2 * BSS client mode implementation
3 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
4 * Copyright 2004, Instant802 Networks, Inc.
5 * Copyright 2005, Devicescape Software, Inc.
6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
7 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 2 as
11 * published by the Free Software Foundation.
15 * order BSS list by RSSI(?) ("quality of AP")
16 * scan result table filtering (by capability (privacy, IBSS/BSS, WPA/RSN IE,
19 #include <linux/delay.h>
20 #include <linux/if_ether.h>
21 #include <linux/skbuff.h>
22 #include <linux/netdevice.h>
23 #include <linux/if_arp.h>
24 #include <linux/wireless.h>
25 #include <linux/random.h>
26 #include <linux/etherdevice.h>
27 #include <linux/rtnetlink.h>
28 #include <net/iw_handler.h>
29 #include <asm/types.h>
31 #include <net/mac80211.h>
32 #include "ieee80211_i.h"
33 #include "ieee80211_rate.h"
34 #include "ieee80211_led.h"
37 #define IEEE80211_AUTH_TIMEOUT (HZ / 5)
38 #define IEEE80211_AUTH_MAX_TRIES 3
39 #define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
40 #define IEEE80211_ASSOC_MAX_TRIES 3
41 #define IEEE80211_MONITORING_INTERVAL (2 * HZ)
42 #define IEEE80211_MESH_HOUSEKEEPING_INTERVAL (60 * HZ)
43 #define IEEE80211_PROBE_INTERVAL (60 * HZ)
44 #define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ)
45 #define IEEE80211_SCAN_INTERVAL (2 * HZ)
46 #define IEEE80211_SCAN_INTERVAL_SLOW (15 * HZ)
47 #define IEEE80211_IBSS_JOIN_TIMEOUT (20 * HZ)
49 #define IEEE80211_PROBE_DELAY (HZ / 33)
50 #define IEEE80211_CHANNEL_TIME (HZ / 33)
51 #define IEEE80211_PASSIVE_CHANNEL_TIME (HZ / 5)
52 #define IEEE80211_SCAN_RESULT_EXPIRE (10 * HZ)
53 #define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
54 #define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
55 #define IEEE80211_MESH_PEER_INACTIVITY_LIMIT (1800 * HZ)
57 #define IEEE80211_IBSS_MAX_STA_ENTRIES 128
60 #define ERP_INFO_USE_PROTECTION BIT(1)
62 /* mgmt header + 1 byte action code */
63 #define IEEE80211_MIN_ACTION_SIZE (24 + 1)
65 #define IEEE80211_ADDBA_PARAM_POLICY_MASK 0x0002
66 #define IEEE80211_ADDBA_PARAM_TID_MASK 0x003C
67 #define IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK 0xFFA0
68 #define IEEE80211_DELBA_PARAM_TID_MASK 0xF000
69 #define IEEE80211_DELBA_PARAM_INITIATOR_MASK 0x0800
71 /* next values represent the buffer size for A-MPDU frame.
72 * According to IEEE802.11n spec size varies from 8K to 64K (in powers of 2) */
73 #define IEEE80211_MIN_AMPDU_BUF 0x8
74 #define IEEE80211_MAX_AMPDU_BUF 0x40
76 static void ieee80211_send_probe_req(struct net_device *dev, u8 *dst,
77 u8 *ssid, size_t ssid_len);
78 static struct ieee80211_sta_bss *
79 ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid, int freq,
80 u8 *ssid, u8 ssid_len);
81 static void ieee80211_rx_bss_put(struct net_device *dev,
82 struct ieee80211_sta_bss *bss);
83 static int ieee80211_sta_find_ibss(struct net_device *dev,
84 struct ieee80211_if_sta *ifsta);
85 static int ieee80211_sta_wep_configured(struct net_device *dev);
86 static int ieee80211_sta_start_scan(struct net_device *dev,
87 u8 *ssid, size_t ssid_len);
88 static int ieee80211_sta_config_auth(struct net_device *dev,
89 struct ieee80211_if_sta *ifsta);
92 void ieee802_11_parse_elems(u8 *start, size_t len,
93 struct ieee802_11_elems *elems)
98 memset(elems, 0, sizeof(*elems));
113 elems->ssid_len = elen;
115 case WLAN_EID_SUPP_RATES:
116 elems->supp_rates = pos;
117 elems->supp_rates_len = elen;
119 case WLAN_EID_FH_PARAMS:
120 elems->fh_params = pos;
121 elems->fh_params_len = elen;
123 case WLAN_EID_DS_PARAMS:
124 elems->ds_params = pos;
125 elems->ds_params_len = elen;
127 case WLAN_EID_CF_PARAMS:
128 elems->cf_params = pos;
129 elems->cf_params_len = elen;
133 elems->tim_len = elen;
135 case WLAN_EID_IBSS_PARAMS:
136 elems->ibss_params = pos;
137 elems->ibss_params_len = elen;
139 case WLAN_EID_CHALLENGE:
140 elems->challenge = pos;
141 elems->challenge_len = elen;
144 if (elen >= 4 && pos[0] == 0x00 && pos[1] == 0x50 &&
146 /* Microsoft OUI (00:50:F2) */
148 /* OUI Type 1 - WPA IE */
150 elems->wpa_len = elen;
151 } else if (elen >= 5 && pos[3] == 2) {
153 elems->wmm_info = pos;
154 elems->wmm_info_len = elen;
155 } else if (pos[4] == 1) {
156 elems->wmm_param = pos;
157 elems->wmm_param_len = elen;
164 elems->rsn_len = elen;
166 case WLAN_EID_ERP_INFO:
167 elems->erp_info = pos;
168 elems->erp_info_len = elen;
170 case WLAN_EID_EXT_SUPP_RATES:
171 elems->ext_supp_rates = pos;
172 elems->ext_supp_rates_len = elen;
174 case WLAN_EID_HT_CAPABILITY:
175 elems->ht_cap_elem = pos;
176 elems->ht_cap_elem_len = elen;
178 case WLAN_EID_HT_EXTRA_INFO:
179 elems->ht_info_elem = pos;
180 elems->ht_info_elem_len = elen;
182 case WLAN_EID_MESH_ID:
183 elems->mesh_id = pos;
184 elems->mesh_id_len = elen;
186 case WLAN_EID_MESH_CONFIG:
187 elems->mesh_config = pos;
188 elems->mesh_config_len = elen;
190 case WLAN_EID_PEER_LINK:
191 elems->peer_link = pos;
192 elems->peer_link_len = elen;
196 elems->preq_len = elen;
200 elems->prep_len = elen;
204 elems->perr_len = elen;
216 static int ecw2cw(int ecw)
218 return (1 << ecw) - 1;
222 static void ieee80211_sta_def_wmm_params(struct net_device *dev,
223 struct ieee80211_sta_bss *bss,
226 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
227 struct ieee80211_local *local = sdata->local;
228 int i, have_higher_than_11mbit = 0;
231 /* cf. IEEE 802.11 9.2.12 */
232 for (i = 0; i < bss->supp_rates_len; i++)
233 if ((bss->supp_rates[i] & 0x7f) * 5 > 110)
234 have_higher_than_11mbit = 1;
236 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
237 have_higher_than_11mbit)
238 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
240 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
243 if (local->ops->conf_tx) {
244 struct ieee80211_tx_queue_params qparam;
246 memset(&qparam, 0, sizeof(qparam));
250 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
251 !(sdata->flags & IEEE80211_SDATA_OPERATING_GMODE))
256 qparam.cw_max = 1023;
259 for (i = IEEE80211_TX_QUEUE_DATA0; i < NUM_TX_DATA_QUEUES; i++)
260 local->ops->conf_tx(local_to_hw(local),
261 i + IEEE80211_TX_QUEUE_DATA0,
265 /* IBSS uses different parameters for Beacon sending */
269 local->ops->conf_tx(local_to_hw(local),
270 IEEE80211_TX_QUEUE_BEACON, &qparam);
275 static void ieee80211_sta_wmm_params(struct net_device *dev,
276 struct ieee80211_if_sta *ifsta,
277 u8 *wmm_param, size_t wmm_param_len)
279 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
280 struct ieee80211_tx_queue_params params;
285 if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1)
287 count = wmm_param[6] & 0x0f;
288 if (count == ifsta->wmm_last_param_set)
290 ifsta->wmm_last_param_set = count;
293 left = wmm_param_len - 8;
295 memset(¶ms, 0, sizeof(params));
297 if (!local->ops->conf_tx)
301 for (; left >= 4; left -= 4, pos += 4) {
302 int aci = (pos[0] >> 5) & 0x03;
303 int acm = (pos[0] >> 4) & 0x01;
308 queue = IEEE80211_TX_QUEUE_DATA3;
310 local->wmm_acm |= BIT(0) | BIT(3);
314 queue = IEEE80211_TX_QUEUE_DATA1;
316 local->wmm_acm |= BIT(4) | BIT(5);
320 queue = IEEE80211_TX_QUEUE_DATA0;
322 local->wmm_acm |= BIT(6) | BIT(7);
327 queue = IEEE80211_TX_QUEUE_DATA2;
329 local->wmm_acm |= BIT(1) | BIT(2);
334 params.aifs = pos[0] & 0x0f;
335 params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4);
336 params.cw_min = ecw2cw(pos[1] & 0x0f);
337 params.txop = pos[2] | (pos[3] << 8);
338 #ifdef CONFIG_MAC80211_DEBUG
339 printk(KERN_DEBUG "%s: WMM queue=%d aci=%d acm=%d aifs=%d "
340 "cWmin=%d cWmax=%d txop=%d\n",
341 dev->name, queue, aci, acm, params.aifs, params.cw_min,
342 params.cw_max, params.txop);
344 /* TODO: handle ACM (block TX, fallback to next lowest allowed
346 if (local->ops->conf_tx(local_to_hw(local), queue, ¶ms)) {
347 printk(KERN_DEBUG "%s: failed to set TX queue "
348 "parameters for queue %d\n", dev->name, queue);
354 static u32 ieee80211_handle_erp_ie(struct ieee80211_sub_if_data *sdata,
357 struct ieee80211_bss_conf *bss_conf = &sdata->bss_conf;
358 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
359 bool use_protection = (erp_value & WLAN_ERP_USE_PROTECTION) != 0;
360 bool use_short_preamble = (erp_value & WLAN_ERP_BARKER_PREAMBLE) == 0;
361 DECLARE_MAC_BUF(mac);
364 if (use_protection != bss_conf->use_cts_prot) {
365 if (net_ratelimit()) {
366 printk(KERN_DEBUG "%s: CTS protection %s (BSSID="
369 use_protection ? "enabled" : "disabled",
370 print_mac(mac, ifsta->bssid));
372 bss_conf->use_cts_prot = use_protection;
373 changed |= BSS_CHANGED_ERP_CTS_PROT;
376 if (use_short_preamble != bss_conf->use_short_preamble) {
377 if (net_ratelimit()) {
378 printk(KERN_DEBUG "%s: switched to %s barker preamble"
381 use_short_preamble ? "short" : "long",
382 print_mac(mac, ifsta->bssid));
384 bss_conf->use_short_preamble = use_short_preamble;
385 changed |= BSS_CHANGED_ERP_PREAMBLE;
391 int ieee80211_ht_cap_ie_to_ht_info(struct ieee80211_ht_cap *ht_cap_ie,
392 struct ieee80211_ht_info *ht_info)
398 memset(ht_info, 0, sizeof(*ht_info));
401 u8 ampdu_info = ht_cap_ie->ampdu_params_info;
403 ht_info->ht_supported = 1;
404 ht_info->cap = le16_to_cpu(ht_cap_ie->cap_info);
405 ht_info->ampdu_factor =
406 ampdu_info & IEEE80211_HT_CAP_AMPDU_FACTOR;
407 ht_info->ampdu_density =
408 (ampdu_info & IEEE80211_HT_CAP_AMPDU_DENSITY) >> 2;
409 memcpy(ht_info->supp_mcs_set, ht_cap_ie->supp_mcs_set, 16);
411 ht_info->ht_supported = 0;
416 int ieee80211_ht_addt_info_ie_to_ht_bss_info(
417 struct ieee80211_ht_addt_info *ht_add_info_ie,
418 struct ieee80211_ht_bss_info *bss_info)
420 if (bss_info == NULL)
423 memset(bss_info, 0, sizeof(*bss_info));
425 if (ht_add_info_ie) {
427 op_mode = le16_to_cpu(ht_add_info_ie->operation_mode);
429 bss_info->primary_channel = ht_add_info_ie->control_chan;
430 bss_info->bss_cap = ht_add_info_ie->ht_param;
431 bss_info->bss_op_mode = (u8)(op_mode & 0xff);
437 static void ieee80211_sta_send_associnfo(struct net_device *dev,
438 struct ieee80211_if_sta *ifsta)
443 union iwreq_data wrqu;
445 if (!ifsta->assocreq_ies && !ifsta->assocresp_ies)
448 buf = kmalloc(50 + 2 * (ifsta->assocreq_ies_len +
449 ifsta->assocresp_ies_len), GFP_KERNEL);
453 len = sprintf(buf, "ASSOCINFO(");
454 if (ifsta->assocreq_ies) {
455 len += sprintf(buf + len, "ReqIEs=");
456 for (i = 0; i < ifsta->assocreq_ies_len; i++) {
457 len += sprintf(buf + len, "%02x",
458 ifsta->assocreq_ies[i]);
461 if (ifsta->assocresp_ies) {
462 if (ifsta->assocreq_ies)
463 len += sprintf(buf + len, " ");
464 len += sprintf(buf + len, "RespIEs=");
465 for (i = 0; i < ifsta->assocresp_ies_len; i++) {
466 len += sprintf(buf + len, "%02x",
467 ifsta->assocresp_ies[i]);
470 len += sprintf(buf + len, ")");
472 if (len > IW_CUSTOM_MAX) {
473 len = sprintf(buf, "ASSOCRESPIE=");
474 for (i = 0; i < ifsta->assocresp_ies_len; i++) {
475 len += sprintf(buf + len, "%02x",
476 ifsta->assocresp_ies[i]);
480 memset(&wrqu, 0, sizeof(wrqu));
481 wrqu.data.length = len;
482 wireless_send_event(dev, IWEVCUSTOM, &wrqu, buf);
488 static void ieee80211_set_associated(struct net_device *dev,
489 struct ieee80211_if_sta *ifsta,
492 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
493 struct ieee80211_local *local = sdata->local;
494 struct ieee80211_conf *conf = &local_to_hw(local)->conf;
495 union iwreq_data wrqu;
496 u32 changed = BSS_CHANGED_ASSOC;
499 struct ieee80211_sta_bss *bss;
501 ifsta->flags |= IEEE80211_STA_ASSOCIATED;
503 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
