos++ = ifsta->ssid_len; 539 memcpy(pos, ifsta->ssid, ifsta->ssid_len); 540 541 len = mode->num_rates; 542 if (len > 8) 543 len = 8; 544 pos = skb_put(skb, len + 2); 545 *pos++ = WLAN_EID_SUPP_RATES; 546 *pos++ = len; 547 for (i = 0; i < len; i++) { 548 int rate = mode->rates[i].rate; 549 if (mode->mode == MODE_ATHEROS_TURBO) 550 rate /= 2; 551 *pos++ = (u8) (rate / 5); 552 } 553 554 if (mode->num_rates > len) { 555 pos = skb_put(skb, mode->num_rates - len + 2); 556 *pos++ = WLAN_EID_EXT_SUPP_RATES; 557 *pos++ = mode->num_rates - len; 558 for (i = len; i < mode->num_rates; i++) { 559 int rate = mode->rates[i].rate; 560 if (mode->mode == MODE_ATHEROS_TURBO) 561 rate /= 2; 562 *pos++ = (u8) (rate / 5); 563 } 564 } 565 566 if (ifsta->extra_ie) { 567 pos = skb_put(skb, ifsta->extra_ie_len); 568 memcpy(pos, ifsta->extra_ie, ifsta->extra_ie_len); 569 } 570 571 if (wmm && ifsta->wmm_enabled) { 572 pos = skb_put(skb, 9); 573 *pos++ = WLAN_EID_VENDOR_SPECIFIC; 574 *pos++ = 7; /* len */ 575 *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */ 576 *pos++ = 0x50; 577 *pos++ = 0xf2; 578 *pos++ = 2; /* WME */ 579 *pos++ = 0; /* WME info */ 580 *pos++ = 1; /* WME ver */ 581 *pos++ = 0; 582 } 583 584 kfree(ifsta->assocreq_ies); 585 ifsta->assocreq_ies_len = (skb->data + skb->len) - ies; 586 ifsta->assocreq_ies = kmalloc(ifsta->assocreq_ies_len, GFP_ATOMIC); 587 if (ifsta->assocreq_ies) 588 memcpy(ifsta->assocreq_ies, ies, ifsta->assocreq_ies_len); 589 590 ieee80211_sta_tx(dev, skb, 0); 591} 592 593 594static void ieee80211_send_deauth(struct net_device *dev, 595 struct ieee80211_if_sta *ifsta, u16 reason) 596{ 597 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 598 struct sk_buff *skb; 599 struct ieee80211_mgmt *mgmt; 600 601 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt)); 602 if (!skb) { 603 printk(KERN_DEBUG "%s: failed to allocate buffer for deauth " 604 "frame\n", dev->name); 605 return; 606 } 607 skb_reserve(skb, local->hw.extra_tx_headroom); 608 609 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24); 610 memset(mgmt, 0, 24); 611 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN); 612 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN); 613 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN); 614 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT, 615 IEEE80211_STYPE_DEAUTH); 616 skb_put(skb, 2); 617 mgmt->u.deauth.reason_code = cpu_to_le16(reason); 618 619 ieee80211_sta_tx(dev, skb, 0); 620} 621 622 623static void ieee80211_send_disassoc(struct net_device *dev, 624 struct ieee80211_if_sta *ifsta, u16 reason) 625{ 626 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 627 struct sk_buff *skb; 628 struct ieee80211_mgmt *mgmt; 629 630 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt)); 631 if (!skb) { 632 printk(KERN_DEBUG "%s: failed to allocate buffer for disassoc " 633 "frame\n", dev->name); 634 return; 635 } 636 skb_reserve(skb, local->hw.extra_tx_headroom); 637 638 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24); 639 memset(mgmt, 0, 24); 640 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN); 641 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN); 642 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN); 643 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT, 644 IEEE80211_STYPE_DISASSOC); 645 skb_put(skb, 2); 646 mgmt->u.disassoc.reason_code = cpu_to_le16(reason); 647 648 ieee80211_sta_tx(dev, skb, 0); 649} 650 651 652static int ieee80211_privacy_mismatch(struct net_device *dev, 653 struct ieee80211_if_sta *ifsta) 654{ 655 struct ieee80211_sta_bss *bss; 656 int res = 0; 657 658 if (!ifsta || ifsta->mixed_cell || 659 ifsta->key_mgmt != IEEE80211_KEY_MGMT_NONE) 660 return 0; 661 662 bss = ieee80211_rx_bss_get(dev, ifsta->bssid); 663 if (!bss) 664 return 0; 665 666 if (ieee80211_sta_wep_configured(dev) != 667 !!(bss->capability & WLAN_CAPABILITY_PRIVACY)) 668 res = 1; 669 670 ieee80211_rx_bss_put(dev, bss); 671 672 return res; 673} 674 675 676static void ieee80211_associate(struct net_device *dev, 677 struct ieee80211_if_sta *ifsta) 678{ 679 ifsta->assoc_tries++; 680 if (ifsta->assoc_tries > IEEE80211_ASSOC_MAX_TRIES) { 681 printk(KERN_DEBUG "%s: association with AP " MAC_FMT 682 " timed out\n", 683 dev->name, MAC_ARG(ifsta->bssid)); 684 ifsta->state = IEEE80211_DISABLED; 685 return; 686 } 687 688 ifsta->state = IEEE80211_ASSOCIATE; 689 printk(KERN_DEBUG "%s: associate with AP " MAC_FMT "\n", 690 dev->name, MAC_ARG(ifsta->bssid)); 691 if (ieee80211_privacy_mismatch(dev, ifsta)) { 692 printk(KERN_DEBUG "%s: mismatch in privacy configuration and " 693 "mixed-cell disabled - abort association\n", dev->name); 694 ifsta->state = IEEE80211_DISABLED; 695 return; 696 } 697 698 ieee80211_send_assoc(dev, ifsta); 699 700 mod_timer(&ifsta->timer, jiffies + IEEE80211_ASSOC_TIMEOUT); 701} 702 703 704static void ieee80211_associated(struct net_device *dev, 705 struct ieee80211_if_sta *ifsta) 706{ 707 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 708 struct sta_info *sta; 709 int disassoc; 710 711 /* TODO: start monitoring current AP signal quality and number of 712 * missed beacons. Scan other channels every now and then and search 713 * for better APs. */ 714 /* TODO: remove expired BSSes */ 715 716 ifsta->state = IEEE80211_ASSOCIATED; 717 718 sta = sta_info_get(local, ifsta->bssid); 719 if (!sta) { 720 printk(KERN_DEBUG "%s: No STA entry for own AP " MAC_FMT "\n", 721 dev->name, MAC_ARG(ifsta->bssid)); 722 disassoc = 1; 723 } else { 724 disassoc = 0; 725 if (time_after(jiffies, 726 sta->last_rx + IEEE80211_MONITORING_INTERVAL)) { 727 if (ifsta->probereq_poll) { 728 printk(KERN_DEBUG "%s: No ProbeResp from " 729 "current AP " MAC_FMT " - assume out of " 730 "range\n", 731 dev->name, MAC_ARG(ifsta->bssid)); 732 disassoc = 1; 733 sta_info_free(sta, 0); 734 ifsta->probereq_poll = 0; 735 } else { 736 ieee80211_send_probe_req(dev, ifsta->bssid, 737 local->scan_ssid, 738 local->scan_ssid_len); 739 ifsta->probereq_poll = 1; 740 } 741 } else { 742 ifsta->probereq_poll = 0; 743 if (time_after(jiffies, ifsta->last_probe + 744 IEEE80211_PROBE_INTERVAL)) { 745 ifsta->last_probe = jiffies; 746 ieee80211_send_probe_req(dev, ifsta->bssid, 747 ifsta->ssid, 748 ifsta->ssid_len); 749 } 750 } 751 sta_info_put(sta); 752 } 753 if (disassoc) { 754 union iwreq_data wrqu; 755 memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN); 756 wrqu.ap_addr.sa_family = ARPHRD_ETHER; 757 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL); 758 mod_timer(&ifsta->timer, jiffies + 759 IEEE80211_MONITORING_INTERVAL + 30 * HZ); 760 } else { 761 mod_timer(&ifsta->timer, jiffies + 762 IEEE80211_MONITORING_INTERVAL); 763 } 764} 765 766 767static void ieee80211_send_probe_req(struct net_device *dev, u8 *dst, 768 u8 *ssid, size_t ssid_len) 769{ 770 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 771 struct ieee80211_hw_mode *mode; 772 struct sk_buff *skb; 773 struct ieee80211_mgmt *mgmt; 774 u8 *pos, *supp_rates, *esupp_rates = NULL; 775 int i; 776 777 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) + 200); 778 if (!skb) { 779 printk(KERN_DEBUG "%s: failed to allocate buffer for probe " 780 "request\n", dev->name); 781 return; 782 } 783 skb_reserve(skb, local->hw.extra_tx_headroom); 784 785 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24); 786 memset(mgmt, 0, 24); 787 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT, 788 IEEE80211_STYPE_PROBE_REQ); 789 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN); 790 if (dst) { 791 memcpy(mgmt->da, dst, ETH_ALEN); 792 memcpy(mgmt->bssid, dst, ETH_ALEN); 793 } else { 794 memset(mgmt->da, 0xff, ETH_ALEN); 795 memset(mgmt->bssid, 0xff, ETH_ALEN); 796 } 797 pos = skb_put(skb, 2 + ssid_len); 798 *pos++ = WLAN_EID_SSID; 799 *pos++ = ssid_len; 800 memcpy(pos, ssid, ssid_len); 801 802 supp_rates = skb_put(skb, 2); 803 supp_rates[0] = WLAN_EID_SUPP_RATES; 804 supp_rates[1] = 0; 805 mode = local->oper_hw_mode; 806 for (i = 0; i < mode->num_rates; i++) { 807 struct ieee80211_rate *rate = &mode->rates[i]; 808 if (!(rate->flags & IEEE80211_RATE_SUPPORTED)) 809 continue; 810 if (esupp_rates) { 811 pos = skb_put(skb, 1); 812 esupp_rates[1]++; 813 } else if (supp_rates[1] == 8) { 814 esupp_rates = skb_put(skb, 3); 815 esupp_rates[0] = WLAN_EID_EXT_SUPP_RATES; 816 esupp_rates[1] = 1; 817 pos = &esupp_rates[2]; 818 } else { 819 pos = skb_put(skb, 1); 820 supp_rates[1]++; 821 } 822 if (mode->mode == MODE_ATHEROS_TURBO) 823 *pos = rate->rate / 10; 824 else 825 *pos = rate->rate / 5; 826 } 827 828 ieee80211_sta_tx(dev, skb, 0); 829} 830 831 832static int ieee80211_sta_wep_configured(struct net_device *dev) 833{ 834 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 835 if (!sdata || !sdata->default_key || 836 sdata->default_key->alg != ALG_WEP) 837 return 0; 838 return 1; 839} 840 841 842static void ieee80211_auth_completed(struct net_device *dev, 843 struct ieee80211_if_sta *ifsta) 844{ 845 printk(KERN_DEBUG "%s: authenticated\n", dev->name); 846 ifsta->authenticated = 1; 847 ieee80211_associate(dev, ifsta); 848} 849 850 851static void ieee80211_auth_challenge(struct net_device *dev, 852 struct ieee80211_if_sta *ifsta, 853 struct ieee80211_mgmt *mgmt, 854 size_t len) 855{ 856 u8 *pos; 857 struct ieee802_11_elems elems; 858 859 printk(KERN_DEBUG "%s: replying to auth challenge\n", dev->name); 860 pos = mgmt->u.auth.variable; 861 if (ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems) 862 == ParseFailed) { 863 printk(KERN_DEBUG "%s: failed to parse Auth(challenge)\n", 864 dev->name); 865 return; 866 } 867 if (!elems.challenge) { 868 printk(KERN_DEBUG "%s: no challenge IE in shared key auth " 869 "frame\n", dev->name); 870 return; 871 } 872 ieee80211_send_auth(dev, ifsta, 3, elems.challenge - 2, 873 elems.challenge_len + 2, 1); 874} 875 876 877static void ieee80211_rx_mgmt_auth(struct net_device *dev, 878 struct ieee80211_if_sta *ifsta, 879 struct ieee80211_mgmt *mgmt, 880 size_t len) 881{ 882 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 883 u16 auth_alg, auth_transaction, status_code; 884 885 if (ifsta->state != IEEE80211_AUTHENTICATE && 886 sdata->type != IEEE80211_IF_TYPE_IBSS) { 887 printk(KERN_DEBUG "%s: authentication frame received from " 888 MAC_FMT ", but not in authenticate state - ignored\n", 889 dev->name, MAC_ARG(mgmt->sa)); 890 return; 891 } 892 893 if (len < 24 + 6) { 894 printk(KERN_DEBUG "%s: too short (%zd) authentication frame " 895 "received from " MAC_FMT " - ignored\n", 896 dev->name, len, MAC_ARG(mgmt->sa)); 897 return; 898 } 899 900 if (sdata->type != IEEE80211_IF_TYPE_IBSS && 901 memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) { 902 printk(KERN_DEBUG "%s: authentication frame received from " 903 "unknown AP (SA=" MAC_FMT " BSSID=" MAC_FMT ") - " 904 "ignored\n", dev->name, MAC_ARG(mgmt->sa), 905 MAC_ARG(mgmt->bssid)); 906 return; 907 } 908 909 if (sdata->type != IEEE80211_IF_TYPE_IBSS && 910 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0) { 911 printk(KERN_DEBUG "%s: authentication frame received from " 912 "unknown BSSID (SA=" MAC_FMT " BSSID=" MAC_FMT ") - " 913 "ignored\n", dev->name, MAC_ARG(mgmt->sa), 914 MAC_ARG(mgmt->bssid)); 915 return; 916 } 917 918 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg); 919 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction); 920 status_code = le16_to_cpu(mgmt->u.auth.status_code); 921 922 printk(KERN_DEBUG "%s: RX authentication from " MAC_FMT " (alg=%d " 923 "transaction=%d status=%d)\n", 924 dev->name, MAC_ARG(mgmt->sa), auth_alg, 925 auth_transaction, status_code); 926 927 if (sdata->type == IEEE80211_IF_TYPE_IBSS) { 928 /* IEEE 802.11 standard does not require authentication in IBSS 929 * networks and most implementations do not seem to use it. 930 * However, try to reply to authentication attempts if someone 931 * has actually implemented this. 932 * TODO: Could implement shared key authentication. */ 933 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1) { 934 printk(KERN_DEBUG "%s: unexpected IBSS authentication " 935 "frame (alg=%d transaction=%d)\n", 936 dev->name, auth_alg, auth_transaction); 937 return; 938 } 939 ieee80211_send_auth(dev, ifsta, 2, NULL, 0, 0); 940 } 941 942 if (auth_alg != ifsta->auth_alg || 943 auth_transaction != ifsta->auth_transaction) { 944 printk(KERN_DEBUG "%s: unexpected authentication frame " 945 "(alg=%d transaction=%d)\n", 946 dev->name, auth_alg, auth_transaction); 947 return; 948 } 949 950 if (status_code != WLAN_STATUS_SUCCESS) { 951 printk(KERN_DEBUG "%s: AP denied authentication (auth_alg=%d " 952 "code=%d)\n", dev->name, ifsta->auth_alg, status_code); 953 if (status_code == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) { 954 u8 algs[3]; 955 const int num_algs = ARRAY_SIZE(algs); 956 int i, pos; 957 algs[0] = algs[1] = algs[2] = 0xff; 958 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN) 959 algs[0] = WLAN_AUTH_OPEN; 960 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY) 961 algs[1] = WLAN_AUTH_SHARED_KEY; 962 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP) 963 algs[2] = WLAN_AUTH_LEAP; 964 if (ifsta->auth_alg == WLAN_AUTH_OPEN) 965 pos = 0; 966 else if (ifsta->auth_alg == WLAN_AUTH_SHARED_KEY) 967 pos = 1; 968 else 969 pos = 2; 970 for (i = 0; i < num_algs; i++) { 971 pos++; 972 if (pos >= num_algs) 973 pos = 0; 974 if (algs[pos] == ifsta->auth_alg || 975 algs[pos] == 0xff) 976 continue; 977 if (algs[pos] == WLAN_AUTH_SHARED_KEY && 978 !ieee80211_sta_wep_configured(dev)) 979 continue; 980 ifsta->auth_alg = algs[pos]; 981 printk(KERN_DEBUG "%s: set auth_alg=%d for " 982 "next try\n", 983 dev->name, ifsta->auth_alg); 984 break; 985 } 986 } 987 return; 988 } 989 990 switch (ifsta->auth_alg) { 991 case WLAN_AUTH_OPEN: 992 case WLAN_AUTH_LEAP: 993 ieee80211_auth_completed(dev, ifsta); 994 break; 995 case WLAN_AUTH_SHARED_KEY: 996 if (ifsta->auth_transaction == 4) 997 ieee80211_auth_completed(dev, ifsta); 998 else 999 ieee80211_auth_challenge(dev, ifsta, mgmt, len); 1000 break; 1001 } 1002} 1003 1004 1005static void ieee80211_rx_mgmt_deauth(struct net_device *dev, 1006 struct ieee80211_if_sta *ifsta, 1007 struct ieee80211_mgmt *mgmt, 1008 size_t len) 1009{ 1010 u16 reason_code; 1011 1012 if (len < 24 + 2) { 1013 printk(KERN_DEBUG "%s: too short (%zd) deauthentication frame " 1014 "received from " MAC_FMT " - ignored\n", 1015 dev->name, len, MAC_ARG(mgmt->sa)); 1016 return; 1017 } 1018 1019 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) { 1020 printk(KERN_DEBUG "%s: deauthentication frame received from " 1021 "unknown AP (SA=" MAC_FMT " BSSID=" MAC_FMT ") - " 1022 "ignored\n", dev->name, MAC_ARG(mgmt->sa), 1023 MAC_ARG(mgmt->bssid)); 1024 return; 1025 } 1026 1027 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code); 1028 1029 printk(KERN_DEBUG "%s: RX deauthentication from " MAC_FMT 1030 " (reason=%d)\n", 1031 dev->name, MAC_ARG(mgmt->sa), reason_code); 1032 1033 if (ifsta->authenticated) { 1034 printk(KERN_DEBUG "%s: deauthenticated\n", dev->name); 1035 } 1036 1037 if (ifsta->state == IEEE80211_AUTHENTICATE || 1038 ifsta->state == IEEE80211_ASSOCIATE || 1039 ifsta->state == IEEE80211_ASSOCIATED) { 1040 ifsta->state = IEEE80211_AUTHENTICATE; 1041 mod_timer(&ifsta->timer, jiffies + 1042 IEEE80211_RETRY_AUTH_INTERVAL); 1043 } 1044 1045 ieee80211_set_disassoc(dev, ifsta, 1); 1046 ifsta->authenticated = 0; 1047} 1048 1049 1050static void ieee80211_rx_mgmt_disassoc(struct net_device *dev, 1051 struct ieee80211_if_sta *ifsta, 1052 struct ieee80211_mgmt *mgmt, 1053 size_t len) 1054{ 1055 u16 reason_code; 1056 1057 if (len < 24 + 2) { 1058 printk(KERN_DEBUG "%s: too short (%zd) disassociation frame " 1059 "received from " MAC_FMT " - ignored\n", 1060 dev->name, len, MAC_ARG(mgmt->sa)); 1061 return; 1062 } 1063 1064 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) { 1065 printk(KERN_DEBUG "%s: disassociation frame received from " 1066 "unknown AP (SA=" MAC_FMT " BSSID=" MAC_FMT ") - " 1067 "ignored\n", dev->name, MAC_ARG(mgmt->sa), 1068 MAC_ARG(mgmt->bssid)); 1069 return; 1070 } 1071 1072 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code); 1073 1074 printk(KERN_DEBUG "%s: RX disassociation from " MAC_FMT 1075 " (reason=%d)\n", 1076 dev->name, MAC_ARG(mgmt->sa), reason_code); 1077 1078 if (ifsta->associated) 1079 printk(KERN_DEBUG "%s: disassociated\n", dev->name); 1080 1081 if (ifsta->state == IEEE80211_ASSOCIATED) { 1082 ifsta->state = IEEE80211_ASSOCIATE; 1083 mod_timer(&ifsta->timer, jiffies + 1084 IEEE80211_RETRY_AUTH_INTERVAL); 1085 } 1086 1087 ieee80211_set_disassoc(dev, ifsta, 0); 1088} 1089 1090 1091static void ieee80211_rx_mgmt_assoc_resp(struct net_device *dev, 1092 struct ieee80211_if_sta *ifsta, 1093 struct ieee80211_mgmt *mgmt, 1094 size_t len, 1095 int reassoc) 1096{ 1097 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1098 struct ieee80211_hw_mode *mode; 1099 struct sta_info *sta; 1100 u32 rates; 1101 u16 capab_info, status_code, aid; 1102 struct ieee802_11_elems elems; 1103 u8 *pos; 1104 int i, j; 1105 1106 /* AssocResp and ReassocResp have identical structure, so process both 1107 * of them in this function. */ 1108 1109 if (ifsta->state != IEEE80211_ASSOCIATE) { 1110 printk(KERN_DEBUG "%s: association frame received from " 1111 MAC_FMT ", but not in associate state - ignored\n", 1112 dev->name, MAC_ARG(mgmt->sa)); 1113 return; 1114 } 1115 1116 if (len < 24 + 6) { 1117 printk(KERN_DEBUG "%s: too short (%zd) association frame " 1118 "received from " MAC_FMT " - ignored\n", 1119 dev->name, len, MAC_ARG(mgmt->sa)); 1120 return; 1121 } 1122 1123 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) { 1124 printk(KERN_DEBUG "%s: association frame received from " 1125 "unknown AP (SA=" MAC_FMT " BSSID=" MAC_FMT ") - " 1126 "ignored\n", dev->name, MAC_ARG(mgmt->sa), 1127 MAC_ARG(mgmt->bssid)); 1128 return; 1129 } 1130 1131 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info); 1132 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code); 1133 aid = le16_to_cpu(mgmt->u.assoc_resp.aid); 1134 if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14))) 1135 printk(KERN_DEBUG "%s: invalid aid value %d; bits 15:14 not " 1136 "set\n", dev->name, aid); 1137 aid &= ~(BIT(15) | BIT(14)); 1138 1139 printk(KERN_DEBUG "%s: RX %sssocResp from " MAC_FMT " (capab=0x%x " 1140 "status=%d aid=%d)\n", 1141 dev->name, reassoc ? "Rea" : "A", MAC_ARG(mgmt->sa), 1142 capab_info, status_code, aid); 1143 1144 if (status_code != WLAN_STATUS_SUCCESS) { 1145 printk(KERN_DEBUG "%s: AP denied association (code=%d)\n", 1146 dev->name, status_code); 1147 if (status_code == WLAN_STATUS_REASSOC_NO_ASSOC) 1148 ifsta->prev_bssid_set = 0; 1149 return; 1150 } 1151 1152 pos = mgmt->u.assoc_resp.variable; 1153 if (ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems) 1154 == ParseFailed) { 1155 printk(KERN_DEBUG "%s: failed to parse AssocResp\n", 1156 dev->name); 1157 return; 1158 } 1159 1160 if (!elems.supp_rates) { 1161 printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n", 1162 dev->name); 1163 return; 1164 } 1165 1166 printk(KERN_DEBUG "%s: associated\n", dev->name); 