506 bss = ieee80211_rx_bss_get(dev, ifsta->bssid,
507 conf->channel->center_freq,
508 ifsta->ssid, ifsta->ssid_len);
510 /* set timing information */
511 sdata->bss_conf.beacon_int = bss->beacon_int;
512 sdata->bss_conf.timestamp = bss->timestamp;
514 if (bss->has_erp_value)
515 changed |= ieee80211_handle_erp_ie(
516 sdata, bss->erp_value);
518 ieee80211_rx_bss_put(dev, bss);
521 if (conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE) {
522 changed |= BSS_CHANGED_HT;
523 sdata->bss_conf.assoc_ht = 1;
524 sdata->bss_conf.ht_conf = &conf->ht_conf;
525 sdata->bss_conf.ht_bss_conf = &conf->ht_bss_conf;
528 netif_carrier_on(dev);
529 ifsta->flags |= IEEE80211_STA_PREV_BSSID_SET;
530 memcpy(ifsta->prev_bssid, sdata->u.sta.bssid, ETH_ALEN);
531 memcpy(wrqu.ap_addr.sa_data, sdata->u.sta.bssid, ETH_ALEN);
532 ieee80211_sta_send_associnfo(dev, ifsta);
534 ieee80211_sta_tear_down_BA_sessions(dev, ifsta->bssid);
535 ifsta->flags &= ~IEEE80211_STA_ASSOCIATED;
536 netif_carrier_off(dev);
537 ieee80211_reset_erp_info(dev);
539 sdata->bss_conf.assoc_ht = 0;
540 sdata->bss_conf.ht_conf = NULL;
541 sdata->bss_conf.ht_bss_conf = NULL;
543 memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
545 ifsta->last_probe = jiffies;
546 ieee80211_led_assoc(local, assoc);
548 sdata->bss_conf.assoc = assoc;
549 ieee80211_bss_info_change_notify(sdata, changed);
550 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
551 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
554 static void ieee80211_set_disassoc(struct net_device *dev,
555 struct ieee80211_if_sta *ifsta, int deauth)
558 ifsta->auth_tries = 0;
559 ifsta->assoc_tries = 0;
560 ieee80211_set_associated(dev, ifsta, 0);
563 void ieee80211_sta_tx(struct net_device *dev, struct sk_buff *skb,
566 struct ieee80211_sub_if_data *sdata;
567 struct ieee80211_tx_packet_data *pkt_data;
569 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
570 skb->dev = sdata->local->mdev;
571 skb_set_mac_header(skb, 0);
572 skb_set_network_header(skb, 0);
573 skb_set_transport_header(skb, 0);
575 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb;
576 memset(pkt_data, 0, sizeof(struct ieee80211_tx_packet_data));
577 pkt_data->ifindex = sdata->dev->ifindex;
579 pkt_data->flags |= IEEE80211_TXPD_DO_NOT_ENCRYPT;
585 static void ieee80211_send_auth(struct net_device *dev,
586 struct ieee80211_if_sta *ifsta,
587 int transaction, u8 *extra, size_t extra_len,
590 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
592 struct ieee80211_mgmt *mgmt;
594 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
595 sizeof(*mgmt) + 6 + extra_len);
597 printk(KERN_DEBUG "%s: failed to allocate buffer for auth "
598 "frame\n", dev->name);
601 skb_reserve(skb, local->hw.extra_tx_headroom);
603 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24 + 6);
604 memset(mgmt, 0, 24 + 6);
605 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
606 IEEE80211_STYPE_AUTH);
608 mgmt->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
609 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
610 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
611 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
612 mgmt->u.auth.auth_alg = cpu_to_le16(ifsta->auth_alg);
613 mgmt->u.auth.auth_transaction = cpu_to_le16(transaction);
614 ifsta->auth_transaction = transaction + 1;
615 mgmt->u.auth.status_code = cpu_to_le16(0);
617 memcpy(skb_put(skb, extra_len), extra, extra_len);
619 ieee80211_sta_tx(dev, skb, encrypt);
623 static void ieee80211_authenticate(struct net_device *dev,
624 struct ieee80211_if_sta *ifsta)
626 DECLARE_MAC_BUF(mac);
629 if (ifsta->auth_tries > IEEE80211_AUTH_MAX_TRIES) {
630 printk(KERN_DEBUG "%s: authentication with AP %s"
632 dev->name, print_mac(mac, ifsta->bssid));
633 ifsta->state = IEEE80211_DISABLED;
637 ifsta->state = IEEE80211_AUTHENTICATE;
638 printk(KERN_DEBUG "%s: authenticate with AP %s\n",
639 dev->name, print_mac(mac, ifsta->bssid));
641 ieee80211_send_auth(dev, ifsta, 1, NULL, 0, 0);
643 mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
647 static void ieee80211_send_assoc(struct net_device *dev,
648 struct ieee80211_if_sta *ifsta)
650 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
652 struct ieee80211_mgmt *mgmt;
656 struct ieee80211_sta_bss *bss;
658 struct ieee80211_supported_band *sband;
660 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
661 sizeof(*mgmt) + 200 + ifsta->extra_ie_len +
664 printk(KERN_DEBUG "%s: failed to allocate buffer for assoc "
665 "frame\n", dev->name);
668 skb_reserve(skb, local->hw.extra_tx_headroom);
670 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
672 capab = ifsta->capab;
674 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ) {
675 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
676 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
677 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE))
678 capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
681 bss = ieee80211_rx_bss_get(dev, ifsta->bssid,
682 local->hw.conf.channel->center_freq,
683 ifsta->ssid, ifsta->ssid_len);
685 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
686 capab |= WLAN_CAPABILITY_PRIVACY;
690 ieee80211_rx_bss_put(dev, bss);
693 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
695 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
696 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
697 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
699 if (ifsta->flags & IEEE80211_STA_PREV_BSSID_SET) {
701 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
702 IEEE80211_STYPE_REASSOC_REQ);
703 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
704 mgmt->u.reassoc_req.listen_interval = cpu_to_le16(1);
705 memcpy(mgmt->u.reassoc_req.current_ap, ifsta->prev_bssid,
709 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
710 IEEE80211_STYPE_ASSOC_REQ);
711 mgmt->u.assoc_req.capab_info = cpu_to_le16(capab);
712 mgmt->u.assoc_req.listen_interval = cpu_to_le16(1);
716 ies = pos = skb_put(skb, 2 + ifsta->ssid_len);
717 *pos++ = WLAN_EID_SSID;
718 *pos++ = ifsta->ssid_len;
719 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
721 len = sband->n_bitrates;
724 pos = skb_put(skb, len + 2);
725 *pos++ = WLAN_EID_SUPP_RATES;
727 for (i = 0; i < len; i++) {
728 int rate = sband->bitrates[i].bitrate;
729 *pos++ = (u8) (rate / 5);
732 if (sband->n_bitrates > len) {
733 pos = skb_put(skb, sband->n_bitrates - len + 2);
734 *pos++ = WLAN_EID_EXT_SUPP_RATES;
735 *pos++ = sband->n_bitrates - len;
736 for (i = len; i < sband->n_bitrates; i++) {
737 int rate = sband->bitrates[i].bitrate;
738 *pos++ = (u8) (rate / 5);
742 if (ifsta->extra_ie) {
743 pos = skb_put(skb, ifsta->extra_ie_len);
744 memcpy(pos, ifsta->extra_ie, ifsta->extra_ie_len);
747 if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
748 pos = skb_put(skb, 9);
749 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
750 *pos++ = 7; /* len */
751 *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */
754 *pos++ = 2; /* WME */
755 *pos++ = 0; /* WME info */
756 *pos++ = 1; /* WME ver */
759 /* wmm support is a must to HT */
760 if (wmm && sband->ht_info.ht_supported) {
761 __le16 tmp = cpu_to_le16(sband->ht_info.cap);
762 pos = skb_put(skb, sizeof(struct ieee80211_ht_cap)+2);
763 *pos++ = WLAN_EID_HT_CAPABILITY;
764 *pos++ = sizeof(struct ieee80211_ht_cap);
765 memset(pos, 0, sizeof(struct ieee80211_ht_cap));
766 memcpy(pos, &tmp, sizeof(u16));
768 /* TODO: needs a define here for << 2 */
769 *pos++ = sband->ht_info.ampdu_factor |
770 (sband->ht_info.ampdu_density << 2);
771 memcpy(pos, sband->ht_info.supp_mcs_set, 16);
774 kfree(ifsta->assocreq_ies);
775 ifsta->assocreq_ies_len = (skb->data + skb->len) - ies;
776 ifsta->assocreq_ies = kmalloc(ifsta->assocreq_ies_len, GFP_KERNEL);
777 if (ifsta->assocreq_ies)
778 memcpy(ifsta->assocreq_ies, ies, ifsta->assocreq_ies_len);
780 ieee80211_sta_tx(dev, skb, 0);
784 static void ieee80211_send_deauth(struct net_device *dev,
785 struct ieee80211_if_sta *ifsta, u16 reason)
787 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
789 struct ieee80211_mgmt *mgmt;
791 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
793 printk(KERN_DEBUG "%s: failed to allocate buffer for deauth "
794 "frame\n", dev->name);
797 skb_reserve(skb, local->hw.extra_tx_headroom);
799 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
801 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
802 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
803 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
804 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
805 IEEE80211_STYPE_DEAUTH);
807 mgmt->u.deauth.reason_code = cpu_to_le16(reason);
809 ieee80211_sta_tx(dev, skb, 0);
813 static void ieee80211_send_disassoc(struct net_device *dev,
814 struct ieee80211_if_sta *ifsta, u16 reason)
816 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
818 struct ieee80211_mgmt *mgmt;
820 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
822 printk(KERN_DEBUG "%s: failed to allocate buffer for disassoc "
823 "frame\n", dev->name);
826 skb_reserve(skb, local->hw.extra_tx_headroom);
828 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
830 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
831 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
832 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
833 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
834 IEEE80211_STYPE_DISASSOC);
836 mgmt->u.disassoc.reason_code = cpu_to_le16(reason);
838 ieee80211_sta_tx(dev, skb, 0);
842 static int ieee80211_privacy_mismatch(struct net_device *dev,
843 struct ieee80211_if_sta *ifsta)
845 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
846 struct ieee80211_sta_bss *bss;
851 if (!ifsta || (ifsta->flags & IEEE80211_STA_MIXED_CELL))
854 bss = ieee80211_rx_bss_get(dev, ifsta->bssid,
855 local->hw.conf.channel->center_freq,
856 ifsta->ssid, ifsta->ssid_len);
860 bss_privacy = !!(bss->capability & WLAN_CAPABILITY_PRIVACY);
861 wep_privacy = !!ieee80211_sta_wep_configured(dev);
862 privacy_invoked = !!(ifsta->flags & IEEE80211_STA_PRIVACY_INVOKED);
864 ieee80211_rx_bss_put(dev, bss);
866 if ((bss_privacy == wep_privacy) || (bss_privacy == privacy_invoked))
873 static void ieee80211_associate(struct net_device *dev,
874 struct ieee80211_if_sta *ifsta)
876 DECLARE_MAC_BUF(mac);
878 ifsta->assoc_tries++;
879 if (ifsta->assoc_tries > IEEE80211_ASSOC_MAX_TRIES) {
880 printk(KERN_DEBUG "%s: association with AP %s"
882 dev->name, print_mac(mac, ifsta->bssid));
883 ifsta->state = IEEE80211_DISABLED;
887 ifsta->state = IEEE80211_ASSOCIATE;
888 printk(KERN_DEBUG "%s: associate with AP %s\n",
889 dev->name, print_mac(mac, ifsta->bssid));
890 if (ieee80211_privacy_mismatch(dev, ifsta)) {
891 printk(KERN_DEBUG "%s: mismatch in privacy configuration and "
892 "mixed-cell disabled - abort association\n", dev->name);
893 ifsta->state = IEEE80211_DISABLED;
897 ieee80211_send_assoc(dev, ifsta);
899 mod_timer(&ifsta->timer, jiffies + IEEE80211_ASSOC_TIMEOUT);
903 static void ieee80211_associated(struct net_device *dev,
904 struct ieee80211_if_sta *ifsta)
906 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
907 struct sta_info *sta;
909 DECLARE_MAC_BUF(mac);
911 /* TODO: start monitoring current AP signal quality and number of
912 * missed beacons. Scan other channels every now and then and search
914 /* TODO: remove expired BSSes */
916 ifsta->state = IEEE80211_ASSOCIATED;
920 sta = sta_info_get(local, ifsta->bssid);
922 printk(KERN_DEBUG "%s: No STA entry for own AP %s\n",
923 dev->name, print_mac(mac, ifsta->bssid));
927 if (time_after(jiffies,
928 sta->last_rx + IEEE80211_MONITORING_INTERVAL)) {
929 if (ifsta->flags & IEEE80211_STA_PROBEREQ_POLL) {
930 printk(KERN_DEBUG "%s: No ProbeResp from "
931 "current AP %s - assume out of "
933 dev->name, print_mac(mac, ifsta->bssid));
935 sta_info_unlink(&sta);
937 ieee80211_send_probe_req(dev, ifsta->bssid,
939 local->scan_ssid_len);
940 ifsta->flags ^= IEEE80211_STA_PROBEREQ_POLL;
942 ifsta->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
943 if (time_after(jiffies, ifsta->last_probe +
944 IEEE80211_PROBE_INTERVAL)) {
945 ifsta->last_probe = jiffies;
946 ieee80211_send_probe_req(dev, ifsta->bssid,
955 if (disassoc && sta) {
957 sta_info_destroy(sta);
962 ifsta->state = IEEE80211_DISABLED;
963 ieee80211_set_associated(dev, ifsta, 0);
965 mod_timer(&ifsta->timer, jiffies +
966 IEEE80211_MONITORING_INTERVAL);
971 static void ieee80211_send_probe_req(struct net_device *dev, u8 *dst,
972 u8 *ssid, size_t ssid_len)
974 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
975 struct ieee80211_supported_band *sband;
977 struct ieee80211_mgmt *mgmt;
978 u8 *pos, *supp_rates, *esupp_rates = NULL;
981 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) + 200);
983 printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
984 "request\n", dev->name);
987 skb_reserve(skb, local->hw.extra_tx_headroom);
989 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
991 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
992 IEEE80211_STYPE_PROBE_REQ);
993 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
995 memcpy(mgmt->da, dst, ETH_ALEN);
996 memcpy(mgmt->bssid, dst, ETH_ALEN);
998 memset(mgmt->da, 0xff, ETH_ALEN);
999 memset(mgmt->bssid, 0xff, ETH_ALEN);
1001 pos = skb_put(skb, 2 + ssid_len);
1002 *pos++ = WLAN_EID_SSID;
1004 memcpy(pos, ssid, ssid_len);
1006 supp_rates = skb_put(skb, 2);
1007 supp_rates[0] = WLAN_EID_SUPP_RATES;
1009 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
1011 for (i = 0; i < sband->n_bitrates; i++) {
1012 struct ieee80211_rate *rate = &sband->bitrates[i];
1014 pos = skb_put(skb, 1);
1016 } else if (supp_rates[1] == 8) {
1017 esupp_rates = skb_put(skb, 3);
1018 esupp_rates[0] = WLAN_EID_EXT_SUPP_RATES;
1020 pos = &esupp_rates[2];
1022 pos = skb_put(skb, 1);
1025 *pos = rate->bitrate / 5;
1028 ieee80211_sta_tx(dev, skb, 0);
1032 static int ieee80211_sta_wep_configured(struct net_device *dev)
1034 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1035 if (!sdata || !sdata->default_key ||
1036 sdata->default_key->conf.alg != ALG_WEP)
1042 static void ieee80211_auth_completed(struct net_device *dev,
1043 struct ieee80211_if_sta *ifsta)
1045 printk(KERN_DEBUG "%s: authenticated\n", dev->name);
1046 ifsta->flags |= IEEE80211_STA_AUTHENTICATED;
1047 ieee80211_associate(dev, ifsta);
1051 static void ieee80211_auth_challenge(struct net_device *dev,
1052 struct ieee80211_if_sta *ifsta,
1053 struct ieee80211_mgmt *mgmt,
1057 struct ieee802_11_elems elems;
1059 printk(KERN_DEBUG "%s: replying to auth challenge\n", dev->name);
1060 pos = mgmt->u.auth.variable;
1061 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
1062 if (!elems.challenge) {
1063 printk(KERN_DEBUG "%s: no challenge IE in shared key auth "
1064 "frame\n", dev->name);
1067 ieee80211_send_auth(dev, ifsta, 3, elems.challenge - 2,
1068 elems.challenge_len + 2, 1);
1071 static void ieee80211_send_addba_resp(struct net_device *dev, u8 *da, u16 tid,
1072 u8 dialog_token, u16 status, u16 policy,
1073 u16 buf_size, u16 timeout)
1075 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1076 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
1077 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1078 struct sk_buff *skb;
1079 struct ieee80211_mgmt *mgmt;
1082 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom + 1 +
1083 sizeof(mgmt->u.action.u.addba_resp));
1085 printk(KERN_DEBUG "%s: failed to allocate buffer "
1086 "for addba resp frame\n", dev->name);
1090 skb_reserve(skb, local->hw.extra_tx_headroom);
1091 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
1092 memset(mgmt, 0, 24);
1093 memcpy(mgmt->da, da, ETH_ALEN);
1094 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
1095 if (sdata->vif.type == IEEE80211_IF_TYPE_AP)
1096 memcpy(mgmt->bssid, dev->dev_addr, ETH_ALEN);
1098 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1099 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
1100 IEEE80211_STYPE_ACTION);
1102 skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_resp));
1103 mgmt->u.action.category = WLAN_CATEGORY_BACK;
1104 mgmt->u.action.u.addba_resp.action_code = WLAN_ACTION_ADDBA_RESP;
1105 mgmt->u.action.u.addba_resp.dialog_token = dialog_token;
1107 capab = (u16)(policy << 1); /* bit 1 aggregation policy */
1108 capab |= (u16)(tid << 2); /* bit 5:2 TID number */
1109 capab |= (u16)(buf_size << 6); /* bit 15:6 max size of aggregation */
1111 mgmt->u.action.u.addba_resp.capab = cpu_to_le16(capab);
1112 mgmt->u.action.u.addba_resp.timeout = cpu_to_le16(timeout);
1113 mgmt->u.action.u.addba_resp.status = cpu_to_le16(status);
1115 ieee80211_sta_tx(dev, skb, 0);
1120 void ieee80211_send_addba_request(struct net_device *dev, const u8 *da,
1121 u16 tid, u8 dialog_token, u16 start_seq_num,
1122 u16 agg_size, u16 timeout)
1124 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1125 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1126 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
1127 struct sk_buff *skb;
1128 struct ieee80211_mgmt *mgmt;
1131 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom + 1 +
1132 sizeof(mgmt->u.action.u.addba_req));
1136 printk(KERN_ERR "%s: failed to allocate buffer "
1137 "for addba request frame\n", dev->name);
1140 skb_reserve(skb, local->hw.extra_tx_headroom);
1141 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
1142 memset(mgmt, 0, 24);
1143 memcpy(mgmt->da, da, ETH_ALEN);
1144 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
1145 if (sdata->vif.type == IEEE80211_IF_TYPE_AP)
1146 memcpy(mgmt->bssid, dev->dev_addr, ETH_ALEN);
1148 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1150 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
1151 IEEE80211_STYPE_ACTION);
1153 skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_req));
1155 mgmt->u.action.category = WLAN_CATEGORY_BACK;
1156 mgmt->u.action.u.addba_req.action_code = WLAN_ACTION_ADDBA_REQ;
1158 mgmt->u.action.u.addba_req.dialog_token = dialog_token;
1159 capab = (u16)(1 << 1); /* bit 1 aggregation policy */
1160 capab |= (u16)(tid << 2); /* bit 5:2 TID number */
1161 capab |= (u16)(agg_size << 6); /* bit 15:6 max size of aggergation */
1163 mgmt->u.action.u.addba_req.capab = cpu_to_le16(capab);
1165 mgmt->u.action.u.addba_req.timeout = cpu_to_le16(timeout);
1166 mgmt->u.action.u.addba_req.start_seq_num =
1167 cpu_to_le16(start_seq_num << 4);
1169 ieee80211_sta_tx(dev, skb, 0);
1172 static void ieee80211_sta_process_addba_request(struct net_device *dev,
1173 struct ieee80211_mgmt *mgmt,
1176 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1177 struct ieee80211_hw *hw = &local->hw;
1178 struct ieee80211_conf *conf = &hw->conf;
1179 struct sta_info *sta;
1180 struct tid_ampdu_rx *tid_agg_rx;
1181 u16 capab, tid, timeout, ba_policy, buf_size, start_seq_num, status;
1183 int ret = -EOPNOTSUPP;
1184 DECLARE_MAC_BUF(mac);
1188 sta = sta_info_get(local, mgmt->sa);
1194 /* extract session parameters from addba request frame */
1195 dialog_token = mgmt->u.action.u.addba_req.dialog_token;
1196 timeout = le16_to_cpu(mgmt->u.action.u.addba_req.timeout);
1198 le16_to_cpu(mgmt->u.action.u.addba_req.start_seq_num) >> 4;
1200 capab = le16_to_cpu(mgmt->u.action.u.addba_req.capab);
1201 ba_policy = (capab & IEEE80211_ADDBA_PARAM_POLICY_MASK) >> 1;
1202 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
1203 buf_size = (capab & IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK) >> 6;
1205 status = WLAN_STATUS_REQUEST_DECLINED;
1207 /* sanity check for incoming parameters:
1208 * check if configuration can support the BA policy
1209 * and if buffer size does not exceeds max value */
1210 if (((ba_policy != 1)
1211 && (!(conf->ht_conf.cap & IEEE80211_HT_CAP_DELAY_BA)))
1212 || (buf_size > IEEE80211_MAX_AMPDU_BUF)) {
1213 status = WLAN_STATUS_INVALID_QOS_PARAM;
1214 #ifdef CONFIG_MAC80211_HT_DEBUG
1215 if (net_ratelimit())
1216 printk(KERN_DEBUG "AddBA Req with bad params from "
1217 "%s on tid %u. policy %d, buffer size %d\n",
1218 print_mac(mac, mgmt->sa), tid, ba_policy,
1220 #endif /* CONFIG_MAC80211_HT_DEBUG */
1223 /* determine default buffer size */
1224 if (buf_size == 0) {
1225 struct ieee80211_supported_band *sband;
1227 sband = local->hw.wiphy->bands[conf->channel->band];
1228 buf_size = IEEE80211_MIN_AMPDU_BUF;
1229 buf_size = buf_size << sband->ht_info.ampdu_factor;
1233 /* examine state machine */
1234 spin_lock_bh(&sta->ampdu_mlme.ampdu_rx);
1236 if (sta->ampdu_mlme.tid_state_rx[tid] != HT_AGG_STATE_IDLE) {
1237 #ifdef CONFIG_MAC80211_HT_DEBUG
1238 if (net_ratelimit())
1239 printk(KERN_DEBUG "unexpected AddBA Req from "
1241 print_mac(mac, mgmt->sa), tid);
1242 #endif /* CONFIG_MAC80211_HT_DEBUG */
1246 /* prepare A-MPDU MLME for Rx aggregation */
1247 sta->ampdu_mlme.tid_rx[tid] =
1248 kmalloc(sizeof(struct tid_ampdu_rx), GFP_ATOMIC);
1249 if (!sta->ampdu_mlme.tid_rx[tid]) {
1250 if (net_ratelimit())
1251 printk(KERN_ERR "allocate rx mlme to tid %d failed\n",
1256 sta->ampdu_mlme.tid_rx[tid]->session_timer.function =
1257 sta_rx_agg_session_timer_expired;
1258 sta->ampdu_mlme.tid_rx[tid]->session_timer.data =
1259 (unsigned long)&sta->timer_to_tid[tid];
1260 init_timer(&sta->ampdu_mlme.tid_rx[tid]->session_timer);
1262 tid_agg_rx = sta->ampdu_mlme.tid_rx[tid];
1264 /* prepare reordering buffer */
1265 tid_agg_rx->reorder_buf =
1266 kmalloc(buf_size * sizeof(struct sk_buf *), GFP_ATOMIC);
1267 if (!tid_agg_rx->reorder_buf) {
1268 if (net_ratelimit())
1269 printk(KERN_ERR "can not allocate reordering buffer "
1270 "to tid %d\n", tid);
1271 kfree(sta->ampdu_mlme.tid_rx[tid]);
1274 memset(tid_agg_rx->reorder_buf, 0,
1275 buf_size * sizeof(struct sk_buf *));
1277 if (local->ops->ampdu_action)
1278 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_START,
1279 sta->addr, tid, &start_seq_num);
1280 #ifdef CONFIG_MAC80211_HT_DEBUG
1281 printk(KERN_DEBUG "Rx A-MPDU on tid %d result %d", tid, ret);
1282 #endif /* CONFIG_MAC80211_HT_DEBUG */
1285 kfree(tid_agg_rx->reorder_buf);
1287 sta->ampdu_mlme.tid_rx[tid] = NULL;
1291 /* change state and send addba resp */
1292 sta->ampdu_mlme.tid_state_rx[tid] = HT_AGG_STATE_OPERATIONAL;
1293 tid_agg_rx->dialog_token = dialog_token;
1294 tid_agg_rx->ssn = start_seq_num;
1295 tid_agg_rx->head_seq_num = start_seq_num;
1296 tid_agg_rx->buf_size = buf_size;
1297 tid_agg_rx->timeout = timeout;
1298 tid_agg_rx->stored_mpdu_num = 0;
1299 status = WLAN_STATUS_SUCCESS;
1301 spin_unlock_bh(&sta->ampdu_mlme.ampdu_rx);
1304 ieee80211_send_addba_resp(sta->sdata->dev, sta->addr, tid,
1305 dialog_token, status, 1, buf_size, timeout);
1309 static void ieee80211_sta_process_addba_resp(struct net_device *dev,
1310 struct ieee80211_mgmt *mgmt,
1313 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1314 struct ieee80211_hw *hw = &local->hw;
1315 struct sta_info *sta;
1322 sta = sta_info_get(local, mgmt->sa);