1167 ifsta->aid = aid; 1168 ifsta->ap_capab = capab_info; 1169 1170 kfree(ifsta->assocresp_ies); 1171 ifsta->assocresp_ies_len = len - (pos - (u8 *) mgmt); 1172 ifsta->assocresp_ies = kmalloc(ifsta->assocresp_ies_len, GFP_ATOMIC); 1173 if (ifsta->assocresp_ies) 1174 memcpy(ifsta->assocresp_ies, pos, ifsta->assocresp_ies_len); 1175 1176 ieee80211_set_associated(dev, ifsta, 1); 1177 1178 /* Add STA entry for the AP */ 1179 sta = sta_info_get(local, ifsta->bssid); 1180 if (!sta) { 1181 struct ieee80211_sta_bss *bss; 1182 sta = sta_info_add(local, dev, ifsta->bssid, GFP_ATOMIC); 1183 if (!sta) { 1184 printk(KERN_DEBUG "%s: failed to add STA entry for the" 1185 " AP\n", dev->name); 1186 return; 1187 } 1188 bss = ieee80211_rx_bss_get(dev, ifsta->bssid); 1189 if (bss) { 1190 sta->last_rssi = bss->rssi; 1191 sta->last_signal = bss->signal; 1192 sta->last_noise = bss->noise; 1193 ieee80211_rx_bss_put(dev, bss); 1194 } 1195 } 1196 1197 sta->dev = dev; 1198 sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC; 1199 sta->assoc_ap = 1; 1200 1201 rates = 0; 1202 mode = local->oper_hw_mode; 1203 for (i = 0; i < elems.supp_rates_len; i++) { 1204 int rate = (elems.supp_rates[i] & 0x7f) * 5; 1205 if (mode->mode == MODE_ATHEROS_TURBO) 1206 rate *= 2; 1207 for (j = 0; j < mode->num_rates; j++) 1208 if (mode->rates[j].rate == rate) 1209 rates |= BIT(j); 1210 } 1211 for (i = 0; i < elems.ext_supp_rates_len; i++) { 1212 int rate = (elems.ext_supp_rates[i] & 0x7f) * 5; 1213 if (mode->mode == MODE_ATHEROS_TURBO) 1214 rate *= 2; 1215 for (j = 0; j < mode->num_rates; j++) 1216 if (mode->rates[j].rate == rate) 1217 rates |= BIT(j); 1218 } 1219 sta->supp_rates = rates; 1220 1221 rate_control_rate_init(sta, local); 1222 1223 if (elems.wmm_param && ifsta->wmm_enabled) { 1224 sta->flags |= WLAN_STA_WME; 1225 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param, 1226 elems.wmm_param_len); 1227 } 1228 1229 1230 sta_info_put(sta); 1231 1232 ieee80211_associated(dev, ifsta); 1233} 1234 1235 1236/* Caller must hold local->sta_bss_lock */ 1237static void __ieee80211_rx_bss_hash_add(struct net_device *dev, 1238 struct ieee80211_sta_bss *bss) 1239{ 1240 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1241 bss->hnext = local->sta_bss_hash[STA_HASH(bss->bssid)]; 1242 local->sta_bss_hash[STA_HASH(bss->bssid)] = bss; 1243} 1244 1245 1246/* Caller must hold local->sta_bss_lock */ 1247static void __ieee80211_rx_bss_hash_del(struct net_device *dev, 1248 struct ieee80211_sta_bss *bss) 1249{ 1250 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1251 struct ieee80211_sta_bss *b, *prev = NULL; 1252 b = local->sta_bss_hash[STA_HASH(bss->bssid)]; 1253 while (b) { 1254 if (b == bss) { 1255 if (!prev) 1256 local->sta_bss_hash[STA_HASH(bss->bssid)] = 1257 bss->hnext; 1258 else 1259 prev->hnext = bss->hnext; 1260 break; 1261 } 1262 prev = b; 1263 b = b->hnext; 1264 } 1265} 1266 1267 1268static struct ieee80211_sta_bss * 1269ieee80211_rx_bss_add(struct net_device *dev, u8 *bssid) 1270{ 1271 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1272 struct ieee80211_sta_bss *bss; 1273 1274 bss = kmalloc(sizeof(*bss), GFP_ATOMIC); 1275 if (!bss) 1276 return NULL; 1277 memset(bss, 0, sizeof(*bss)); 1278 atomic_inc(&bss->users); 1279 atomic_inc(&bss->users); 1280 memcpy(bss->bssid, bssid, ETH_ALEN); 1281 1282 spin_lock_bh(&local->sta_bss_lock); 1283 /* TODO: order by RSSI? */ 1284 list_add_tail(&bss->list, &local->sta_bss_list); 1285 __ieee80211_rx_bss_hash_add(dev, bss); 1286 spin_unlock_bh(&local->sta_bss_lock); 1287 return bss; 1288} 1289 1290 1291static struct ieee80211_sta_bss * 1292ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid) 1293{ 1294 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1295 struct ieee80211_sta_bss *bss; 1296 1297 spin_lock_bh(&local->sta_bss_lock); 1298 bss = local->sta_bss_hash[STA_HASH(bssid)]; 1299 while (bss) { 1300 if (memcmp(bss->bssid, bssid, ETH_ALEN) == 0) { 1301 atomic_inc(&bss->users); 1302 break; 1303 } 1304 bss = bss->hnext; 1305 } 1306 spin_unlock_bh(&local->sta_bss_lock); 1307 return bss; 1308} 1309 1310 1311static void ieee80211_rx_bss_free(struct ieee80211_sta_bss *bss) 1312{ 1313 kfree(bss->wpa_ie); 1314 kfree(bss->rsn_ie); 1315 kfree(bss->wmm_ie); 1316 kfree(bss); 1317} 1318 1319 1320static void ieee80211_rx_bss_put(struct net_device *dev, 1321 struct ieee80211_sta_bss *bss) 1322{ 1323 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1324 if (!atomic_dec_and_test(&bss->users)) 1325 return; 1326 1327 spin_lock_bh(&local->sta_bss_lock); 1328 __ieee80211_rx_bss_hash_del(dev, bss); 1329 list_del(&bss->list); 1330 spin_unlock_bh(&local->sta_bss_lock); 1331 ieee80211_rx_bss_free(bss); 1332} 1333 1334 1335void ieee80211_rx_bss_list_init(struct net_device *dev) 1336{ 1337 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1338 spin_lock_init(&local->sta_bss_lock); 1339 INIT_LIST_HEAD(&local->sta_bss_list); 1340} 1341 1342 1343void ieee80211_rx_bss_list_deinit(struct net_device *dev) 1344{ 1345 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1346 struct ieee80211_sta_bss *bss, *tmp; 1347 1348 list_for_each_entry_safe(bss, tmp, &local->sta_bss_list, list) 1349 ieee80211_rx_bss_put(dev, bss); 1350} 1351 1352 1353static void ieee80211_rx_bss_info(struct net_device *dev, 1354 struct ieee80211_mgmt *mgmt, 1355 size_t len, 1356 struct ieee80211_rx_status *rx_status, 1357 int beacon) 1358{ 1359 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1360 struct ieee802_11_elems elems; 1361 size_t baselen; 1362 int channel, invalid = 0, clen; 1363 struct ieee80211_sta_bss *bss; 1364 struct sta_info *sta; 1365 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1366 u64 timestamp; 1367 1368 if (!beacon && memcmp(mgmt->da, dev->dev_addr, ETH_ALEN)) 1369 return; /* ignore ProbeResp to foreign address */ 1370 1371 1372 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt; 1373 if (baselen > len) 1374 return; 1375 1376 timestamp = le64_to_cpu(mgmt->u.beacon.timestamp); 1377 1378 if (sdata->type == IEEE80211_IF_TYPE_IBSS && beacon && 1379 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0) { 1380#ifdef CONFIG_MAC80211_IBSS_DEBUG 1381 static unsigned long last_tsf_debug = 0; 1382 u64 tsf; 1383 if (local->ops->get_tsf) 1384 tsf = local->ops->get_tsf(local_to_hw(local)); 1385 else 1386 tsf = -1LLU; 1387 if (time_after(jiffies, last_tsf_debug + 5 * HZ)) { 1388 printk(KERN_DEBUG "RX beacon SA=" MAC_FMT " BSSID=" 1389 MAC_FMT " TSF=0x%llx BCN=0x%llx diff=%lld " 1390 "@%lu\n", 1391 MAC_ARG(mgmt->sa), MAC_ARG(mgmt->bssid), 1392 (unsigned long long)tsf, 1393 (unsigned long long)timestamp, 1394 (unsigned long long)(tsf - timestamp), 1395 jiffies); 1396 last_tsf_debug = jiffies; 1397 } 1398#endif /* CONFIG_MAC80211_IBSS_DEBUG */ 1399 } 1400 1401 if (ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, 1402 &elems) == ParseFailed) 1403 invalid = 1; 1404 1405 if (sdata->type == IEEE80211_IF_TYPE_IBSS && elems.supp_rates && 1406 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0 && 1407 (sta = sta_info_get(local, mgmt->sa))) { 1408 struct ieee80211_hw_mode *mode; 1409 struct ieee80211_rate *rates; 1410 size_t num_rates; 1411 u32 supp_rates, prev_rates; 1412 int i, j; 1413 1414 mode = local->sta_scanning ? 1415 local->scan_hw_mode : local->oper_hw_mode; 1416 rates = mode->rates; 1417 num_rates = mode->num_rates; 1418 1419 supp_rates = 0; 1420 for (i = 0; i < elems.supp_rates_len + 1421 elems.ext_supp_rates_len; i++) { 1422 u8 rate = 0; 1423 int own_rate; 1424 if (i < elems.supp_rates_len) 1425 rate = elems.supp_rates[i]; 1426 else if (elems.ext_supp_rates) 1427 rate = elems.ext_supp_rates 1428 [i - elems.supp_rates_len]; 1429 own_rate = 5 * (rate & 0x7f); 1430 if (mode->mode == MODE_ATHEROS_TURBO) 1431 own_rate *= 2; 1432 for (j = 0; j < num_rates; j++) 1433 if (rates[j].rate == own_rate) 1434 supp_rates |= BIT(j); 1435 } 1436 1437 prev_rates = sta->supp_rates; 1438 sta->supp_rates &= supp_rates; 1439 if (sta->supp_rates == 0) { 1440 /* No matching rates - this should not really happen. 1441 * Make sure that at least one rate is marked 1442 * supported to avoid issues with TX rate ctrl. */ 1443 sta->supp_rates = sdata->u.sta.supp_rates_bits; 1444 } 1445 if (sta->supp_rates != prev_rates) { 1446 printk(KERN_DEBUG "%s: updated supp_rates set for " 1447 MAC_FMT " based on beacon info (0x%x & 0x%x -> " 1448 "0x%x)\n", 1449 dev->name, MAC_ARG(sta->addr), prev_rates, 1450 supp_rates, sta->supp_rates); 1451 } 1452 sta_info_put(sta); 1453 } 1454 1455 if (!elems.ssid) 1456 return; 1457 1458 if (elems.ds_params && elems.ds_params_len == 1) 1459 channel = elems.ds_params[0]; 1460 else 1461 channel = rx_status->channel; 1462 1463 bss = ieee80211_rx_bss_get(dev, mgmt->bssid); 1464 if (!bss) { 1465 bss = ieee80211_rx_bss_add(dev, mgmt->bssid); 1466 if (!bss) 1467 return; 1468 } else { 1469 } 1470 1471 if (bss->probe_resp && beacon) { 1472 /* Do not allow beacon to override data from Probe Response. */ 1473 ieee80211_rx_bss_put(dev, bss); 1474 return; 1475 } 1476 1477 bss->beacon_int = le16_to_cpu(mgmt->u.beacon.beacon_int); 1478 bss->capability = le16_to_cpu(mgmt->u.beacon.capab_info); 1479 if (elems.ssid && elems.ssid_len <= IEEE80211_MAX_SSID_LEN) { 1480 memcpy(bss->ssid, elems.ssid, elems.ssid_len); 1481 bss->ssid_len = elems.ssid_len; 1482 } 1483 1484 bss->supp_rates_len = 0; 1485 if (elems.supp_rates) { 1486 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len; 1487 if (clen > elems.supp_rates_len) 1488 clen = elems.supp_rates_len; 1489 