1328 capab = le16_to_cpu(mgmt->u.action.u.addba_resp.capab);
1329 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
1331 state = &sta->ampdu_mlme.tid_state_tx[tid];
1333 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx);
1335 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
1336 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
1337 printk(KERN_DEBUG "state not HT_ADDBA_REQUESTED_MSK:"
1339 goto addba_resp_exit;
1342 if (mgmt->u.action.u.addba_resp.dialog_token !=
1343 sta->ampdu_mlme.tid_tx[tid]->dialog_token) {
1344 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
1345 #ifdef CONFIG_MAC80211_HT_DEBUG
1346 printk(KERN_DEBUG "wrong addBA response token, tid %d\n", tid);
1347 #endif /* CONFIG_MAC80211_HT_DEBUG */
1348 goto addba_resp_exit;
1351 del_timer_sync(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
1352 #ifdef CONFIG_MAC80211_HT_DEBUG
1353 printk(KERN_DEBUG "switched off addBA timer for tid %d \n", tid);
1354 #endif /* CONFIG_MAC80211_HT_DEBUG */
1355 if (le16_to_cpu(mgmt->u.action.u.addba_resp.status)
1356 == WLAN_STATUS_SUCCESS) {
1357 if (*state & HT_ADDBA_RECEIVED_MSK)
1358 printk(KERN_DEBUG "double addBA response\n");
1360 *state |= HT_ADDBA_RECEIVED_MSK;
1361 sta->ampdu_mlme.addba_req_num[tid] = 0;
1363 if (*state == HT_AGG_STATE_OPERATIONAL) {
1364 printk(KERN_DEBUG "Aggregation on for tid %d \n", tid);
1365 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]);
1368 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
1369 printk(KERN_DEBUG "recipient accepted agg: tid %d \n", tid);
1371 printk(KERN_DEBUG "recipient rejected agg: tid %d \n", tid);
1373 sta->ampdu_mlme.addba_req_num[tid]++;
1374 /* this will allow the state check in stop_BA_session */
1375 *state = HT_AGG_STATE_OPERATIONAL;
1376 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
1377 ieee80211_stop_tx_ba_session(hw, sta->addr, tid,
1378 WLAN_BACK_INITIATOR);
1385 void ieee80211_send_delba(struct net_device *dev, const u8 *da, u16 tid,
1386 u16 initiator, u16 reason_code)
1388 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1389 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1390 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
1391 struct sk_buff *skb;
1392 struct ieee80211_mgmt *mgmt;
1395 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom + 1 +
1396 sizeof(mgmt->u.action.u.delba));
1399 printk(KERN_ERR "%s: failed to allocate buffer "
1400 "for delba frame\n", dev->name);
1404 skb_reserve(skb, local->hw.extra_tx_headroom);
1405 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
1406 memset(mgmt, 0, 24);
1407 memcpy(mgmt->da, da, ETH_ALEN);
1408 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
1409 if (sdata->vif.type == IEEE80211_IF_TYPE_AP)
1410 memcpy(mgmt->bssid, dev->dev_addr, ETH_ALEN);
1412 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1413 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
1414 IEEE80211_STYPE_ACTION);
1416 skb_put(skb, 1 + sizeof(mgmt->u.action.u.delba));
1418 mgmt->u.action.category = WLAN_CATEGORY_BACK;
1419 mgmt->u.action.u.delba.action_code = WLAN_ACTION_DELBA;
1420 params = (u16)(initiator << 11); /* bit 11 initiator */
1421 params |= (u16)(tid << 12); /* bit 15:12 TID number */
1423 mgmt->u.action.u.delba.params = cpu_to_le16(params);
1424 mgmt->u.action.u.delba.reason_code = cpu_to_le16(reason_code);
1426 ieee80211_sta_tx(dev, skb, 0);
1429 void ieee80211_sta_stop_rx_ba_session(struct net_device *dev, u8 *ra, u16 tid,
1430 u16 initiator, u16 reason)
1432 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1433 struct ieee80211_hw *hw = &local->hw;
1434 struct sta_info *sta;
1439 sta = sta_info_get(local, ra);
1445 /* check if TID is in operational state */
1446 spin_lock_bh(&sta->ampdu_mlme.ampdu_rx);
1447 if (sta->ampdu_mlme.tid_state_rx[tid]
1448 != HT_AGG_STATE_OPERATIONAL) {
1449 spin_unlock_bh(&sta->ampdu_mlme.ampdu_rx);
1453 sta->ampdu_mlme.tid_state_rx[tid] =
1454 HT_AGG_STATE_REQ_STOP_BA_MSK |
1455 (initiator << HT_AGG_STATE_INITIATOR_SHIFT);
1456 spin_unlock_bh(&sta->ampdu_mlme.ampdu_rx);
1458 /* stop HW Rx aggregation. ampdu_action existence
1459 * already verified in session init so we add the BUG_ON */
1460 BUG_ON(!local->ops->ampdu_action);
1462 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_STOP,
1465 printk(KERN_DEBUG "HW problem - can not stop rx "
1466 "aggergation for tid %d\n", tid);
1468 /* shutdown timer has not expired */
1469 if (initiator != WLAN_BACK_TIMER)
1470 del_timer_sync(&sta->ampdu_mlme.tid_rx[tid]->session_timer);
1472 /* check if this is a self generated aggregation halt */
1473 if (initiator == WLAN_BACK_RECIPIENT || initiator == WLAN_BACK_TIMER)
1474 ieee80211_send_delba(dev, ra, tid, 0, reason);
1476 /* free the reordering buffer */
1477 for (i = 0; i < sta->ampdu_mlme.tid_rx[tid]->buf_size; i++) {
1478 if (sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i]) {
1479 /* release the reordered frames */
1480 dev_kfree_skb(sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i]);
1481 sta->ampdu_mlme.tid_rx[tid]->stored_mpdu_num--;
1482 sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i] = NULL;
1485 /* free resources */
1486 kfree(sta->ampdu_mlme.tid_rx[tid]->reorder_buf);
1487 kfree(sta->ampdu_mlme.tid_rx[tid]);
1488 sta->ampdu_mlme.tid_rx[tid] = NULL;
1489 sta->ampdu_mlme.tid_state_rx[tid] = HT_AGG_STATE_IDLE;
1495 static void ieee80211_sta_process_delba(struct net_device *dev,
1496 struct ieee80211_mgmt *mgmt, size_t len)
1498 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1499 struct sta_info *sta;
1502 DECLARE_MAC_BUF(mac);
1506 sta = sta_info_get(local, mgmt->sa);
1512 params = le16_to_cpu(mgmt->u.action.u.delba.params);
1513 tid = (params & IEEE80211_DELBA_PARAM_TID_MASK) >> 12;
1514 initiator = (params & IEEE80211_DELBA_PARAM_INITIATOR_MASK) >> 11;
1516 #ifdef CONFIG_MAC80211_HT_DEBUG
1517 if (net_ratelimit())
1518 printk(KERN_DEBUG "delba from %s (%s) tid %d reason code %d\n",
1519 print_mac(mac, mgmt->sa),
1520 initiator ? "initiator" : "recipient", tid,
1521 mgmt->u.action.u.delba.reason_code);
1522 #endif /* CONFIG_MAC80211_HT_DEBUG */
1524 if (initiator == WLAN_BACK_INITIATOR)
1525 ieee80211_sta_stop_rx_ba_session(dev, sta->addr, tid,
1526 WLAN_BACK_INITIATOR, 0);
1527 else { /* WLAN_BACK_RECIPIENT */
1528 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx);
1529 sta->ampdu_mlme.tid_state_tx[tid] =
1530 HT_AGG_STATE_OPERATIONAL;
1531 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
1532 ieee80211_stop_tx_ba_session(&local->hw, sta->addr, tid,
1533 WLAN_BACK_RECIPIENT);
1539 * After sending add Block Ack request we activated a timer until
1540 * add Block Ack response will arrive from the recipient.
1541 * If this timer expires sta_addba_resp_timer_expired will be executed.
1543 void sta_addba_resp_timer_expired(unsigned long data)
1545 /* not an elegant detour, but there is no choice as the timer passes
1546 * only one argument, and both sta_info and TID are needed, so init
1547 * flow in sta_info_create gives the TID as data, while the timer_to_id
1548 * array gives the sta through container_of */
1549 u16 tid = *(int *)data;
1550 struct sta_info *temp_sta = container_of((void *)data,
1551 struct sta_info, timer_to_tid[tid]);
1553 struct ieee80211_local *local = temp_sta->local;
1554 struct ieee80211_hw *hw = &local->hw;
1555 struct sta_info *sta;
1560 sta = sta_info_get(local, temp_sta->addr);
1566 state = &sta->ampdu_mlme.tid_state_tx[tid];
1567 /* check if the TID waits for addBA response */
1568 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx);
1569 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
1570 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
1571 *state = HT_AGG_STATE_IDLE;
1572 printk(KERN_DEBUG "timer expired on tid %d but we are not "
1573 "expecting addBA response there", tid);
1574 goto timer_expired_exit;
1577 printk(KERN_DEBUG "addBA response timer expired on tid %d\n", tid);
1579 /* go through the state check in stop_BA_session */
1580 *state = HT_AGG_STATE_OPERATIONAL;
1581 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx);
1582 ieee80211_stop_tx_ba_session(hw, temp_sta->addr, tid,
1583 WLAN_BACK_INITIATOR);
1590 * After accepting the AddBA Request we activated a timer,
1591 * resetting it after each frame that arrives from the originator.
1592 * if this timer expires ieee80211_sta_stop_rx_ba_session will be executed.
1594 void sta_rx_agg_session_timer_expired(unsigned long data)
1596 /* not an elegant detour, but there is no choice as the timer passes
1597 * only one argument, and verious sta_info are needed here, so init
1598 * flow in sta_info_create gives the TID as data, while the timer_to_id
1599 * array gives the sta through container_of */
1600 u8 *ptid = (u8 *)data;
1601 u8 *timer_to_id = ptid - *ptid;
1602 struct sta_info *sta = container_of(timer_to_id, struct sta_info,
1605 printk(KERN_DEBUG "rx session timer expired on tid %d\n", (u16)*ptid);
1606 ieee80211_sta_stop_rx_ba_session(sta->sdata->dev, sta->addr,
1607 (u16)*ptid, WLAN_BACK_TIMER,
1608 WLAN_REASON_QSTA_TIMEOUT);
1611 void ieee80211_sta_tear_down_BA_sessions(struct net_device *dev, u8 *addr)
1613 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1616 for (i = 0; i < STA_TID_NUM; i++) {
1617 ieee80211_stop_tx_ba_session(&local->hw, addr, i,
1618 WLAN_BACK_INITIATOR);
1619 ieee80211_sta_stop_rx_ba_session(dev, addr, i,
1620 WLAN_BACK_RECIPIENT,
1621 WLAN_REASON_QSTA_LEAVE_QBSS);
1625 static void ieee80211_rx_mgmt_auth(struct net_device *dev,
1626 struct ieee80211_if_sta *ifsta,
1627 struct ieee80211_mgmt *mgmt,
1630 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1631 u16 auth_alg, auth_transaction, status_code;
1632 DECLARE_MAC_BUF(mac);
1634 if (ifsta->state != IEEE80211_AUTHENTICATE &&
1635 sdata->vif.type != IEEE80211_IF_TYPE_IBSS) {
1636 printk(KERN_DEBUG "%s: authentication frame received from "
1637 "%s, but not in authenticate state - ignored\n",
1638 dev->name, print_mac(mac, mgmt->sa));
1643 printk(KERN_DEBUG "%s: too short (%zd) authentication frame "
1644 "received from %s - ignored\n",
1645 dev->name, len, print_mac(mac, mgmt->sa));
1649 if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
1650 memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1651 printk(KERN_DEBUG "%s: authentication frame received from "
1652 "unknown AP (SA=%s BSSID=%s) - "
1653 "ignored\n", dev->name, print_mac(mac, mgmt->sa),
1654 print_mac(mac, mgmt->bssid));
1658 if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
1659 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0) {
1660 printk(KERN_DEBUG "%s: authentication frame received from "
1661 "unknown BSSID (SA=%s BSSID=%s) - "
1662 "ignored\n", dev->name, print_mac(mac, mgmt->sa),
1663 print_mac(mac, mgmt->bssid));
1667 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
1668 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
1669 status_code = le16_to_cpu(mgmt->u.auth.status_code);
1671 printk(KERN_DEBUG "%s: RX authentication from %s (alg=%d "
1672 "transaction=%d status=%d)\n",
1673 dev->name, print_mac(mac, mgmt->sa), auth_alg,
1674 auth_transaction, status_code);
1676 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS) {
1677 /* IEEE 802.11 standard does not require authentication in IBSS
1678 * networks and most implementations do not seem to use it.
1679 * However, try to reply to authentication attempts if someone
1680 * has actually implemented this.
1681 * TODO: Could implement shared key authentication. */
1682 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1) {
1683 printk(KERN_DEBUG "%s: unexpected IBSS authentication "
1684 "frame (alg=%d transaction=%d)\n",
1685 dev->name, auth_alg, auth_transaction);
1688 ieee80211_send_auth(dev, ifsta, 2, NULL, 0, 0);
1691 if (auth_alg != ifsta->auth_alg ||
1692 auth_transaction != ifsta->auth_transaction) {
1693 printk(KERN_DEBUG "%s: unexpected authentication frame "
1694 "(alg=%d transaction=%d)\n",
1695 dev->name, auth_alg, auth_transaction);
1699 if (status_code != WLAN_STATUS_SUCCESS) {
1700 printk(KERN_DEBUG "%s: AP denied authentication (auth_alg=%d "
1701 "code=%d)\n", dev->name, ifsta->auth_alg, status_code);
1702 if (status_code == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) {
1704 const int num_algs = ARRAY_SIZE(algs);
1706 algs[0] = algs[1] = algs[2] = 0xff;
1707 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN)
1708 algs[0] = WLAN_AUTH_OPEN;
1709 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
1710 algs[1] = WLAN_AUTH_SHARED_KEY;
1711 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP)
1712 algs[2] = WLAN_AUTH_LEAP;
1713 if (ifsta->auth_alg == WLAN_AUTH_OPEN)
1715 else if (ifsta->auth_alg == WLAN_AUTH_SHARED_KEY)
1719 for (i = 0; i < num_algs; i++) {
1721 if (pos >= num_algs)
1723 if (algs[pos] == ifsta->auth_alg ||
1726 if (algs[pos] == WLAN_AUTH_SHARED_KEY &&
1727 !ieee80211_sta_wep_configured(dev))
1729 ifsta->auth_alg = algs[pos];
1730 printk(KERN_DEBUG "%s: set auth_alg=%d for "
1732 dev->name, ifsta->auth_alg);
1739 switch (ifsta->auth_alg) {
1740 case WLAN_AUTH_OPEN:
1741 case WLAN_AUTH_LEAP:
1742 ieee80211_auth_completed(dev, ifsta);
1744 case WLAN_AUTH_SHARED_KEY:
1745 if (ifsta->auth_transaction == 4)
1746 ieee80211_auth_completed(dev, ifsta);
1748 ieee80211_auth_challenge(dev, ifsta, mgmt, len);
1754 static void ieee80211_rx_mgmt_deauth(struct net_device *dev,
1755 struct ieee80211_if_sta *ifsta,
1756 struct ieee80211_mgmt *mgmt,
1760 DECLARE_MAC_BUF(mac);
1763 printk(KERN_DEBUG "%s: too short (%zd) deauthentication frame "
1764 "received from %s - ignored\n",
1765 dev->name, len, print_mac(mac, mgmt->sa));
1769 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1770 printk(KERN_DEBUG "%s: deauthentication frame received from "
1771 "unknown AP (SA=%s BSSID=%s) - "
1772 "ignored\n", dev->name, print_mac(mac, mgmt->sa),
1773 print_mac(mac, mgmt->bssid));
1777 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code);
1779 printk(KERN_DEBUG "%s: RX deauthentication from %s"
1781 dev->name, print_mac(mac, mgmt->sa), reason_code);
1783 if (ifsta->flags & IEEE80211_STA_AUTHENTICATED) {
1784 printk(KERN_DEBUG "%s: deauthenticated\n", dev->name);
1787 if (ifsta->state == IEEE80211_AUTHENTICATE ||
1788 ifsta->state == IEEE80211_ASSOCIATE ||
1789 ifsta->state == IEEE80211_ASSOCIATED) {
1790 ifsta->state = IEEE80211_AUTHENTICATE;
1791 mod_timer(&ifsta->timer, jiffies +
1792 IEEE80211_RETRY_AUTH_INTERVAL);
1795 ieee80211_set_disassoc(dev, ifsta, 1);
1796 ifsta->flags &= ~IEEE80211_STA_AUTHENTICATED;
1800 static void ieee80211_rx_mgmt_disassoc(struct net_device *dev,
1801 struct ieee80211_if_sta *ifsta,
1802 struct ieee80211_mgmt *mgmt,
1806 DECLARE_MAC_BUF(mac);
1809 printk(KERN_DEBUG "%s: too short (%zd) disassociation frame "
1810 "received from %s - ignored\n",
1811 dev->name, len, print_mac(mac, mgmt->sa));
1815 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1816 printk(KERN_DEBUG "%s: disassociation frame received from "
1817 "unknown AP (SA=%s BSSID=%s) - "
1818 "ignored\n", dev->name, print_mac(mac, mgmt->sa),
1819 print_mac(mac, mgmt->bssid));
1823 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
1825 printk(KERN_DEBUG "%s: RX disassociation from %s"
1827 dev->name, print_mac(mac, mgmt->sa), reason_code);
1829 if (ifsta->flags & IEEE80211_STA_ASSOCIATED)
1830 printk(KERN_DEBUG "%s: disassociated\n", dev->name);
1832 if (ifsta->state == IEEE80211_ASSOCIATED) {
1833 ifsta->state = IEEE80211_ASSOCIATE;
1834 mod_timer(&ifsta->timer, jiffies +
1835 IEEE80211_RETRY_AUTH_INTERVAL);
1838 ieee80211_set_disassoc(dev, ifsta, 0);
1842 static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1843 struct ieee80211_if_sta *ifsta,
1844 struct ieee80211_mgmt *mgmt,
1848 struct ieee80211_local *local = sdata->local;
1849 struct net_device *dev = sdata->dev;
1850 struct ieee80211_supported_band *sband;
1851 struct sta_info *sta;
1852 u64 rates, basic_rates;
1853 u16 capab_info, status_code, aid;
1854 struct ieee802_11_elems elems;
1855 struct ieee80211_bss_conf *bss_conf = &sdata->bss_conf;
1858 DECLARE_MAC_BUF(mac);
1859 bool have_higher_than_11mbit = false;
1861 /* AssocResp and ReassocResp have identical structure, so process both
1862 * of them in this function. */
1864 if (ifsta->state != IEEE80211_ASSOCIATE) {
1865 printk(KERN_DEBUG "%s: association frame received from "
1866 "%s, but not in associate state - ignored\n",
1867 dev->name, print_mac(mac, mgmt->sa));
1872 printk(KERN_DEBUG "%s: too short (%zd) association frame "
1873 "received from %s - ignored\n",
1874 dev->name, len, print_mac(mac, mgmt->sa));
1878 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1879 printk(KERN_DEBUG "%s: association frame received from "
1880 "unknown AP (SA=%s BSSID=%s) - "
1881 "ignored\n", dev->name, print_mac(mac, mgmt->sa),
1882 print_mac(mac, mgmt->bssid));
1886 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
1887 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code);
1888 aid = le16_to_cpu(mgmt->u.assoc_resp.aid);
1890 printk(KERN_DEBUG "%s: RX %sssocResp from %s (capab=0x%x "
1891 "status=%d aid=%d)\n",
1892 dev->name, reassoc ? "Rea" : "A", print_mac(mac, mgmt->sa),
1893 capab_info, status_code, (u16)(aid & ~(BIT(15) | BIT(14))));
1895 if (status_code != WLAN_STATUS_SUCCESS) {
1896 printk(KERN_DEBUG "%s: AP denied association (code=%d)\n",
1897 dev->name, status_code);
1898 /* if this was a reassociation, ensure we try a "full"
1899 * association next time. This works around some broken APs
1900 * which do not correctly reject reassociation requests. */
1901 ifsta->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
1905 if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14)))
1906 printk(KERN_DEBUG "%s: invalid aid value %d; bits 15:14 not "
1907 "set\n", dev->name, aid);
1908 aid &= ~(BIT(15) | BIT(14));
1910 pos = mgmt->u.assoc_resp.variable;
1911 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
1913 if (!elems.supp_rates) {
1914 printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n",
1919 printk(KERN_DEBUG "%s: associated\n", dev->name);
1921 ifsta->ap_capab = capab_info;
1923 kfree(ifsta->assocresp_ies);
1924 ifsta->assocresp_ies_len = len - (pos - (u8 *) mgmt);
1925 ifsta->assocresp_ies = kmalloc(ifsta->assocresp_ies_len, GFP_KERNEL);
1926 if (ifsta->assocresp_ies)
1927 memcpy(ifsta->assocresp_ies, pos, ifsta->assocresp_ies_len);
1931 /* Add STA entry for the AP */
1932 sta = sta_info_get(local, ifsta->bssid);
1934 struct ieee80211_sta_bss *bss;
1937 sta = sta_info_alloc(sdata, ifsta->bssid, GFP_ATOMIC);
1939 printk(KERN_DEBUG "%s: failed to alloc STA entry for"
1940 " the AP\n", dev->name);
1944 bss = ieee80211_rx_bss_get(dev, ifsta->bssid,
1945 local->hw.conf.channel->center_freq,
1946 ifsta->ssid, ifsta->ssid_len);
1948 sta->last_rssi = bss->rssi;
1949 sta->last_signal = bss->signal;
1950 sta->last_noise = bss->noise;
1951 ieee80211_rx_bss_put(dev, bss);
1954 err = sta_info_insert(sta);
1956 printk(KERN_DEBUG "%s: failed to insert STA entry for"
1957 " the AP (error %d)\n", dev->name, err);
1964 * FIXME: Do we really need to update the sta_info's information here?
1965 * We already know about the AP (we found it in our list) so it
1966 * should already be filled with the right info, no?
1967 * As is stands, all this is racy because typically we assume
1968 * the information that is filled in here (except flags) doesn't
1969 * change while a STA structure is alive. As such, it should move
1970 * to between the sta_info_alloc() and sta_info_insert() above.