memcpy(&bss->supp_rates[bss->supp_rates_len], elems.supp_rates, 1490 clen); 1491 bss->supp_rates_len += clen; 1492 } 1493 if (elems.ext_supp_rates) { 1494 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len; 1495 if (clen > elems.ext_supp_rates_len) 1496 clen = elems.ext_supp_rates_len; 1497 memcpy(&bss->supp_rates[bss->supp_rates_len], 1498 elems.ext_supp_rates, clen); 1499 bss->supp_rates_len += clen; 1500 } 1501 1502 if (elems.wpa && 1503 (!bss->wpa_ie || bss->wpa_ie_len != elems.wpa_len || 1504 memcmp(bss->wpa_ie, elems.wpa, elems.wpa_len))) { 1505 kfree(bss->wpa_ie); 1506 bss->wpa_ie = kmalloc(elems.wpa_len + 2, GFP_ATOMIC); 1507 if (bss->wpa_ie) { 1508 memcpy(bss->wpa_ie, elems.wpa - 2, elems.wpa_len + 2); 1509 bss->wpa_ie_len = elems.wpa_len + 2; 1510 } else 1511 bss->wpa_ie_len = 0; 1512 } else if (!elems.wpa && bss->wpa_ie) { 1513 kfree(bss->wpa_ie); 1514 bss->wpa_ie = NULL; 1515 bss->wpa_ie_len = 0; 1516 } 1517 1518 if (elems.rsn && 1519 (!bss->rsn_ie || bss->rsn_ie_len != elems.rsn_len || 1520 memcmp(bss->rsn_ie, elems.rsn, elems.rsn_len))) { 1521 kfree(bss->rsn_ie); 1522 bss->rsn_ie = kmalloc(elems.rsn_len + 2, GFP_ATOMIC); 1523 if (bss->rsn_ie) { 1524 memcpy(bss->rsn_ie, elems.rsn - 2, elems.rsn_len + 2); 1525 bss->rsn_ie_len = elems.rsn_len + 2; 1526 } else 1527 bss->rsn_ie_len = 0; 1528 } else if (!elems.rsn && bss->rsn_ie) { 1529 kfree(bss->rsn_ie); 1530 bss->rsn_ie = NULL; 1531 bss->rsn_ie_len = 0; 1532 } 1533 1534 if (elems.wmm_param && 1535 (!bss->wmm_ie || bss->wmm_ie_len != elems.wmm_param_len || 1536 memcmp(bss->wmm_ie, elems.wmm_param, elems.wmm_param_len))) { 1537 kfree(bss->wmm_ie); 1538 bss->wmm_ie = kmalloc(elems.wmm_param_len + 2, GFP_ATOMIC); 1539 if (bss->wmm_ie) { 1540 memcpy(bss->wmm_ie, elems.wmm_param - 2, 1541 elems.wmm_param_len + 2); 1542 bss->wmm_ie_len = elems.wmm_param_len + 2; 1543 } else 1544 bss->wmm_ie_len = 0; 1545 } else if (!elems.wmm_param && bss->wmm_ie) { 1546 kfree(bss->wmm_ie); 1547 bss->wmm_ie = NULL; 1548 bss->wmm_ie_len = 0; 1549 } 1550 1551 1552 bss->hw_mode = rx_status->phymode; 1553 bss->channel = channel; 1554 bss->freq = rx_status->freq; 1555 if (channel != rx_status->channel && 1556 (bss->hw_mode == MODE_IEEE80211G || 1557 bss->hw_mode == MODE_IEEE80211B) && 1558 channel >= 1 && channel <= 14) { 1559 static const int freq_list[] = { 1560 2412, 2417, 2422, 2427, 2432, 2437, 2442, 1561 2447, 2452, 2457, 2462, 2467, 2472, 2484 1562 }; 1563 /* IEEE 802.11g/b mode can receive packets from neighboring 1564 * channels, so map the channel into frequency. */ 1565 bss->freq = freq_list[channel - 1]; 1566 } 1567 bss->timestamp = timestamp; 1568 bss->last_update = jiffies; 1569 bss->rssi = rx_status->ssi; 1570 bss->signal = rx_status->signal; 1571 bss->noise = rx_status->noise; 1572 if (!beacon) 1573 bss->probe_resp++; 1574 ieee80211_rx_bss_put(dev, bss); 1575} 1576 1577 1578static void ieee80211_rx_mgmt_probe_resp(struct net_device *dev, 1579 struct ieee80211_mgmt *mgmt, 1580 size_t len, 1581 struct ieee80211_rx_status *rx_status) 1582{ 1583 ieee80211_rx_bss_info(dev, mgmt, len, rx_status, 0); 1584} 1585 1586 1587static void ieee80211_rx_mgmt_beacon(struct net_device *dev, 1588 struct ieee80211_mgmt *mgmt, 1589 size_t len, 1590 struct ieee80211_rx_status *rx_status) 1591{ 1592 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1593 struct ieee80211_sub_if_data *sdata; 1594 struct ieee80211_if_sta *ifsta; 1595 int use_protection; 1596 size_t baselen; 1597 struct ieee802_11_elems elems; 1598 1599 ieee80211_rx_bss_info(dev, mgmt, len, rx_status, 1); 1600 1601 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1602 if (sdata->type != IEEE80211_IF_TYPE_STA) 1603 return; 1604 ifsta = &sdata->u.sta; 1605 1606 if (!ifsta->associated || 1607 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0) 1608 return; 1609 1610 /* Process beacon from the current BSS */ 1611 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt; 1612 if (baselen > len) 1613 return; 1614 1615 if (ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, 1616 &elems) == ParseFailed) 1617 return; 1618 1619 use_protection = 0; 1620 if (elems.erp_info && elems.erp_info_len >= 1) { 1621 use_protection = 1622 (elems.erp_info[0] & ERP_INFO_USE_PROTECTION) != 0; 1623 } 1624 1625 if (use_protection != !!ifsta->use_protection) { 1626 if (net_ratelimit()) { 1627 printk(KERN_DEBUG "%s: CTS protection %s (BSSID=" 1628 MAC_FMT ")\n", 1629 dev->name, 1630 use_protection ? "enabled" : "disabled", 1631 MAC_ARG(ifsta->bssid)); 1632 } 1633 ifsta->use_protection = use_protection ? 1 : 0; 1634 local->cts_protect_erp_frames = use_protection; 1635 } 1636 1637 if (elems.wmm_param && ifsta->wmm_enabled) { 1638 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param, 1639 elems.wmm_param_len); 1640 } 1641} 1642 1643 1644static void ieee80211_rx_mgmt_probe_req(struct net_device *dev, 1645 struct ieee80211_if_sta *ifsta, 1646 struct ieee80211_mgmt *mgmt, 1647 size_t len, 1648 struct ieee80211_rx_status *rx_status) 1649{ 1650 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1651 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1652 int tx_last_beacon; 1653 struct sk_buff *skb; 1654 struct ieee80211_mgmt *resp; 1655 u8 *pos, *end; 1656 1657 if (sdata->type != IEEE80211_IF_TYPE_IBSS || 1658 ifsta->state != IEEE80211_IBSS_JOINED || 1659 len < 24 + 2 || !ifsta->probe_resp) 1660 return; 1661 1662 if (local->ops->tx_last_beacon) 1663 tx_last_beacon = local->ops->tx_last_beacon(local_to_hw(local)); 1664 else 1665 tx_last_beacon = 1; 1666 1667#ifdef CONFIG_MAC80211_IBSS_DEBUG 1668 printk(KERN_DEBUG "%s: RX ProbeReq SA=" MAC_FMT " DA=" MAC_FMT " BSSID=" 1669 MAC_FMT " (tx_last_beacon=%d)\n", 1670 dev->name, MAC_ARG(mgmt->sa), MAC_ARG(mgmt->da), 1671 MAC_ARG(mgmt->bssid), tx_last_beacon); 1672#endif /* CONFIG_MAC80211_IBSS_DEBUG */ 1673 1674 if (!tx_last_beacon) 1675 return; 1676 1677 if (memcmp(mgmt->bssid, ifsta->bssid, ETH_ALEN) != 0 && 1678 memcmp(mgmt->bssid, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0) 1679 return; 1680 1681 end = ((u8 *) mgmt) + len; 1682 pos = mgmt->u.probe_req.variable; 1683 if (pos[0] != WLAN_EID_SSID || 1684 pos + 2 + pos[1] > end) { 1685 if (net_ratelimit()) { 1686 printk(KERN_DEBUG "%s: Invalid SSID IE in ProbeReq " 1687 "from " MAC_FMT "\n", 1688 dev->name, MAC_ARG(mgmt->sa)); 1689 } 1690 return; 1691 } 1692 if (pos[1] != 0 && 1693 (pos[1] != ifsta->ssid_len || 1694 memcmp(pos + 2, ifsta->ssid, ifsta->ssid_len) != 0)) { 1695 /* Ignore ProbeReq for foreign SSID */ 1696 return; 1697 } 1698 1699 /* Reply with ProbeResp */ 1700 skb = skb_copy(ifsta->probe_resp, GFP_ATOMIC); 1701 if (!skb) 1702 return; 1703 1704 resp = (struct ieee80211_mgmt *) skb->data; 1705 memcpy(resp->da, mgmt->sa, ETH_ALEN); 1706#ifdef CONFIG_MAC80211_IBSS_DEBUG 1707 printk(KERN_DEBUG "%s: Sending ProbeResp to " MAC_FMT "\n", 1708 dev->name, MAC_ARG(resp->da)); 1709#endif /* CONFIG_MAC80211_IBSS_DEBUG */ 1710 ieee80211_sta_tx(dev, skb, 0); 1711} 1712 1713 1714void ieee80211_sta_rx_mgmt(struct net_device *dev, struct sk_buff *skb, 1715 struct ieee80211_rx_status *rx_status) 1716{ 1717 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1718 struct ieee80211_sub_if_data *sdata; 1719 struct ieee80211_if_sta *ifsta; 1720 struct ieee80211_mgmt *mgmt; 1721 u16 fc; 1722 1723 if (skb->len < 24) 1724 goto fail; 1725 1726 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1727 ifsta = &sdata->u.sta; 1728 1729 mgmt = (struct ieee80211_mgmt *) skb->data; 1730 fc = le16_to_cpu(mgmt->frame_control); 1731 1732 switch (fc & IEEE80211_FCTL_STYPE) { 1733 case IEEE80211_STYPE_PROBE_REQ: 1734 case IEEE80211_STYPE_PROBE_RESP: 1735 case IEEE80211_STYPE_BEACON: 1736 memcpy(skb->cb, rx_status, sizeof(*rx_status)); 1737 case IEEE80211_STYPE_AUTH: 1738 case IEEE80211_STYPE_ASSOC_RESP: 1739 case IEEE80211_STYPE_REASSOC_RESP: 1740 case IEEE80211_STYPE_DEAUTH: 1741 case IEEE80211_STYPE_DISASSOC: 1742 skb_queue_tail(&ifsta->skb_queue, skb); 1743 queue_work(local->hw.workqueue, &ifsta->work); 1744 return; 1745 default: 1746 printk(KERN_DEBUG "%s: received unknown management frame - " 1747 "stype=%d\n", dev->name, 1748 (fc & IEEE80211_FCTL_STYPE) >> 4); 1749 break; 1750 } 1751 1752 fail: 1753 kfree_skb(skb); 1754} 1755 1756 1757static void ieee80211_sta_rx_queued_mgmt(struct net_device *dev, 1758 struct sk_buff *skb) 1759{ 1760 struct ieee80211_rx_status *rx_status; 1761 struct ieee80211_sub_if_data *sdata; 1762 struct ieee80211_if_sta *ifsta; 1763 struct ieee80211_mgmt *mgmt; 1764 u16 fc; 1765 1766 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 1767 ifsta = &sdata->u.sta; 1768 1769 rx_status = (struct ieee80211_rx_status *) skb->cb; 1770 mgmt = (struct ieee80211_mgmt *) skb->data; 1771 fc = le16_to_cpu(mgmt->frame_control); 1772 1773 switch (fc & IEEE80211_FCTL_STYPE) { 1774 case IEEE80211_STYPE_PROBE_REQ: 1775 ieee80211_rx_mgmt_probe_req(dev, ifsta, mgmt, skb->len, 1776 rx_status); 1777 break; 1778 case IEEE80211_STYPE_PROBE_RESP: 1779 ieee80211_rx_mgmt_probe_resp(dev, mgmt, skb->len, rx_status); 1780 break; 1781 case IEEE80211_STYPE_BEACON: 1782 ieee80211_rx_mgmt_beacon(dev, mgmt, skb->len, rx_status); 1783 break; 1784 case IEEE80211_STYPE_AUTH: 1785 ieee80211_rx_mgmt_auth(dev, ifsta, mgmt, skb->len); 1786 break; 1787 case IEEE80211_STYPE_ASSOC_RESP: 1788 ieee80211_rx_mgmt_assoc_resp(dev, ifsta, mgmt, skb->len, 0); 1789 break; 1790 case IEEE80211_STYPE_REASSOC_RESP: 1791 ieee80211_rx_mgmt_assoc_resp(dev, ifsta, mgmt, skb->len, 1); 1792 break; 1793 case IEEE80211_STYPE_DEAUTH: 1794 ieee80211_rx_mgmt_deauth(dev, ifsta, mgmt, skb->len); 