1973 sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_AP |
1974 WLAN_STA_AUTHORIZED;
1978 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
1980 for (i = 0; i < elems.supp_rates_len; i++) {
1981 int rate = (elems.supp_rates[i] & 0x7f) * 5;
1984 have_higher_than_11mbit = true;
1986 for (j = 0; j < sband->n_bitrates; j++) {
1987 if (sband->bitrates[j].bitrate == rate)
1989 if (elems.supp_rates[i] & 0x80)
1990 basic_rates |= BIT(j);
1994 for (i = 0; i < elems.ext_supp_rates_len; i++) {
1995 int rate = (elems.ext_supp_rates[i] & 0x7f) * 5;
1998 have_higher_than_11mbit = true;
2000 for (j = 0; j < sband->n_bitrates; j++) {
2001 if (sband->bitrates[j].bitrate == rate)
2003 if (elems.ext_supp_rates[i] & 0x80)
2004 basic_rates |= BIT(j);
2008 sta->supp_rates[local->hw.conf.channel->band] = rates;
2009 sdata->basic_rates = basic_rates;
2011 /* cf. IEEE 802.11 9.2.12 */
2012 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
2013 have_higher_than_11mbit)
2014 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
2016 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
2018 if (elems.ht_cap_elem && elems.ht_info_elem && elems.wmm_param) {
2019 struct ieee80211_ht_bss_info bss_info;
2020 ieee80211_ht_cap_ie_to_ht_info(
2021 (struct ieee80211_ht_cap *)
2022 elems.ht_cap_elem, &sta->ht_info);
2023 ieee80211_ht_addt_info_ie_to_ht_bss_info(
2024 (struct ieee80211_ht_addt_info *)
2025 elems.ht_info_elem, &bss_info);
2026 ieee80211_handle_ht(local, 1, &sta->ht_info, &bss_info);
2029 rate_control_rate_init(sta, local);
2031 if (elems.wmm_param && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
2032 sta->flags |= WLAN_STA_WME;
2034 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param,
2035 elems.wmm_param_len);
2039 /* set AID and assoc capability,
2040 * ieee80211_set_associated() will tell the driver */
2041 bss_conf->aid = aid;
2042 bss_conf->assoc_capability = capab_info;
2043 ieee80211_set_associated(dev, ifsta, 1);
2045 ieee80211_associated(dev, ifsta);
2049 /* Caller must hold local->sta_bss_lock */
2050 static void __ieee80211_rx_bss_hash_add(struct net_device *dev,
2051 struct ieee80211_sta_bss *bss)
2053 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2056 if (bss_mesh_cfg(bss))
2057 hash_idx = mesh_id_hash(bss_mesh_id(bss),
2058 bss_mesh_id_len(bss));
2060 hash_idx = STA_HASH(bss->bssid);
2062 bss->hnext = local->sta_bss_hash[hash_idx];
2063 local->sta_bss_hash[hash_idx] = bss;
2067 /* Caller must hold local->sta_bss_lock */
2068 static void __ieee80211_rx_bss_hash_del(struct net_device *dev,
2069 struct ieee80211_sta_bss *bss)
2071 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2072 struct ieee80211_sta_bss *b, *prev = NULL;
2073 b = local->sta_bss_hash[STA_HASH(bss->bssid)];
2077 local->sta_bss_hash[STA_HASH(bss->bssid)] =
2080 prev->hnext = bss->hnext;
2089 static struct ieee80211_sta_bss *
2090 ieee80211_rx_bss_add(struct net_device *dev, u8 *bssid, int freq,
2091 u8 *ssid, u8 ssid_len)
2093 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2094 struct ieee80211_sta_bss *bss;
2096 bss = kzalloc(sizeof(*bss), GFP_ATOMIC);
2099 atomic_inc(&bss->users);
2100 atomic_inc(&bss->users);
2101 memcpy(bss->bssid, bssid, ETH_ALEN);
2103 if (ssid && ssid_len <= IEEE80211_MAX_SSID_LEN) {
2104 memcpy(bss->ssid, ssid, ssid_len);
2105 bss->ssid_len = ssid_len;
2108 spin_lock_bh(&local->sta_bss_lock);
2109 /* TODO: order by RSSI? */
2110 list_add_tail(&bss->list, &local->sta_bss_list);
2111 __ieee80211_rx_bss_hash_add(dev, bss);
2112 spin_unlock_bh(&local->sta_bss_lock);
2116 static struct ieee80211_sta_bss *
2117 ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid, int freq,
2118 u8 *ssid, u8 ssid_len)
2120 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2121 struct ieee80211_sta_bss *bss;
2123 spin_lock_bh(&local->sta_bss_lock);
2124 bss = local->sta_bss_hash[STA_HASH(bssid)];
2126 if (!bss_mesh_cfg(bss) &&
2127 !memcmp(bss->bssid, bssid, ETH_ALEN) &&
2128 bss->freq == freq &&
2129 bss->ssid_len == ssid_len &&
2130 (ssid_len == 0 || !memcmp(bss->ssid, ssid, ssid_len))) {
2131 atomic_inc(&bss->users);
2136 spin_unlock_bh(&local->sta_bss_lock);
2140 #ifdef CONFIG_MAC80211_MESH
2141 static struct ieee80211_sta_bss *
2142 ieee80211_rx_mesh_bss_get(struct net_device *dev, u8 *mesh_id, int mesh_id_len,
2143 u8 *mesh_cfg, int freq)
2145 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2146 struct ieee80211_sta_bss *bss;
2148 spin_lock_bh(&local->sta_bss_lock);
2149 bss = local->sta_bss_hash[mesh_id_hash(mesh_id, mesh_id_len)];
2151 if (bss_mesh_cfg(bss) &&
2152 !memcmp(bss_mesh_cfg(bss), mesh_cfg, MESH_CFG_CMP_LEN) &&
2153 bss->freq == freq &&
2154 mesh_id_len == bss->mesh_id_len &&
2155 (mesh_id_len == 0 || !memcmp(bss->mesh_id, mesh_id,
2157 atomic_inc(&bss->users);
2162 spin_unlock_bh(&local->sta_bss_lock);
2166 static struct ieee80211_sta_bss *
2167 ieee80211_rx_mesh_bss_add(struct net_device *dev, u8 *mesh_id, int mesh_id_len,
2168 u8 *mesh_cfg, int mesh_config_len, int freq)
2170 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2171 struct ieee80211_sta_bss *bss;
2173 if (mesh_config_len != MESH_CFG_LEN)
2176 bss = kzalloc(sizeof(*bss), GFP_ATOMIC);
2180 bss->mesh_cfg = kmalloc(MESH_CFG_CMP_LEN, GFP_ATOMIC);
2181 if (!bss->mesh_cfg) {
2186 if (mesh_id_len && mesh_id_len <= IEEE80211_MAX_MESH_ID_LEN) {
2187 bss->mesh_id = kmalloc(mesh_id_len, GFP_ATOMIC);
2188 if (!bss->mesh_id) {
2189 kfree(bss->mesh_cfg);
2193 memcpy(bss->mesh_id, mesh_id, mesh_id_len);
2196 atomic_inc(&bss->users);
2197 atomic_inc(&bss->users);
2198 memcpy(bss->mesh_cfg, mesh_cfg, MESH_CFG_CMP_LEN);
2199 bss->mesh_id_len = mesh_id_len;
2201 spin_lock_bh(&local->sta_bss_lock);
2202 /* TODO: order by RSSI? */
2203 list_add_tail(&bss->list, &local->sta_bss_list);
2204 __ieee80211_rx_bss_hash_add(dev, bss);
2205 spin_unlock_bh(&local->sta_bss_lock);
2210 static void ieee80211_rx_bss_free(struct ieee80211_sta_bss *bss)
2216 kfree(bss_mesh_id(bss));
2217 kfree(bss_mesh_cfg(bss));
2222 static void ieee80211_rx_bss_put(struct net_device *dev,
2223 struct ieee80211_sta_bss *bss)
2225 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2226 if (!atomic_dec_and_test(&bss->users))
2229 spin_lock_bh(&local->sta_bss_lock);
2230 __ieee80211_rx_bss_hash_del(dev, bss);
2231 list_del(&bss->list);
2232 spin_unlock_bh(&local->sta_bss_lock);
2233 ieee80211_rx_bss_free(bss);
2237 void ieee80211_rx_bss_list_init(struct net_device *dev)
2239 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2240 spin_lock_init(&local->sta_bss_lock);
2241 INIT_LIST_HEAD(&local->sta_bss_list);
2245 void ieee80211_rx_bss_list_deinit(struct net_device *dev)
2247 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2248 struct ieee80211_sta_bss *bss, *tmp;
2250 list_for_each_entry_safe(bss, tmp, &local->sta_bss_list, list)
2251 ieee80211_rx_bss_put(dev, bss);
2255 static int ieee80211_sta_join_ibss(struct net_device *dev,
2256 struct ieee80211_if_sta *ifsta,
2257 struct ieee80211_sta_bss *bss)
2259 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2260 int res, rates, i, j;
2261 struct sk_buff *skb;
2262 struct ieee80211_mgmt *mgmt;
2263 struct ieee80211_tx_control control;
2264 struct rate_selection ratesel;
2266 struct ieee80211_sub_if_data *sdata;
2267 struct ieee80211_supported_band *sband;
2269 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2271 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2273 /* Remove possible STA entries from other IBSS networks. */
2274 sta_info_flush_delayed(sdata);
2276 if (local->ops->reset_tsf) {
2277 /* Reset own TSF to allow time synchronization work. */
2278 local->ops->reset_tsf(local_to_hw(local));
2280 memcpy(ifsta->bssid, bss->bssid, ETH_ALEN);
2281 res = ieee80211_if_config(dev);
2285 local->hw.conf.beacon_int = bss->beacon_int >= 10 ? bss->beacon_int : 10;
2287 sdata->drop_unencrypted = bss->capability &
2288 WLAN_CAPABILITY_PRIVACY ? 1 : 0;
2290 res = ieee80211_set_freq(local, bss->freq);
2292 if (local->oper_channel->flags & IEEE80211_CHAN_NO_IBSS) {
2293 printk(KERN_DEBUG "%s: IBSS not allowed on frequency "
2294 "%d MHz\n", dev->name, local->oper_channel->center_freq);
2298 /* Set beacon template */
2299 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400);
2304 skb_reserve(skb, local->hw.extra_tx_headroom);
2306 mgmt = (struct ieee80211_mgmt *)
2307 skb_put(skb, 24 + sizeof(mgmt->u.beacon));
2308 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon));
2309 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
2310 IEEE80211_STYPE_BEACON);
2311 memset(mgmt->da, 0xff, ETH_ALEN);
2312 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
2313 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
2314 mgmt->u.beacon.beacon_int =
2315 cpu_to_le16(local->hw.conf.beacon_int);
2316 mgmt->u.beacon.capab_info = cpu_to_le16(bss->capability);
2318 pos = skb_put(skb, 2 + ifsta->ssid_len);
2319 *pos++ = WLAN_EID_SSID;
2320 *pos++ = ifsta->ssid_len;
2321 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
2323 rates = bss->supp_rates_len;
2326 pos = skb_put(skb, 2 + rates);
2327 *pos++ = WLAN_EID_SUPP_RATES;
2329 memcpy(pos, bss->supp_rates, rates);
2331 if (bss->band == IEEE80211_BAND_2GHZ) {
2332 pos = skb_put(skb, 2 + 1);
2333 *pos++ = WLAN_EID_DS_PARAMS;
2335 *pos++ = ieee80211_frequency_to_channel(bss->freq);
2338 pos = skb_put(skb, 2 + 2);
2339 *pos++ = WLAN_EID_IBSS_PARAMS;
2341 /* FIX: set ATIM window based on scan results */
2345 if (bss->supp_rates_len > 8) {
2346 rates = bss->supp_rates_len - 8;
2347 pos = skb_put(skb, 2 + rates);
2348 *pos++ = WLAN_EID_EXT_SUPP_RATES;
2350 memcpy(pos, &bss->supp_rates[8], rates);
2353 memset(&control, 0, sizeof(control));
2354 rate_control_get_rate(dev, sband, skb, &ratesel);
2355 if (!ratesel.rate) {
2356 printk(KERN_DEBUG "%s: Failed to determine TX rate "
2357 "for IBSS beacon\n", dev->name);
2360 control.vif = &sdata->vif;
2361 control.tx_rate = ratesel.rate;
2362 if (sdata->bss_conf.use_short_preamble &&
2363 ratesel.rate->flags & IEEE80211_RATE_SHORT_PREAMBLE)
2364 control.flags |= IEEE80211_TXCTL_SHORT_PREAMBLE;
2365 control.antenna_sel_tx = local->hw.conf.antenna_sel_tx;
2366 control.flags |= IEEE80211_TXCTL_NO_ACK;
2367 control.retry_limit = 1;
2369 ifsta->probe_resp = skb_copy(skb, GFP_ATOMIC);
2370 if (ifsta->probe_resp) {
2371 mgmt = (struct ieee80211_mgmt *)
2372 ifsta->probe_resp->data;
2373 mgmt->frame_control =
2374 IEEE80211_FC(IEEE80211_FTYPE_MGMT,
2375 IEEE80211_STYPE_PROBE_RESP);
2377 printk(KERN_DEBUG "%s: Could not allocate ProbeResp "
2378 "template for IBSS\n", dev->name);
2381 if (local->ops->beacon_update &&
2382 local->ops->beacon_update(local_to_hw(local),
2383 skb, &control) == 0) {
2384 printk(KERN_DEBUG "%s: Configured IBSS beacon "
2385 "template\n", dev->name);
2390 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2391 for (i = 0; i < bss->supp_rates_len; i++) {
2392 int bitrate = (bss->supp_rates[i] & 0x7f) * 5;
2393 for (j = 0; j < sband->n_bitrates; j++)
2394 if (sband->bitrates[j].bitrate == bitrate)
2397 ifsta->supp_rates_bits[local->hw.conf.channel->band] = rates;
2399 ieee80211_sta_def_wmm_params(dev, bss, 1);
2403 printk(KERN_DEBUG "%s: Failed to configure IBSS beacon "
2404 "template\n", dev->name);
2408 ifsta->state = IEEE80211_IBSS_JOINED;
2409 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
2411 ieee80211_rx_bss_put(dev, bss);
2416 u64 ieee80211_sta_get_rates(struct ieee80211_local *local,
2417 struct ieee802_11_elems *elems,
2418 enum ieee80211_band band)
2420 struct ieee80211_supported_band *sband;
2421 struct ieee80211_rate *bitrates;
2425 sband = local->hw.wiphy->bands[band];
2429 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2432 bitrates = sband->bitrates;
2433 num_rates = sband->n_bitrates;
2435 for (i = 0; i < elems->supp_rates_len +
2436 elems->ext_supp_rates_len; i++) {
2439 if (i < elems->supp_rates_len)
2440 rate = elems->supp_rates[i];
2441 else if (elems->ext_supp_rates)
2442 rate = elems->ext_supp_rates
2443 [i - elems->supp_rates_len];
2444 own_rate = 5 * (rate & 0x7f);
2445 for (j = 0; j < num_rates; j++)
2446 if (bitrates[j].bitrate == own_rate)
2447 supp_rates |= BIT(j);
2453 static void ieee80211_rx_bss_info(struct net_device *dev,
2454 struct ieee80211_mgmt *mgmt,
2456 struct ieee80211_rx_status *rx_status,
2459 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2460 struct ieee802_11_elems elems;
2463 struct ieee80211_sta_bss *bss;
2464 struct sta_info *sta;
2465 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2466 u64 beacon_timestamp, rx_timestamp;
2467 struct ieee80211_channel *channel;
2468 DECLARE_MAC_BUF(mac);
2469 DECLARE_MAC_BUF(mac2);
2471 if (!beacon && memcmp(mgmt->da, dev->dev_addr, ETH_ALEN))
2472 return; /* ignore ProbeResp to foreign address */
2475 printk(KERN_DEBUG "%s: RX %s from %s to %s\n",
2476 dev->name, beacon ? "Beacon" : "Probe Response",
2477 print_mac(mac, mgmt->sa), print_mac(mac2, mgmt->da));
2480 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
2484 beacon_timestamp = le64_to_cpu(mgmt->u.beacon.timestamp);
2485 ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems);
2487 if (ieee80211_vif_is_mesh(&sdata->vif) && elems.mesh_id &&
2488 elems.mesh_config && mesh_matches_local(&elems, dev)) {
2489 u64 rates = ieee80211_sta_get_rates(local, &elems,
2492 mesh_neighbour_update(mgmt->sa, rates, dev,
2493 mesh_peer_accepts_plinks(&elems, dev));
2498 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS && elems.supp_rates &&
2499 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0 &&
2500 (sta = sta_info_get(local, mgmt->sa))) {
2502 u64 supp_rates = ieee80211_sta_get_rates(local, &elems,
2505 prev_rates = sta->supp_rates[rx_status->band];
2506 sta->supp_rates[rx_status->band] &= supp_rates;
2507 if (sta->supp_rates[rx_status->band] == 0) {
2508 /* No matching rates - this should not really happen.