1795 break; 1796 case IEEE80211_STYPE_DISASSOC: 1797 ieee80211_rx_mgmt_disassoc(dev, ifsta, mgmt, skb->len); 1798 break; 1799 } 1800 1801 kfree_skb(skb); 1802} 1803 1804 1805void ieee80211_sta_rx_scan(struct net_device *dev, struct sk_buff *skb, 1806 struct ieee80211_rx_status *rx_status) 1807{ 1808 struct ieee80211_mgmt *mgmt; 1809 u16 fc; 1810 1811 if (skb->len < 24) { 1812 dev_kfree_skb(skb); 1813 return; 1814 } 1815 1816 mgmt = (struct ieee80211_mgmt *) skb->data; 1817 fc = le16_to_cpu(mgmt->frame_control); 1818 1819 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT) { 1820 if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PROBE_RESP) { 1821 ieee80211_rx_mgmt_probe_resp(dev, mgmt, 1822 skb->len, rx_status); 1823 } else if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_BEACON) { 1824 ieee80211_rx_mgmt_beacon(dev, mgmt, skb->len, 1825 rx_status); 1826 } 1827 } 1828 1829 dev_kfree_skb(skb); 1830} 1831 1832 1833static int ieee80211_sta_active_ibss(struct net_device *dev) 1834{ 1835 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1836 int active = 0; 1837 struct sta_info *sta; 1838 1839 spin_lock_bh(&local->sta_lock); 1840 list_for_each_entry(sta, &local->sta_list, list) { 1841 if (sta->dev == dev && 1842 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL, 1843 jiffies)) { 1844 active++; 1845 break; 1846 } 1847 } 1848 spin_unlock_bh(&local->sta_lock); 1849 1850 return active; 1851} 1852 1853 1854static void ieee80211_sta_expire(struct net_device *dev) 1855{ 1856 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1857 struct sta_info *sta, *tmp; 1858 1859 spin_lock_bh(&local->sta_lock); 1860 list_for_each_entry_safe(sta, tmp, &local->sta_list, list) 1861 if (time_after(jiffies, sta->last_rx + 1862 IEEE80211_IBSS_INACTIVITY_LIMIT)) { 1863 printk(KERN_DEBUG "%s: expiring inactive STA " MAC_FMT 1864 "\n", dev->name, MAC_ARG(sta->addr)); 1865 sta_info_free(sta, 1); 1866 } 1867 spin_unlock_bh(&local->sta_lock); 1868} 1869 1870 1871static void ieee80211_sta_merge_ibss(struct net_device *dev, 1872 struct ieee80211_if_sta *ifsta) 1873{ 1874 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL); 1875 1876 ieee80211_sta_expire(dev); 1877 if (ieee80211_sta_active_ibss(dev)) 1878 return; 1879 1880 printk(KERN_DEBUG "%s: No active IBSS STAs - trying to scan for other " 1881 "IBSS networks with same SSID (merge)\n", dev->name); 1882 ieee80211_sta_req_scan(dev, ifsta->ssid, ifsta->ssid_len); 1883} 1884 1885 1886void ieee80211_sta_timer(unsigned long data) 1887{ 1888 struct ieee80211_sub_if_data *sdata = 1889 (struct ieee80211_sub_if_data *) data; 1890 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 1891 struct ieee80211_local *local = wdev_priv(&sdata->wdev); 1892 1893 set_bit(IEEE80211_STA_REQ_RUN, &ifsta->request); 1894 queue_work(local->hw.workqueue, &ifsta->work); 1895} 1896 1897 1898void ieee80211_sta_work(struct work_struct *work) 1899{ 1900 struct ieee80211_sub_if_data *sdata = 1901 container_of(work, struct ieee80211_sub_if_data, u.sta.work); 1902 struct net_device *dev = sdata->dev; 1903 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1904 struct ieee80211_if_sta *ifsta; 1905 struct sk_buff *skb; 1906 1907 if (!netif_running(dev)) 1908 return; 1909 1910 if (local->sta_scanning) 1911 return; 1912 1913 if (sdata->type != IEEE80211_IF_TYPE_STA && 1914 sdata->type != IEEE80211_IF_TYPE_IBSS) { 1915 printk(KERN_DEBUG "%s: ieee80211_sta_work: non-STA interface " 1916 "(type=%d)\n", dev->name, sdata->type); 1917 return; 1918 } 1919 ifsta = &sdata->u.sta; 1920 1921 while ((skb = skb_dequeue(&ifsta->skb_queue))) 1922 ieee80211_sta_rx_queued_mgmt(dev, skb); 1923 1924 if (ifsta->state != IEEE80211_AUTHENTICATE && 1925 ifsta->state != IEEE80211_ASSOCIATE && 1926 test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request)) { 1927 ieee80211_sta_start_scan(dev, NULL, 0); 1928 return; 1929 } 1930 1931 if (test_and_clear_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request)) { 1932 if (ieee80211_sta_config_auth(dev, ifsta)) 1933 return; 1934 clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request); 1935 } else if (!test_and_clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request)) 1936 return; 1937 1938 switch (ifsta->state) { 1939 case IEEE80211_DISABLED: 1940 break; 1941 case IEEE80211_AUTHENTICATE: 1942 ieee80211_authenticate(dev, ifsta); 1943 break; 1944 case IEEE80211_ASSOCIATE: 1945 ieee80211_associate(dev, ifsta); 1946 break; 1947 case IEEE80211_ASSOCIATED: 1948 ieee80211_associated(dev, ifsta); 1949 break; 1950 case IEEE80211_IBSS_SEARCH: 1951 ieee80211_sta_find_ibss(dev, ifsta); 1952 break; 1953 case IEEE80211_IBSS_JOINED: 1954 ieee80211_sta_merge_ibss(dev, ifsta); 1955 break; 1956 default: 1957 printk(KERN_DEBUG "ieee80211_sta_work: Unknown state %d\n", 1958 ifsta->state); 1959 break; 1960 } 1961 1962 if (ieee80211_privacy_mismatch(dev, ifsta)) { 1963 printk(KERN_DEBUG "%s: privacy configuration mismatch and " 1964 "mixed-cell disabled - disassociate\n", dev->name); 1965 1966 ieee80211_send_disassoc(dev, ifsta, WLAN_REASON_UNSPECIFIED); 1967 ieee80211_set_disassoc(dev, ifsta, 0); 1968 } 1969} 1970 1971 1972static void ieee80211_sta_reset_auth(struct net_device *dev, 1973 struct ieee80211_if_sta *ifsta) 1974{ 1975 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 1976 1977 if (local->ops->reset_tsf) { 1978 /* Reset own TSF to allow time synchronization work. */ 1979 local->ops->reset_tsf(local_to_hw(local)); 1980 } 1981 1982 ifsta->wmm_last_param_set = -1; /* allow any WMM update */ 1983 1984 1985 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN) 1986 ifsta->auth_alg = WLAN_AUTH_OPEN; 1987 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY) 1988 ifsta->auth_alg = WLAN_AUTH_SHARED_KEY; 1989 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP) 1990 ifsta->auth_alg = WLAN_AUTH_LEAP; 1991 else 1992 ifsta->auth_alg = WLAN_AUTH_OPEN; 1993 printk(KERN_DEBUG "%s: Initial auth_alg=%d\n", dev->name, 1994 ifsta->auth_alg); 1995 ifsta->auth_transaction = -1; 1996 ifsta->associated = ifsta->auth_tries = ifsta->assoc_tries = 0; 1997 netif_carrier_off(dev); 1998} 1999 2000 2001void ieee80211_sta_req_auth(struct net_device *dev, 2002 struct ieee80211_if_sta *ifsta) 2003{ 2004 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 2005 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 2006 2007 if (sdata->type != IEEE80211_IF_TYPE_STA) 2008 return; 2009 2010 if ((ifsta->bssid_set || ifsta->auto_bssid_sel) && 2011 (ifsta->ssid_set || ifsta->auto_ssid_sel)) { 2012 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request); 2013 queue_work(local->hw.workqueue, &ifsta->work); 2014 } 2015} 2016 2017static int ieee80211_sta_match_ssid(struct ieee80211_if_sta *ifsta, 2018 const char *ssid, int ssid_len) 2019{ 2020 int tmp, hidden_ssid; 2021 2022 if (!memcmp(ifsta->ssid, ssid, ssid_len)) 2023 return 1; 2024 2025 if (ifsta->auto_bssid_sel) 2026 return 0; 2027 2028 hidden_ssid = 1; 2029 tmp = ssid_len; 2030 while (tmp--) { 2031 if (ssid[tmp] != '\0') { 2032 hidden_ssid = 0; 2033 break; 2034 } 2035 } 2036 2037 if (hidden_ssid && ifsta->ssid_len == ssid_len) 2038 return 1; 2039 2040 if (ssid_len == 1 && ssid[0] == ' ') 2041 return 1; 2042 2043 return 0; 2044} 2045 2046static int ieee80211_sta_config_auth(struct net_device *dev, 2047 struct ieee80211_if_sta *ifsta) 2048{ 2049 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 2050 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 2051 struct ieee80211_sta_bss *bss, *selected = NULL; 2052 int top_rssi = 0, freq; 2053 2054 rtnl_lock(); 2055 2056 if (!ifsta->auto_channel_sel && !ifsta->auto_bssid_sel && 2057 !ifsta->auto_ssid_sel) { 2058 ifsta->state = IEEE80211_AUTHENTICATE; 2059 rtnl_unlock(); 2060 ieee80211_sta_reset_auth(dev, ifsta); 2061 return 0; 2062 } 2063 2064 spin_lock_bh(&local->sta_bss_lock); 2065 freq = local->oper_channel->freq; 2066 list_for_each_entry(bss, &local->sta_bss_list, list) { 2067 if (!(bss->capability & WLAN_CAPABILITY_ESS)) 2068 continue; 2069 2070 if (!!(bss->capability & WLAN_CAPABILITY_PRIVACY) ^ 2071 !!sdata->default_key) 2072 continue; 2073 2074 if (!ifsta->auto_channel_sel && bss->freq != freq) 2075 continue; 2076 2077 if (!ifsta->auto_bssid_sel && 2078 memcmp(bss->bssid, ifsta->bssid, ETH_ALEN)) 2079 continue; 2080 2081 if (!ifsta->auto_ssid_sel && 2082 !ieee80211_sta_match_ssid(ifsta, bss->ssid, bss->ssid_len)) 2083 continue; 2084 2085 if (!selected || top_rssi < bss->rssi) { 2086 selected = bss; 2087 top_rssi = bss->rssi; 2088 } 2089 } 2090 if (selected) 2091 atomic_inc(&selected->users); 2092 spin_unlock_bh(&local->sta_bss_lock); 2093 2094 if (selected) { 2095 ieee80211_set_channel(local, -1, selected->freq); 2096 if (!ifsta->ssid_set) 2097 ieee80211_sta_set_ssid(dev, selected->ssid, 2098 selected->ssid_len); 2099 ieee80211_sta_set_bssid(dev, selected->bssid); 2100 ieee80211_rx_bss_put(dev, selected); 2101 ifsta->state = IEEE80211_AUTHENTICATE; 2102 rtnl_unlock(); 2103 ieee80211_sta_reset_auth(dev, ifsta); 2104 return 0; 2105 } else { 2106 if (ifsta->state != IEEE80211_AUTHENTICATE) { 2107 ieee80211_sta_start_scan(dev, NULL, 0); 2108 ifsta->state = IEEE80211_AUTHENTICATE; 2109 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request); 2110 } else 2111 ifsta->state = IEEE80211_DISABLED; 2112 } 2113 rtnl_unlock(); 2114 return -1; 2115} 2116 2117static int ieee80211_sta_join_ibss(struct net_device *dev, 2118 struct ieee80211_if_sta *ifsta, 2119 struct ieee80211_sta_bss *bss) 2120{ 2121 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 2122 int res, rates, i, j; 2123 struct sk_buff *skb; 2124 struct ieee80211_mgmt *mgmt; 2125 struct ieee80211_tx_control control; 2126 struct ieee80211_rate *rate; 2127 struct ieee80211_hw_mode *mode; 2128 struct rate_control_extra extra; 2129 u8 *pos; 2130 struct ieee80211_sub_if_data *sdata; 2131 2132 /* Remove possible STA entries from other IBSS networks. */ 2133 sta_info_flush(local, NULL); 2134 2135 if (local->ops->reset_tsf) { 2136 /* Reset own TSF to allow time synchronization work. */ 2137 local->ops->reset_tsf(local_to_hw(local)); 2138 } 2139 memcpy(ifsta->bssid, bss->bssid, ETH_ALEN); 2140 res = ieee80211_if_config(dev); 2141 if (res) 2142 return res; 2143 2144 local->hw.conf.beacon_int = bss->beacon_int >= 10 ? bss->beacon_int : 10; 2145 2146 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 2147 sdata->drop_unencrypted = bss->capability & 2148 WLAN_CAPABILITY_PRIVACY ? 1 : 0; 2149 2150 res = ieee80211_set_channel(local, -1, bss->freq); 2151 2152 if (!(local->oper_channel->flag & IEEE80211_CHAN_W_IBSS)) { 2153 printk(KERN_DEBUG "%s: IBSS not allowed on channel %d " 2154 "(%d MHz)\n", dev->name, local->hw.conf.channel, 2155 local->hw.conf.freq); 2156 return -1; 2157 } 2158 2159 /* Set beacon template based on scan results */ 2160 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400); 2161 do { 2162 if (!skb) 2163 break; 2164 2165 skb_reserve(skb, local->hw.extra_tx_headroom); 2166 2167 mgmt = (struct ieee80211_mgmt *) 2168 skb_put(skb, 24 + sizeof(mgmt->u.beacon)); 2169 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon)); 2170 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT, 2171 IEEE80211_STYPE_BEACON); 2172 memset(mgmt->da, 0xff, ETH_ALEN); 2173 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN); 2174 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN); 2175 mgmt->u.beacon.beacon_int = 2176 cpu_to_le16(local->hw.conf.beacon_int); 2177 mgmt->u.beacon.capab_info = cpu_to_le16(bss->capability); 2178 2179 pos = skb_put(skb, 2 + ifsta->ssid_len); 2180 *pos++ = WLAN_EID_SSID; 2181 *pos++ = ifsta->ssid_len; 2182 memcpy(pos, ifsta->ssid, ifsta->ssid_len); 2183 2184 rates = bss->supp_rates_len; 2185 if (rates > 8) 2186 rates = 8; 2187 pos = skb_put(skb, 2 + rates); 2188 *pos++ = WLAN_EID_SUPP_RATES; 2189 *pos++ = rates; 2190 memcpy(pos, bss->supp_rates, rates); 2191 2192 pos = skb_put(skb, 2 + 1); 2193 *pos++ = WLAN_EID_DS_PARAMS; 2194 *pos++ = 1; 2195 *pos++ = bss->channel; 2196 2197 pos = skb_put(skb, 2 + 2); 2198 *pos++ = WLAN_EID_IBSS_PARAMS; 2199 *pos++ = 2; 2200 /* FIX: set ATIM window based on scan results */ 2201 *pos++ = 0; 2202 *pos++ = 0; 2203 2204 if (bss->supp_rates_len > 8) { 2205 rates = bss->supp_rates_len - 8; 2206 pos = skb_put(skb, 2 + rates); 2207 *pos++ = WLAN_EID_EXT_SUPP_RATES; 2208 *pos++ = rates; 2209 memcpy(pos, &bss->supp_rates[8], rates); 2210 } 2211 2212 memset(&control, 0, sizeof(control)); 2213 memset(&extra, 0, sizeof(extra)); 2214 extra.mode = local->oper_hw_mode; 2215 rate = rate_control_get_rate(local, dev, skb, &extra); 2216 if (!rate) { 2217 printk(KERN_DEBUG "%s: Failed to determine TX rate " 2218 "for IBSS beacon\n", dev->name); 2219 break; 2220 } 2221 control.tx_rate = (local->short_preamble && 2222 (rate->flags & IEEE80211_RATE_PREAMBLE2)) ? 2223 rate->val2 : rate->val; 2224 control.antenna_sel_tx = local->hw.conf.antenna_sel_tx; 2225 control.power_level = local->hw.conf.power_level; 2226 control.flags |= IEEE80211_TXCTL_NO_ACK; 2227 control.retry_limit = 1; 2228 2229 ifsta->probe_resp = skb_copy(skb, GFP_ATOMIC); 2230 if (ifsta->probe_resp) { 2231 mgmt = (struct ieee80211_mgmt *) 2232 ifsta->probe_resp->data; 2233 mgmt->frame_control = 2234 IEEE80211_FC(IEEE80211_FTYPE_MGMT, 2235 IEEE80211_STYPE_PROBE_RESP); 2236 } else { 2237 printk(KERN_DEBUG "%s: Could not allocate ProbeResp " 2238 "template for IBSS\n", dev->name); 2239 } 2240 2241 if (local->ops->beacon_update && 2242 local->ops->beacon_update(local_to_hw(local), 2243 skb, &control) == 0) { 2244 printk(KERN_DEBUG "%s: Configured IBSS beacon " 2245 "template based on scan results\n", dev->name); 2246 skb = NULL; 2247 } 2248 2249 rates = 0; 2250 mode = local->oper_hw_mode; 2251 for (i = 0; i < bss->supp_rates_len; i++) { 2252 int bitrate = (bss->supp_rates[i] & 0x7f) * 5; 2253 if (mode->mode == MODE_ATHEROS_TURBO) 2254 bitrate *= 2; 2255 for (j = 0; j < mode->num_rates; j++) 2256 if (mode->rates[j].rate == bitrate) 2257 rates |= BIT(j); 2258 } 2259 ifsta->supp_rates_bits = rates; 2260 } while (0); 2261 2262 if (skb) { 2263 printk(KERN_DEBUG "%s: Failed to configure IBSS beacon " 2264 "template\n", dev->name); 2265 dev_kfree_skb(skb); 2266 } 2267 2268 ifsta->state = IEEE80211_IBSS_JOINED; 2269 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL); 2270 2271 ieee80211_rx_bss_put(dev, bss); 2272 2273 return res; 2274} 2275 2276 2277static int ieee80211_sta_create_ibss(struct net_device *dev, 2278 struct ieee80211_if_sta *ifsta) 2279{ 2280 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 2281 struct ieee80211_sta_bss *bss; 2282 struct ieee80211_sub_if_data *sdata; 2283 struct ieee80211_hw_mode *mode; 2284 u8 bssid[ETH_ALEN], *pos; 2285 int i; 2286 2287 /* Generate random, not broadcast, locally administered BSSID. Mix in 2288 * own MAC address to make sure that devices that do not have proper 2289 * random number generator get different BSSID. */ 2290 get_random_bytes(bssid, ETH_ALEN); 2291 for (i = 0; i < ETH_ALEN; i++) 2292 bssid[i] ^= dev->dev_addr[i]; 2293 bssid[0] &= ~0x01; 2294 bssid[0] |= 0x02; 2295 2296 printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID " MAC_FMT "\n", 2297 dev->name, MAC_ARG(bssid)); 2298 2299 bss = ieee80211_rx_bss_add(dev, bssid); 2300 if (!bss) 2301 return -ENOMEM; 2302 2303 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 2304 mode = local->oper_hw_mode; 2305 2306 if (local->hw.conf.beacon_int == 0) 2307 local->hw.conf.beacon_int = 100; 2308 bss->beacon_int = local->hw.conf.beacon_int; 2309 bss->hw_mode = local->hw.conf.phymode; 2310 bss->channel = local->hw.conf.channel; 2311 bss->freq = local->hw.conf.freq; 2312 bss->last_update = jiffies; 2313 bss->capability = WLAN_CAPABILITY_IBSS; 2314 if (sdata->default_key) { 2315 bss->capability |= WLAN_CAPABILITY_PRIVACY; 2316 } else 2317 sdata->drop_unencrypted = 0; 2318 bss->supp_rates_len = mode->num_rates; 2319 pos = bss->supp_rates; 2320 for (i = 0; i < mode->num_rates; i++) { 2321 int rate = mode->rates[i].rate; 2322 if (mode->mode == MODE_ATHEROS_TURBO) 2323 rate /= 2; 2324 *pos++ = (u8) (rate / 5); 2325 } 2326 2327 return ieee80211_sta_join_ibss(dev, ifsta, bss); 2328} 2329 2330 2331static int ieee80211_sta_find_ibss(struct net_device *dev, 2332 struct ieee80211_if_sta *ifsta) 2333{ 2334 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 2335 struct ieee80211_sta_bss *bss; 2336 int found = 0; 2337 u8 bssid[ETH_ALEN]; 2338 int active_ibss; 2339 2340 if (ifsta->ssid_len == 0) 2341 return -EINVAL; 2342 2343 active_ibss = ieee80211_sta_active_ibss(dev); 2344#ifdef CONFIG_MAC80211_IBSS_DEBUG 2345 printk(KERN_DEBUG "%s: sta_find_ibss (active_ibss=%d)\n", 2346 dev->name, active_ibss); 2347#endif /* CONFIG_MAC80211_IBSS_DEBUG */ 2348 spin_lock_bh(&local->sta_bss_lock); 2349 list_for_each_entry(bss, &local->sta_bss_list, list) { 2350 if (ifsta->ssid_len != bss->ssid_len || 2351 memcmp(ifsta->ssid, bss->ssid, bss->ssid_len) != 0 2352 || !(bss->capability & WLAN_CAPABILITY_IBSS)) 2353 continue; 2354#ifdef CONFIG_MAC80211_IBSS_DEBUG 2355 printk(KERN_DEBUG " bssid=" MAC_FMT " found\n", 2356 MAC_ARG(bss->bssid)); 2357#endif /* CONFIG_MAC80211_IBSS_DEBUG */ 2358 memcpy(bssid, bss->bssid, ETH_ALEN); 2359 found = 1; 2360 if (active_ibss || memcmp(bssid, ifsta->bssid, ETH_ALEN) != 0) 2361 break; 2362 } 2363 spin_unlock_bh(&local->sta_bss_lock); 2364 2365#ifdef CONFIG_MAC80211_IBSS_DEBUG 2366 printk(KERN_DEBUG " sta_find_ibss: selected " MAC_FMT " current " 2367 MAC_FMT "\n", MAC_ARG(bssid), MAC_ARG(ifsta->bssid)); 2368#endif /* CONFIG_MAC80211_IBSS_DEBUG */ 2369 if (found && memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0 && 2370 (bss = ieee80211_rx_bss_get(dev, bssid))) { 2371 printk(KERN_DEBUG "%s: Selected IBSS BSSID " MAC_FMT 2372 " based on configured SSID\n", 2373 dev->name, MAC_ARG(bssid)); 2374 return ieee80211_sta_join_ibss(dev, ifsta, bss); 2375 } 2376#ifdef CONFIG_MAC80211_IBSS_DEBUG 2377 printk(KERN_DEBUG " did not try to join ibss\n"); 2378#endif /* CONFIG_MAC80211_IBSS_DEBUG */ 2379 2380 /* Selected IBSS not found in current scan results - try to scan */ 2381 if (ifsta->state == IEEE80211_IBSS_JOINED && 2382 !ieee80211_sta_active_ibss(dev)) { 2383 mod_timer(&ifsta->timer, jiffies + 2384 IEEE80211_IBSS_MERGE_INTERVAL); 2385 } else if (time_after(jiffies, local->last_scan_completed + 2386 IEEE80211_SCAN_INTERVAL)) { 2387 printk(KERN_DEBUG "%s: Trigger new scan to find an IBSS to " 2388 "join\n", dev->name); 2389 return ieee80211_sta_req_scan(dev, ifsta->ssid, 2390 ifsta->ssid_len); 2391 } else if (ifsta->state != IEEE80211_IBSS_JOINED) { 2392 int interval = IEEE80211_SCAN_INTERVAL; 2393 2394 if (time_after(jiffies, ifsta->ibss_join_req + 2395 IEEE80211_IBSS_JOIN_TIMEOUT)) { 2396 if (ifsta->create_ibss && 2397 local->oper_channel->flag & IEEE80211_CHAN_W_IBSS) 2398 return ieee80211_sta_create_ibss(dev, ifsta); 2399 if (ifsta->create_ibss) { 2400 printk(KERN_DEBUG "%s: IBSS not allowed on the" 2401 " configured channel %d (%d MHz)\n", 2402 dev->name, local->hw.conf.channel, 2403 local->hw.conf.freq); 2404 } 2405 2406 /* No IBSS found - decrease scan interval and continue 2407 * scanning. */ 2408 interval = IEEE80211_SCAN_INTERVAL_SLOW; 2409 } 2410 2411 ifsta->state = IEEE80211_IBSS_SEARCH; 2412 mod_timer(&ifsta->timer, jiffies + interval); 2413 return 0; 2414 } 2415 2416 return 0; 2417} 2418 2419 2420int ieee80211_sta_set_ssid(struct net_device *dev, char *ssid, size_t len) 2421{ 2422 struct ieee80211_sub_if_data *sdata; 2423 struct ieee80211_if_sta *ifsta; 2424 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 2425 2426 if (len > IEEE80211_MAX_SSID_LEN) 2427 return -EINVAL; 2428 2429 /* TODO: This should always be done for IBSS, even if IEEE80211_QOS is 2430 * not defined. */ 2431 if (local->ops->conf_tx) { 2432 struct ieee80211_tx_queue_params qparam; 2433 int i; 2434 2435 memset(&qparam, 0, sizeof(qparam)); 2436 /* TODO: are these ok defaults for all hw_modes? */ 2437 qparam.aifs = 2; 2438 qparam.cw_min = 2439 local->hw.conf.phymode == MODE_IEEE80211B ? 