2509 * Make sure that at least one rate is marked
2510 * supported to avoid issues with TX rate ctrl. */
2511 sta->supp_rates[rx_status->band] =
2512 sdata->u.sta.supp_rates_bits[rx_status->band];
2514 if (sta->supp_rates[rx_status->band] != prev_rates) {
2515 printk(KERN_DEBUG "%s: updated supp_rates set for "
2516 "%s based on beacon info (0x%llx & 0x%llx -> "
2518 dev->name, print_mac(mac, sta->addr),
2519 (unsigned long long) prev_rates,
2520 (unsigned long long) supp_rates,
2521 (unsigned long long) sta->supp_rates[rx_status->band]);
2527 if (elems.ds_params && elems.ds_params_len == 1)
2528 freq = ieee80211_channel_to_frequency(elems.ds_params[0]);
2530 freq = rx_status->freq;
2532 channel = ieee80211_get_channel(local->hw.wiphy, freq);
2534 if (!channel || channel->flags & IEEE80211_CHAN_DISABLED)
2537 #ifdef CONFIG_MAC80211_MESH
2538 if (elems.mesh_config)
2539 bss = ieee80211_rx_mesh_bss_get(dev, elems.mesh_id,
2540 elems.mesh_id_len, elems.mesh_config, freq);
2543 bss = ieee80211_rx_bss_get(dev, mgmt->bssid, freq,
2544 elems.ssid, elems.ssid_len);
2546 #ifdef CONFIG_MAC80211_MESH
2547 if (elems.mesh_config)
2548 bss = ieee80211_rx_mesh_bss_add(dev, elems.mesh_id,
2549 elems.mesh_id_len, elems.mesh_config,
2550 elems.mesh_config_len, freq);
2553 bss = ieee80211_rx_bss_add(dev, mgmt->bssid, freq,
2554 elems.ssid, elems.ssid_len);
2559 /* TODO: order by RSSI? */
2560 spin_lock_bh(&local->sta_bss_lock);
2561 list_move_tail(&bss->list, &local->sta_bss_list);
2562 spin_unlock_bh(&local->sta_bss_lock);
2566 bss->band = rx_status->band;
2568 if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
2569 bss->probe_resp && beacon) {
2571 * Do not allow beacon to override data from Probe Response. */
2572 ieee80211_rx_bss_put(dev, bss);
2576 /* save the ERP value so that it is available at association time */
2577 if (elems.erp_info && elems.erp_info_len >= 1) {
2578 bss->erp_value = elems.erp_info[0];
2579 bss->has_erp_value = 1;
2582 bss->beacon_int = le16_to_cpu(mgmt->u.beacon.beacon_int);
2583 bss->capability = le16_to_cpu(mgmt->u.beacon.capab_info);
2585 bss->supp_rates_len = 0;
2586 if (elems.supp_rates) {
2587 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len;
2588 if (clen > elems.supp_rates_len)
2589 clen = elems.supp_rates_len;
2590 memcpy(&bss->supp_rates[bss->supp_rates_len], elems.supp_rates,
2592 bss->supp_rates_len += clen;
2594 if (elems.ext_supp_rates) {
2595 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len;
2596 if (clen > elems.ext_supp_rates_len)
2597 clen = elems.ext_supp_rates_len;
2598 memcpy(&bss->supp_rates[bss->supp_rates_len],
2599 elems.ext_supp_rates, clen);
2600 bss->supp_rates_len += clen;
2604 (!bss->wpa_ie || bss->wpa_ie_len != elems.wpa_len ||
2605 memcmp(bss->wpa_ie, elems.wpa, elems.wpa_len))) {
2607 bss->wpa_ie = kmalloc(elems.wpa_len + 2, GFP_ATOMIC);
2609 memcpy(bss->wpa_ie, elems.wpa - 2, elems.wpa_len + 2);
2610 bss->wpa_ie_len = elems.wpa_len + 2;
2612 bss->wpa_ie_len = 0;
2613 } else if (!elems.wpa && bss->wpa_ie) {
2616 bss->wpa_ie_len = 0;
2620 (!bss->rsn_ie || bss->rsn_ie_len != elems.rsn_len ||
2621 memcmp(bss->rsn_ie, elems.rsn, elems.rsn_len))) {
2623 bss->rsn_ie = kmalloc(elems.rsn_len + 2, GFP_ATOMIC);
2625 memcpy(bss->rsn_ie, elems.rsn - 2, elems.rsn_len + 2);
2626 bss->rsn_ie_len = elems.rsn_len + 2;
2628 bss->rsn_ie_len = 0;
2629 } else if (!elems.rsn && bss->rsn_ie) {
2632 bss->rsn_ie_len = 0;
2635 if (elems.wmm_param &&
2636 (!bss->wmm_ie || bss->wmm_ie_len != elems.wmm_param_len ||
2637 memcmp(bss->wmm_ie, elems.wmm_param, elems.wmm_param_len))) {
2639 bss->wmm_ie = kmalloc(elems.wmm_param_len + 2, GFP_ATOMIC);
2641 memcpy(bss->wmm_ie, elems.wmm_param - 2,
2642 elems.wmm_param_len + 2);
2643 bss->wmm_ie_len = elems.wmm_param_len + 2;
2645 bss->wmm_ie_len = 0;
2646 } else if (!elems.wmm_param && bss->wmm_ie) {
2649 bss->wmm_ie_len = 0;
2651 if (elems.ht_cap_elem &&
2652 (!bss->ht_ie || bss->ht_ie_len != elems.ht_cap_elem_len ||
2653 memcmp(bss->ht_ie, elems.ht_cap_elem, elems.ht_cap_elem_len))) {
2655 bss->ht_ie = kmalloc(elems.ht_cap_elem_len + 2, GFP_ATOMIC);
2657 memcpy(bss->ht_ie, elems.ht_cap_elem - 2,
2658 elems.ht_cap_elem_len + 2);
2659 bss->ht_ie_len = elems.ht_cap_elem_len + 2;
2662 } else if (!elems.ht_cap_elem && bss->ht_ie) {
2668 bss->timestamp = beacon_timestamp;
2669 bss->last_update = jiffies;
2670 bss->rssi = rx_status->ssi;
2671 bss->signal = rx_status->signal;
2672 bss->noise = rx_status->noise;
2676 /* check if we need to merge IBSS */
2677 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS && beacon &&
2678 !local->sta_sw_scanning && !local->sta_hw_scanning &&
2679 bss->capability & WLAN_CAPABILITY_IBSS &&
2680 bss->freq == local->oper_channel->center_freq &&
2681 elems.ssid_len == sdata->u.sta.ssid_len &&
2682 memcmp(elems.ssid, sdata->u.sta.ssid, sdata->u.sta.ssid_len) == 0) {
2683 if (rx_status->flag & RX_FLAG_TSFT) {
2684 /* in order for correct IBSS merging we need mactime
2686 * since mactime is defined as the time the first data
2687 * symbol of the frame hits the PHY, and the timestamp
2688 * of the beacon is defined as "the time that the data
2689 * symbol containing the first bit of the timestamp is
2690 * transmitted to the PHY plus the transmitting STA’s
2691 * delays through its local PHY from the MAC-PHY
2692 * interface to its interface with the WM"
2693 * (802.11 11.1.2) - equals the time this bit arrives at
2694 * the receiver - we have to take into account the
2695 * offset between the two.
2696 * e.g: at 1 MBit that means mactime is 192 usec earlier
2697 * (=24 bytes * 8 usecs/byte) than the beacon timestamp.
2699 int rate = local->hw.wiphy->bands[rx_status->band]->
2700 bitrates[rx_status->rate_idx].bitrate;
2701 rx_timestamp = rx_status->mactime + (24 * 8 * 10 / rate);
2702 } else if (local && local->ops && local->ops->get_tsf)
2703 /* second best option: get current TSF */
2704 rx_timestamp = local->ops->get_tsf(local_to_hw(local));
2706 /* can't merge without knowing the TSF */
2707 rx_timestamp = -1LLU;
2708 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2709 printk(KERN_DEBUG "RX beacon SA=%s BSSID="
2710 "%s TSF=0x%llx BCN=0x%llx diff=%lld @%lu\n",
2711 print_mac(mac, mgmt->sa),
2712 print_mac(mac2, mgmt->bssid),
2713 (unsigned long long)rx_timestamp,
2714 (unsigned long long)beacon_timestamp,
2715 (unsigned long long)(rx_timestamp - beacon_timestamp),
2717 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
2718 if (beacon_timestamp > rx_timestamp) {
2719 #ifndef CONFIG_MAC80211_IBSS_DEBUG
2720 if (net_ratelimit())
2722 printk(KERN_DEBUG "%s: beacon TSF higher than "
2723 "local TSF - IBSS merge with BSSID %s\n",
2724 dev->name, print_mac(mac, mgmt->bssid));
2725 ieee80211_sta_join_ibss(dev, &sdata->u.sta, bss);
2726 ieee80211_ibss_add_sta(dev, NULL,
2727 mgmt->bssid, mgmt->sa);
2731 ieee80211_rx_bss_put(dev, bss);
2735 static void ieee80211_rx_mgmt_probe_resp(struct net_device *dev,
2736 struct ieee80211_mgmt *mgmt,
2738 struct ieee80211_rx_status *rx_status)
2740 ieee80211_rx_bss_info(dev, mgmt, len, rx_status, 0);
2744 static void ieee80211_rx_mgmt_beacon(struct net_device *dev,
2745 struct ieee80211_mgmt *mgmt,
2747 struct ieee80211_rx_status *rx_status)
2749 struct ieee80211_sub_if_data *sdata;
2750 struct ieee80211_if_sta *ifsta;
2752 struct ieee802_11_elems elems;
2753 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2754 struct ieee80211_conf *conf = &local->hw.conf;
2757 ieee80211_rx_bss_info(dev, mgmt, len, rx_status, 1);
2759 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2760 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
2762 ifsta = &sdata->u.sta;
2764 if (!(ifsta->flags & IEEE80211_STA_ASSOCIATED) ||
2765 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0)
2768 /* Process beacon from the current BSS */
2769 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
2773 ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems);
2775 if (elems.erp_info && elems.erp_info_len >= 1)
2776 changed |= ieee80211_handle_erp_ie(sdata, elems.erp_info[0]);
2778 if (elems.ht_cap_elem && elems.ht_info_elem &&
2779 elems.wmm_param && conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE) {
2780 struct ieee80211_ht_bss_info bss_info;
2782 ieee80211_ht_addt_info_ie_to_ht_bss_info(
2783 (struct ieee80211_ht_addt_info *)
2784 elems.ht_info_elem, &bss_info);
2785 changed |= ieee80211_handle_ht(local, 1, &conf->ht_conf,
2789 if (elems.wmm_param && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
2790 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param,
2791 elems.wmm_param_len);
2794 ieee80211_bss_info_change_notify(sdata, changed);
2798 static void ieee80211_rx_mgmt_probe_req(struct net_device *dev,
2799 struct ieee80211_if_sta *ifsta,
2800 struct ieee80211_mgmt *mgmt,
2802 struct ieee80211_rx_status *rx_status)
2804 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2805 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2807 struct sk_buff *skb;
2808 struct ieee80211_mgmt *resp;
2810 DECLARE_MAC_BUF(mac);
2811 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2812 DECLARE_MAC_BUF(mac2);
2813 DECLARE_MAC_BUF(mac3);
2816 if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS ||
2817 ifsta->state != IEEE80211_IBSS_JOINED ||
2818 len < 24 + 2 || !ifsta->probe_resp)
2821 if (local->ops->tx_last_beacon)
2822 tx_last_beacon = local->ops->tx_last_beacon(local_to_hw(local));
2826 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2827 printk(KERN_DEBUG "%s: RX ProbeReq SA=%s DA=%s BSSID="
2828 "%s (tx_last_beacon=%d)\n",
2829 dev->name, print_mac(mac, mgmt->sa), print_mac(mac2, mgmt->da),
2830 print_mac(mac3, mgmt->bssid), tx_last_beacon);
2831 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
2833 if (!tx_last_beacon)
2836 if (memcmp(mgmt->bssid, ifsta->bssid, ETH_ALEN) != 0 &&
2837 memcmp(mgmt->bssid, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0)
2840 end = ((u8 *) mgmt) + len;
2841 pos = mgmt->u.probe_req.variable;
2842 if (pos[0] != WLAN_EID_SSID ||
2843 pos + 2 + pos[1] > end) {
2844 if (net_ratelimit()) {
2845 printk(KERN_DEBUG "%s: Invalid SSID IE in ProbeReq "
2847 dev->name, print_mac(mac, mgmt->sa));
2852 (pos[1] != ifsta->ssid_len ||
2853 memcmp(pos + 2, ifsta->ssid, ifsta->ssid_len) != 0)) {
2854 /* Ignore ProbeReq for foreign SSID */
2858 /* Reply with ProbeResp */
2859 skb = skb_copy(ifsta->probe_resp, GFP_KERNEL);
2863 resp = (struct ieee80211_mgmt *) skb->data;
2864 memcpy(resp->da, mgmt->sa, ETH_ALEN);
2865 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2866 printk(KERN_DEBUG "%s: Sending ProbeResp to %s\n",
2867 dev->name, print_mac(mac, resp->da));
2868 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
2869 ieee80211_sta_tx(dev, skb, 0);
2872 static void ieee80211_rx_mgmt_action(struct net_device *dev,
2873 struct ieee80211_if_sta *ifsta,
2874 struct ieee80211_mgmt *mgmt,
2876 struct ieee80211_rx_status *rx_status)