31 : 15; 2440 qparam.cw_max = 1023; 2441 qparam.burst_time = 0; 2442 for (i = IEEE80211_TX_QUEUE_DATA0; i < NUM_TX_DATA_QUEUES; i++) 2443 { 2444 local->ops->conf_tx(local_to_hw(local), 2445 i + IEEE80211_TX_QUEUE_DATA0, 2446 &qparam); 2447 } 2448 /* IBSS uses different parameters for Beacon sending */ 2449 qparam.cw_min++; 2450 qparam.cw_min *= 2; 2451 qparam.cw_min--; 2452 local->ops->conf_tx(local_to_hw(local), 2453 IEEE80211_TX_QUEUE_BEACON, &qparam); 2454 } 2455 2456 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 2457 ifsta = &sdata->u.sta; 2458 2459 if (ifsta->ssid_len != len || memcmp(ifsta->ssid, ssid, len) != 0) 2460 ifsta->prev_bssid_set = 0; 2461 memcpy(ifsta->ssid, ssid, len); 2462 memset(ifsta->ssid + len, 0, IEEE80211_MAX_SSID_LEN - len); 2463 ifsta->ssid_len = len; 2464 2465 ifsta->ssid_set = len ? 1 : 0; 2466 if (sdata->type == IEEE80211_IF_TYPE_IBSS && !ifsta->bssid_set) { 2467 ifsta->ibss_join_req = jiffies; 2468 ifsta->state = IEEE80211_IBSS_SEARCH; 2469 return ieee80211_sta_find_ibss(dev, ifsta); 2470 } 2471 return 0; 2472} 2473 2474 2475int ieee80211_sta_get_ssid(struct net_device *dev, char *ssid, size_t *len) 2476{ 2477 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 2478 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 2479 memcpy(ssid, ifsta->ssid, ifsta->ssid_len); 2480 *len = ifsta->ssid_len; 2481 return 0; 2482} 2483 2484 2485int ieee80211_sta_set_bssid(struct net_device *dev, u8 *bssid) 2486{ 2487 struct ieee80211_sub_if_data *sdata; 2488 struct ieee80211_if_sta *ifsta; 2489 int res; 2490 2491 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 2492 ifsta = &sdata->u.sta; 2493 2494 if (memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0) { 2495 memcpy(ifsta->bssid, bssid, ETH_ALEN); 2496 res = ieee80211_if_config(dev); 2497 if (res) { 2498 printk(KERN_DEBUG "%s: Failed to config new BSSID to " 2499 "the low-level driver\n", dev->name); 2500 return res; 2501 } 2502 } 2503 2504 if (!is_valid_ether_addr(bssid)) 2505 ifsta->bssid_set = 0; 2506 else 2507 ifsta->bssid_set = 1; 2508 return 0; 2509} 2510 2511 2512static void ieee80211_send_nullfunc(struct ieee80211_local *local, 2513 struct ieee80211_sub_if_data *sdata, 2514 int powersave) 2515{ 2516 struct sk_buff *skb; 2517 struct ieee80211_hdr *nullfunc; 2518 u16 fc; 2519 2520 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 24); 2521 if (!skb) { 2522 printk(KERN_DEBUG "%s: failed to allocate buffer for nullfunc " 2523 "frame\n", sdata->dev->name); 2524 return; 2525 } 2526 skb_reserve(skb, local->hw.extra_tx_headroom); 2527 2528 nullfunc = (struct ieee80211_hdr *) skb_put(skb, 24); 2529 memset(nullfunc, 0, 24); 2530 fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC | 2531 IEEE80211_FCTL_TODS; 2532 if (powersave) 2533 fc |= IEEE80211_FCTL_PM; 2534 nullfunc->frame_control = cpu_to_le16(fc); 2535 memcpy(nullfunc->addr1, sdata->u.sta.bssid, ETH_ALEN); 2536 memcpy(nullfunc->addr2, sdata->dev->dev_addr, ETH_ALEN); 2537 memcpy(nullfunc->addr3, sdata->u.sta.bssid, ETH_ALEN); 2538 2539 ieee80211_sta_tx(sdata->dev, skb, 0); 2540} 2541 2542 2543void ieee80211_scan_completed(struct ieee80211_hw *hw) 2544{ 2545 struct ieee80211_local *local = hw_to_local(hw); 2546 struct net_device *dev = local->scan_dev; 2547 struct ieee80211_sub_if_data *sdata; 2548 union iwreq_data wrqu; 2549 2550 local->last_scan_completed = jiffies; 2551 wmb(); 2552 local->sta_scanning = 0; 2553 2554 if (ieee80211_hw_config(local)) 2555 printk(KERN_DEBUG "%s: failed to restore operational" 2556 "channel after scan\n", dev->name); 2557 2558 if (!(local->hw.flags & IEEE80211_HW_NO_PROBE_FILTERING) && 2559 ieee80211_if_config(dev)) 2560 printk(KERN_DEBUG "%s: failed to restore operational" 2561 "BSSID after scan\n", dev->name); 2562 2563 memset(&wrqu, 0, sizeof(wrqu)); 2564 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL); 2565 2566 read_lock(&local->sub_if_lock); 2567 list_for_each_entry(sdata, &local->sub_if_list, list) { 2568 2569 /* No need to wake the master device. */ 2570 if (sdata->dev == local->mdev) 2571 continue; 2572 2573 if (sdata->type == IEEE80211_IF_TYPE_STA) { 2574 if (sdata->u.sta.associated) 2575 ieee80211_send_nullfunc(local, sdata, 0); 2576 ieee80211_sta_timer((unsigned long)sdata); 2577 } 2578 2579 netif_wake_queue(sdata->dev); 2580 } 2581 read_unlock(&local->sub_if_lock); 2582 2583 sdata = IEEE80211_DEV_TO_SUB_IF(dev); 2584 if (sdata->type == IEEE80211_IF_TYPE_IBSS) { 2585 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 2586 if (!ifsta->bssid_set || 2587 (!ifsta->state == IEEE80211_IBSS_JOINED && 2588 !ieee80211_sta_active_ibss(dev))) 2589 ieee80211_sta_find_ibss(dev, ifsta); 2590 } 2591} 2592EXPORT_SYMBOL(ieee80211_scan_completed); 2593 2594void ieee80211_sta_scan_work(struct work_struct *work) 2595{ 2596 struct ieee80211_local *local = 2597 container_of(work, struct ieee80211_local, scan_work.work); 2598 struct net_device *dev = local->scan_dev; 2599 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 2600 struct ieee80211_hw_mode *mode; 2601 struct ieee80211_channel *chan; 2602 int skip; 2603 unsigned long next_delay = 0; 2604 2605 if (!local->sta_scanning) 2606 return; 2607 2608 switch (local->scan_state) { 2609 case SCAN_SET_CHANNEL: 2610 mode = local->scan_hw_mode; 2611 if (local->scan_hw_mode->list.next == &local->modes_list && 2612 local->scan_channel_idx >= mode->num_channels) { 2613 ieee80211_scan_completed(local_to_hw(local)); 2614 return; 2615 } 2616 skip = !(local->enabled_modes & (1 << mode->mode)); 2617 chan = &mode->channels[local->scan_channel_idx]; 2618 if (!(chan->flag & IEEE80211_CHAN_W_SCAN) || 2619 (sdata->type == IEEE80211_IF_TYPE_IBSS && 2620 !(chan->flag & IEEE80211_CHAN_W_IBSS)) || 2621 (local->hw_modes & local->enabled_modes & 2622 (1 << MODE_IEEE80211G) && mode->mode == MODE_IEEE80211B)) 2623 skip = 1; 2624 2625 if (!skip) { 2626 2627 local->scan_channel = chan; 2628 if (ieee80211_hw_config(local)) { 2629 printk(KERN_DEBUG "%s: failed to set channel " 2630 "%d (%d MHz) for scan\n", dev->name, 2631 chan->chan, chan->freq); 2632 skip = 1; 2633 } 2634 } 2635 2636 local->scan_channel_idx++; 2637 if (local->scan_channel_idx >= local->scan_hw_mode->num_channels) { 2638 if (local->scan_hw_mode->list.next != &local->modes_list) { 2639 local->scan_hw_mode = list_entry(local->scan_hw_mode->list.next, 2640 struct ieee80211_hw_mode, 2641 list); 2642 local->scan_channel_idx = 0; 2643 } 2644 } 2645 2646 if (skip) 2647 break; 2648 2649 next_delay = IEEE80211_PROBE_DELAY + 2650 usecs_to_jiffies(local->hw.channel_change_time); 2651 local->scan_state = SCAN_SEND_PROBE; 2652 break; 2653 case SCAN_SEND_PROBE: 2654 if (local->scan_channel->flag & IEEE80211_CHAN_W_ACTIVE_SCAN) { 2655 ieee80211_send_probe_req(dev, NULL, local->scan_ssid, 2656 local->scan_ssid_len); 2657 next_delay = IEEE80211_CHANNEL_TIME; 2658 } else 2659 next_delay = IEEE80211_PASSIVE_CHANNEL_TIME; 2660 local->scan_state = SCAN_SET_CHANNEL; 2661 break; 2662 } 2663 2664 if (local->sta_scanning) 2665 queue_delayed_work(local->hw.workqueue, &local->scan_work, 2666 next_delay); 2667} 2668 2669 2670static int ieee80211_sta_start_scan(struct net_device *dev, 2671 u8 *ssid, size_t ssid_len) 2672{ 2673 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 2674 struct ieee80211_sub_if_data *sdata; 2675 2676 if (ssid_len > IEEE80211_MAX_SSID_LEN) 2677 return -EINVAL; 2678 2679 /* MLME-SCAN.request (page 118) page 144 (11.1.3.1) 2680 * BSSType: INFRASTRUCTURE, INDEPENDENT, ANY_BSS 2681 * BSSID: MACAddress 2682 * SSID 2683 * ScanType: ACTIVE, PASSIVE 2684 * ProbeDelay: delay (in microseconds) to be used prior to transmitting 2685 * a Probe frame during active scanning 2686 * ChannelList 2687 * MinChannelTime (>= ProbeDelay), in TU 2688 * MaxChannelTime: (>= MinChannelTime), in TU 2689 */ 2690 2691 /* MLME-SCAN.confirm 2692 * BSSDescriptionSet 2693 * ResultCode: SUCCESS, INVALID_PARAMETERS 2694 */ 2695 2696 if (local->sta_scanning) { 2697 if (local->scan_dev == dev) 2698 return 0; 2699 return -EBUSY; 2700 } 2701 2702 if (local->ops->hw_scan) { 2703 int rc = local->ops->hw_scan(local_to_hw(local), 2704 ssid, ssid_len); 2705 if (!rc) { 2706 local->sta_scanning = 1; 2707 local->scan_dev = dev; 2708 } 2709 return rc; 2710 } 2711 2712 local->sta_scanning = 1; 2713 2714 read_lock(&local->sub_if_lock); 2715 list_for_each_entry(sdata, &local->sub_if_list, list) { 2716 2717 /* Don't stop the master interface, otherwise we can't transmit 2718 * probes! */ 2719 if (sdata->dev == local->mdev) 2720 continue; 2721 2722 netif_stop_queue(sdata->dev); 2723 if (sdata->type == IEEE80211_IF_TYPE_STA && 2724 sdata->u.sta.associated) 2725 ieee80211_send_nullfunc(local, sdata, 1); 2726 } 2727 read_unlock(&local->sub_if_lock); 2728 2729 if (ssid) { 2730 local->scan_ssid_len = ssid_len; 2731 memcpy(local->scan_ssid, ssid, ssid_len); 2732 } else 2733 local->scan_ssid_len = 0; 2734 local->scan_state = SCAN_SET_CHANNEL; 2735 local->scan_hw_mode = list_entry(local->modes_list.next, 2736 struct ieee80211_hw_mode, 2737 list); 2738 local->scan_channel_idx = 0; 2739 local->scan_dev = dev; 2740 2741 if (!(local->hw.flags & IEEE80211_HW_NO_PROBE_FILTERING) && 2742 ieee80211_if_config(dev)) 2743 printk(KERN_DEBUG "%s: failed to set BSSID for scan\n", 2744 dev->name); 2745 2746 /* TODO: start scan as soon as all nullfunc frames are ACKed */ 2747 queue_delayed_work(local->hw.workqueue, &local->scan_work, 2748 IEEE80211_CHANNEL_TIME); 2749 2750 return 0; 2751} 2752 2753 2754int ieee80211_sta_req_scan(struct net_device *dev, u8 *ssid, size_t ssid_len) 2755{ 2756 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 2757 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 2758 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 2759 2760 if (sdata->type != IEEE80211_IF_TYPE_STA) 2761 return ieee80211_sta_start_scan(dev, ssid, ssid_len); 2762 2763 if (local->sta_scanning) { 2764 if (local->scan_dev == dev) 2765 return 0; 2766 return -EBUSY; 2767 } 2768 2769 set_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request); 2770 queue_work(local->hw.workqueue, &ifsta->work); 2771 return 0; 2772} 2773 2774static char * 2775ieee80211_sta_scan_result(struct net_device *dev, 2776 struct ieee80211_sta_bss *bss, 2777 char *current_ev, char *end_buf) 2778{ 2779 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 2780 struct iw_event iwe; 2781 2782 if (time_after(jiffies, 2783 bss->last_update + IEEE80211_SCAN_RESULT_EXPIRE)) 2784 return current_ev; 2785 2786 if (!(local->enabled_modes & (1 << bss->hw_mode))) 2787 return current_ev; 2788 2789 if (local->scan_flags & IEEE80211_SCAN_WPA_ONLY && 2790 !bss->wpa_ie && !bss->rsn_ie) 2791 return current_ev; 2792 2793 if (local->scan_flags & IEEE80211_SCAN_MATCH_SSID && 2794 (local->scan_ssid_len != bss->ssid_len || 2795 memcmp(local->scan_ssid, bss->ssid, bss->ssid_len) != 0)) 2796 return current_ev; 2797 2798 memset(&iwe, 0, sizeof(iwe)); 2799 iwe.cmd = SIOCGIWAP; 2800 iwe.u.ap_addr.sa_family = ARPHRD_ETHER; 2801 memcpy(iwe.u.ap_addr.sa_data, bss->bssid, ETH_ALEN); 2802 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe, 2803 IW_EV_ADDR_LEN); 2804 2805 memset(&iwe, 0, sizeof(iwe)); 2806 iwe.cmd = SIOCGIWESSID; 2807 iwe.u.data.length = bss->ssid_len; 2808 iwe.u.data.flags = 1; 2809 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe, 2810 bss->ssid); 2811 2812 if (bss->capability & (WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_IBSS)) { 2813 memset(&iwe, 0, sizeof(iwe)); 2814 iwe.cmd = SIOCGIWMODE; 2815 if (bss->capability & WLAN_CAPABILITY_ESS) 2816 iwe.u.mode = IW_MODE_MASTER; 2817 else 2818 iwe.u.mode = IW_MODE_ADHOC; 2819 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe, 2820 IW_EV_UINT_LEN); 2821 } 2822 2823 memset(&iwe, 0, sizeof(iwe)); 2824 iwe.cmd = SIOCGIWFREQ; 2825 iwe.u.freq.m = bss->channel; 2826 iwe.u.freq.e = 0; 2827 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe, 2828 IW_EV_FREQ_LEN); 2829 iwe.u.freq.m = bss->freq * 100000; 2830 iwe.u.freq.e = 1; 2831 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe, 2832 IW_EV_FREQ_LEN); 2833 2834 memset(&iwe, 0, sizeof(iwe)); 2835 iwe.cmd = IWEVQUAL; 2836 iwe.u.qual.qual = bss->signal; 2837 iwe.u.qual.level = bss->rssi; 2838 iwe.u.qual.noise = bss->noise; 2839 iwe.u.qual.updated = local->wstats_flags; 2840 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe, 2841 IW_EV_QUAL_LEN); 2842 2843 memset(&iwe, 0, sizeof(iwe)); 2844 iwe.cmd = SIOCGIWENCODE; 2845 if (bss->capability & WLAN_CAPABILITY_PRIVACY) 2846 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY; 2847 else 2848 iwe.u.data.flags = IW_ENCODE_DISABLED; 2849 iwe.u.data.length = 0; 2850 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe, ""); 2851 2852 if (bss && bss->wpa_ie) { 2853 memset(&iwe, 0, sizeof(iwe)); 2854 iwe.cmd = IWEVGENIE; 2855 iwe.u.data.length = bss->wpa_ie_len; 2856 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe, 2857 bss->wpa_ie); 2858 } 2859 2860 if (bss && bss->rsn_ie) { 2861 memset(&iwe, 0, sizeof(iwe)); 2862 iwe.cmd = IWEVGENIE; 2863 iwe.u.data.length = bss->rsn_ie_len; 2864 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe, 2865 bss->rsn_ie); 2866 } 2867 2868 if (bss && bss->supp_rates_len > 0) { 2869 /* display all supported rates in readable format */ 2870 char *p = current_ev + IW_EV_LCP_LEN; 2871 int i; 2872 2873 memset(&iwe, 0, sizeof(iwe)); 2874 iwe.cmd = SIOCGIWRATE; 2875 /* Those two flags are ignored... */ 2876 iwe.u.bitrate.fixed = iwe.u.bitrate.disabled = 0; 2877 2878 for (i = 0; i < bss->supp_rates_len; i++) { 2879 iwe.u.bitrate.value = ((bss->supp_rates[i] & 2880 0x7f) * 500000); 2881 p = iwe_stream_add_value(current_ev, p, 2882 end_buf, &iwe, IW_EV_PARAM_LEN); 2883 } 2884 current_ev = p; 2885 } 2886 2887 if (bss) { 2888 char *buf; 2889 buf = kmalloc(30, GFP_ATOMIC); 2890 if (buf) { 2891 memset(&iwe, 0, sizeof(iwe)); 2892 iwe.cmd = IWEVCUSTOM; 2893 sprintf(buf, "tsf=%016llx", (unsigned long long)(bss->timestamp)); 2894 iwe.u.data.length = strlen(buf); 2895 current_ev = iwe_stream_add_point(current_ev, end_buf, 2896 &iwe, buf); 2897 kfree(buf); 2898 } 2899 } 2900 2901 do { 2902 char *buf; 2903 2904 if (!(local->scan_flags & IEEE80211_SCAN_EXTRA_INFO)) 2905 break; 2906 2907 buf = kmalloc(100, GFP_ATOMIC); 2908 if (!buf) 2909 break; 2910 2911 memset(&iwe, 0, sizeof(iwe)); 2912 iwe.cmd = IWEVCUSTOM; 2913 sprintf(buf, "bcn_int=%d", bss->beacon_int); 2914 iwe.u.data.length = strlen(buf); 2915 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe, 2916 buf); 2917 2918 memset(&iwe, 0, sizeof(iwe)); 2919 iwe.cmd = IWEVCUSTOM; 2920 sprintf(buf, "capab=0x%04x", bss->capability); 2921 iwe.u.data.length = strlen(buf); 2922 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe, 2923 buf); 2924 2925 kfree(buf); 2926 break; 2927 } while (0); 2928 2929 return current_ev; 2930} 2931 2932 2933int ieee80211_sta_scan_results(struct net_device *dev, char *buf, size_t len) 2934{ 2935 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 2936 char *current_ev = buf; 2937 char *end_buf = buf + len; 2938 struct ieee80211_sta_bss *bss; 2939 2940 spin_lock_bh(&local->sta_bss_lock); 2941 list_for_each_entry(bss, &local->sta_bss_list, list) { 2942 if (buf + len - current_ev <= IW_EV_ADDR_LEN) { 2943 spin_unlock_bh(&local->sta_bss_lock); 2944 return -E2BIG; 2945 } 2946 current_ev = ieee80211_sta_scan_result(dev, bss, current_ev, 2947 end_buf); 2948 } 2949 spin_unlock_bh(&local->sta_bss_lock); 2950 return current_ev - buf; 2951} 2952 2953 2954int ieee80211_sta_set_extra_ie(struct net_device *dev, char *ie, size_t len) 2955{ 2956 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 2957 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 2958 kfree(ifsta->extra_ie); 2959 if (len == 0) { 2960 ifsta->extra_ie = NULL; 2961 ifsta->extra_ie_len = 0; 2962 return 0; 2963 } 2964 ifsta->extra_ie = kmalloc(len, GFP_KERNEL); 2965 if (!ifsta->extra_ie) { 2966 ifsta->extra_ie_len = 0; 2967 return -ENOMEM; 2968 } 2969 memcpy(ifsta->extra_ie, ie, len); 2970 ifsta->extra_ie_len = len; 2971 return 0; 2972} 2973 2974 2975struct sta_info * ieee80211_ibss_add_sta(struct net_device *dev, 2976 struct sk_buff *skb, u8 *bssid, 2977 u8 *addr) 2978{ 2979 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); 2980 struct sta_info *sta; 2981 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 2982 2983 /* TODO: Could consider removing the least recently used entry and 2984 * allow new one to be added. */ 2985 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) { 2986 if (net_ratelimit()) { 2987 printk(KERN_DEBUG "%s: No room for a new IBSS STA " 2988 "entry " MAC_FMT "\n", dev->name, MAC_ARG(addr)); 2989 } 2990 return NULL; 2991 } 2992 2993 printk(KERN_DEBUG "%s: Adding new IBSS station " MAC_FMT " (dev=%s)\n", 2994 local->mdev->name, MAC_ARG(addr), dev->name); 2995 2996 sta = sta_info_add(local, dev, addr, GFP_ATOMIC); 2997 if (!sta) 2998 return NULL; 2999 3000 sta->supp_rates = sdata->u.sta.supp_rates_bits; 3001 3002 rate_control_rate_init(sta, local); 3003 3004 return sta; /* caller will call sta_info_put() */ 3005} 3006 3007 3008int ieee80211_sta_deauthenticate(struct net_device *dev, u16 reason) 3009{ 3010 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 3011 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 3012 3013 printk(KERN_DEBUG "%s: deauthenticate(reason=%d)\n", 3014 dev->name, reason); 3015 3016 if (sdata->type != IEEE80211_IF_TYPE_STA && 3017 sdata->type != IEEE80211_IF_TYPE_IBSS) 3018 return -EINVAL; 3019 3020 ieee80211_send_deauth(dev, ifsta, reason); 3021 ieee80211_set_disassoc(dev, ifsta, 1); 3022 return 0; 3023} 3024 3025 3026int ieee80211_sta_disassociate(struct net_device *dev, u16 reason) 3027{ 3028 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); 3029 struct ieee80211_if_sta *ifsta = &sdata->u.sta; 3030 3031 printk(KERN_DEBUG "%s: disassociate(reason=%d)\n", 3032 dev->name, reason); 3033 3034 if (sdata->type != IEEE80211_IF_TYPE_STA) 3035 return -EINVAL; 3036 3037 if (!ifsta->associated) 3038 return -1; 3039 3040 ieee80211_send_disassoc(dev, ifsta, reason); 3041 ieee80211_set_disassoc(dev, ifsta, 0); 3042 return 0; 3043} 3044