2878 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2880 if (len < IEEE80211_MIN_ACTION_SIZE)
2883 switch (mgmt->u.action.category) {
2884 case WLAN_CATEGORY_BACK:
2885 switch (mgmt->u.action.u.addba_req.action_code) {
2886 case WLAN_ACTION_ADDBA_REQ:
2887 if (len < (IEEE80211_MIN_ACTION_SIZE +
2888 sizeof(mgmt->u.action.u.addba_req)))
2890 ieee80211_sta_process_addba_request(dev, mgmt, len);
2892 case WLAN_ACTION_ADDBA_RESP:
2893 if (len < (IEEE80211_MIN_ACTION_SIZE +
2894 sizeof(mgmt->u.action.u.addba_resp)))
2896 ieee80211_sta_process_addba_resp(dev, mgmt, len);
2898 case WLAN_ACTION_DELBA:
2899 if (len < (IEEE80211_MIN_ACTION_SIZE +
2900 sizeof(mgmt->u.action.u.delba)))
2902 ieee80211_sta_process_delba(dev, mgmt, len);
2905 if (net_ratelimit())
2906 printk(KERN_DEBUG "%s: Rx unknown A-MPDU action\n",
2911 case PLINK_CATEGORY:
2912 if (ieee80211_vif_is_mesh(&sdata->vif))
2913 mesh_rx_plink_frame(dev, mgmt, len, rx_status);
2915 case MESH_PATH_SEL_CATEGORY:
2916 if (ieee80211_vif_is_mesh(&sdata->vif))
2917 mesh_rx_path_sel_frame(dev, mgmt, len);
2920 if (net_ratelimit())
2921 printk(KERN_DEBUG "%s: Rx unknown action frame - "
2922 "category=%d\n", dev->name, mgmt->u.action.category);
2927 void ieee80211_sta_rx_mgmt(struct net_device *dev, struct sk_buff *skb,
2928 struct ieee80211_rx_status *rx_status)
2930 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2931 struct ieee80211_sub_if_data *sdata;
2932 struct ieee80211_if_sta *ifsta;
2933 struct ieee80211_mgmt *mgmt;
2939 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2940 ifsta = &sdata->u.sta;
2942 mgmt = (struct ieee80211_mgmt *) skb->data;
2943 fc = le16_to_cpu(mgmt->frame_control);
2945 switch (fc & IEEE80211_FCTL_STYPE) {
2946 case IEEE80211_STYPE_PROBE_REQ:
2947 case IEEE80211_STYPE_PROBE_RESP:
2948 case IEEE80211_STYPE_BEACON:
2949 case IEEE80211_STYPE_ACTION:
2950 memcpy(skb->cb, rx_status, sizeof(*rx_status));
2951 case IEEE80211_STYPE_AUTH:
2952 case IEEE80211_STYPE_ASSOC_RESP:
2953 case IEEE80211_STYPE_REASSOC_RESP:
2954 case IEEE80211_STYPE_DEAUTH:
2955 case IEEE80211_STYPE_DISASSOC:
2956 skb_queue_tail(&ifsta->skb_queue, skb);
2957 queue_work(local->hw.workqueue, &ifsta->work);
2960 printk(KERN_DEBUG "%s: received unknown management frame - "
2961 "stype=%d\n", dev->name,
2962 (fc & IEEE80211_FCTL_STYPE) >> 4);
2971 static void ieee80211_sta_rx_queued_mgmt(struct net_device *dev,
2972 struct sk_buff *skb)
2974 struct ieee80211_rx_status *rx_status;
2975 struct ieee80211_sub_if_data *sdata;
2976 struct ieee80211_if_sta *ifsta;
2977 struct ieee80211_mgmt *mgmt;
2980 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2981 ifsta = &sdata->u.sta;
2983 rx_status = (struct ieee80211_rx_status *) skb->cb;
2984 mgmt = (struct ieee80211_mgmt *) skb->data;
2985 fc = le16_to_cpu(mgmt->frame_control);
2987 switch (fc & IEEE80211_FCTL_STYPE) {
2988 case IEEE80211_STYPE_PROBE_REQ:
2989 ieee80211_rx_mgmt_probe_req(dev, ifsta, mgmt, skb->len,
2992 case IEEE80211_STYPE_PROBE_RESP:
2993 ieee80211_rx_mgmt_probe_resp(dev, mgmt, skb->len, rx_status);
2995 case IEEE80211_STYPE_BEACON:
2996 ieee80211_rx_mgmt_beacon(dev, mgmt, skb->len, rx_status);
2998 case IEEE80211_STYPE_AUTH:
2999 ieee80211_rx_mgmt_auth(dev, ifsta, mgmt, skb->len);
3001 case IEEE80211_STYPE_ASSOC_RESP:
3002 ieee80211_rx_mgmt_assoc_resp(sdata, ifsta, mgmt, skb->len, 0);
3004 case IEEE80211_STYPE_REASSOC_RESP:
3005 ieee80211_rx_mgmt_assoc_resp(sdata, ifsta, mgmt, skb->len, 1);
3007 case IEEE80211_STYPE_DEAUTH:
3008 ieee80211_rx_mgmt_deauth(dev, ifsta, mgmt, skb->len);
3010 case IEEE80211_STYPE_DISASSOC:
3011 ieee80211_rx_mgmt_disassoc(dev, ifsta, mgmt, skb->len);
3013 case IEEE80211_STYPE_ACTION:
3014 ieee80211_rx_mgmt_action(dev, ifsta, mgmt, skb->len, rx_status);
3023 ieee80211_sta_rx_scan(struct net_device *dev, struct sk_buff *skb,
3024 struct ieee80211_rx_status *rx_status)
3026 struct ieee80211_mgmt *mgmt;
3030 return RX_DROP_UNUSABLE;
3032 mgmt = (struct ieee80211_mgmt *) skb->data;
3033 fc = le16_to_cpu(mgmt->frame_control);
3035 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_CTL)
3039 return RX_DROP_MONITOR;
3041 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT) {
3042 if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PROBE_RESP) {
3043 ieee80211_rx_mgmt_probe_resp(dev, mgmt,
3044 skb->len, rx_status);
3047 } else if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_BEACON) {
3048 ieee80211_rx_mgmt_beacon(dev, mgmt, skb->len,
3058 static int ieee80211_sta_active_ibss(struct net_device *dev)
3060 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3062 struct sta_info *sta;
3063 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3067 list_for_each_entry_rcu(sta, &local->sta_list, list) {
3068 if (sta->sdata == sdata &&
3069 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL,
3082 static void ieee80211_sta_expire(struct net_device *dev, unsigned long exp_time)
3084 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3085 struct sta_info *sta, *tmp;
3086 LIST_HEAD(tmp_list);
3087 DECLARE_MAC_BUF(mac);
3088 unsigned long flags;
3090 spin_lock_irqsave(&local->sta_lock, flags);
3091 list_for_each_entry_safe(sta, tmp, &local->sta_list, list)
3092 if (time_after(jiffies, sta->last_rx + exp_time)) {
3093 printk(KERN_DEBUG "%s: expiring inactive STA %s\n",
3094 dev->name, print_mac(mac, sta->addr));
3095 __sta_info_unlink(&sta);
3097 list_add(&sta->list, &tmp_list);
3099 spin_unlock_irqrestore(&local->sta_lock, flags);
3104 list_for_each_entry_safe(sta, tmp, &tmp_list, list)
3105 sta_info_destroy(sta);
3110 static void ieee80211_sta_merge_ibss(struct net_device *dev,
3111 struct ieee80211_if_sta *ifsta)
3113 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
3115 ieee80211_sta_expire(dev, IEEE80211_IBSS_INACTIVITY_LIMIT);
3116 if (ieee80211_sta_active_ibss(dev))
3119 printk(KERN_DEBUG "%s: No active IBSS STAs - trying to scan for other "
3120 "IBSS networks with same SSID (merge)\n", dev->name);
3121 ieee80211_sta_req_scan(dev, ifsta->ssid, ifsta->ssid_len);
3125 #ifdef CONFIG_MAC80211_MESH
3126 static void ieee80211_mesh_housekeeping(struct net_device *dev,
3127 struct ieee80211_if_sta *ifsta)
3129 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3132 ieee80211_sta_expire(dev, IEEE80211_MESH_PEER_INACTIVITY_LIMIT);
3133 mesh_path_expire(dev);
3135 free_plinks = mesh_plink_availables(sdata);
3136 if (free_plinks != sdata->u.sta.accepting_plinks)
3137 ieee80211_if_config_beacon(dev);
3139 mod_timer(&ifsta->timer, jiffies +
3140 IEEE80211_MESH_HOUSEKEEPING_INTERVAL);
3144 void ieee80211_start_mesh(struct net_device *dev)
3146 struct ieee80211_if_sta *ifsta;
3147 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3148 ifsta = &sdata->u.sta;
3149 ifsta->state = IEEE80211_MESH_UP;
3150 ieee80211_sta_timer((unsigned long)sdata);
3155 void ieee80211_sta_timer(unsigned long data)
3157 struct ieee80211_sub_if_data *sdata =
3158 (struct ieee80211_sub_if_data *) data;
3159 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3160 struct ieee80211_local *local = wdev_priv(&sdata->wdev);
3162 set_bit(IEEE80211_STA_REQ_RUN, &ifsta->request);
3163 queue_work(local->hw.workqueue, &ifsta->work);
3166 void ieee80211_sta_work(struct work_struct *work)
3168 struct ieee80211_sub_if_data *sdata =
3169 container_of(work, struct ieee80211_sub_if_data, u.sta.work);
3170 struct net_device *dev = sdata->dev;
3171 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3172 struct ieee80211_if_sta *ifsta;
3173 struct sk_buff *skb;
3175 if (!netif_running(dev))
3178 if (local->sta_sw_scanning || local->sta_hw_scanning)
3181 if (sdata->vif.type != IEEE80211_IF_TYPE_STA &&
3182 sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
3183 sdata->vif.type != IEEE80211_IF_TYPE_MESH_POINT) {
3184 printk(KERN_DEBUG "%s: ieee80211_sta_work: non-STA interface "
3185 "(type=%d)\n", dev->name, sdata->vif.type);
3188 ifsta = &sdata->u.sta;
3190 while ((skb = skb_dequeue(&ifsta->skb_queue)))
3191 ieee80211_sta_rx_queued_mgmt(dev, skb);
3193 #ifdef CONFIG_MAC80211_MESH
3194 if (ifsta->preq_queue_len &&
3196 ifsta->last_preq + msecs_to_jiffies(ifsta->mshcfg.dot11MeshHWMPpreqMinInterval)))
3197 mesh_path_start_discovery(dev);
3200 if (ifsta->state != IEEE80211_AUTHENTICATE &&
3201 ifsta->state != IEEE80211_ASSOCIATE &&
3202 test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request)) {
3203 if (ifsta->scan_ssid_len)
3204 ieee80211_sta_start_scan(dev, ifsta->scan_ssid, ifsta->scan_ssid_len);
3206 ieee80211_sta_start_scan(dev, NULL, 0);
3210 if (test_and_clear_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request)) {
3211 if (ieee80211_sta_config_auth(dev, ifsta))
3213 clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request);
3214 } else if (!test_and_clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request))
3217 switch (ifsta->state) {
3218 case IEEE80211_DISABLED:
3220 case IEEE80211_AUTHENTICATE:
3221 ieee80211_authenticate(dev, ifsta);
3223 case IEEE80211_ASSOCIATE:
3224 ieee80211_associate(dev, ifsta);
3226 case IEEE80211_ASSOCIATED:
3227 ieee80211_associated(dev, ifsta);
3229 case IEEE80211_IBSS_SEARCH:
3230 ieee80211_sta_find_ibss(dev, ifsta);
3232 case IEEE80211_IBSS_JOINED:
3233 ieee80211_sta_merge_ibss(dev, ifsta);
3235 #ifdef CONFIG_MAC80211_MESH
3236 case IEEE80211_MESH_UP:
3237 ieee80211_mesh_housekeeping(dev, ifsta);
3241 printk(KERN_DEBUG "ieee80211_sta_work: Unknown state %d\n",
3246 if (ieee80211_privacy_mismatch(dev, ifsta)) {
3247 printk(KERN_DEBUG "%s: privacy configuration mismatch and "
3248 "mixed-cell disabled - disassociate\n", dev->name);
3250 ieee80211_send_disassoc(dev, ifsta, WLAN_REASON_UNSPECIFIED);
3251 ieee80211_set_disassoc(dev, ifsta, 0);
3256 static void ieee80211_sta_reset_auth(struct net_device *dev,
3257 struct ieee80211_if_sta *ifsta)
3259 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3261 if (local->ops->reset_tsf) {
3262 /* Reset own TSF to allow time synchronization work. */
3263 local->ops->reset_tsf(local_to_hw(local));
3266 ifsta->wmm_last_param_set = -1; /* allow any WMM update */
3269 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN)
3270 ifsta->auth_alg = WLAN_AUTH_OPEN;
3271 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
3272 ifsta->auth_alg = WLAN_AUTH_SHARED_KEY;
3273 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP)
3274 ifsta->auth_alg = WLAN_AUTH_LEAP;
3276 ifsta->auth_alg = WLAN_AUTH_OPEN;
3277 printk(KERN_DEBUG "%s: Initial auth_alg=%d\n", dev->name,
3279 ifsta->auth_transaction = -1;
3280 ifsta->flags &= ~IEEE80211_STA_ASSOCIATED;
3281 ifsta->auth_tries = ifsta->assoc_tries = 0;
3282 netif_carrier_off(dev);
3286 void ieee80211_sta_req_auth(struct net_device *dev,
3287 struct ieee80211_if_sta *ifsta)
3289 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3290 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3292 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
3295 if ((ifsta->flags & (IEEE80211_STA_BSSID_SET |
3296 IEEE80211_STA_AUTO_BSSID_SEL)) &&
3297 (ifsta->flags & (IEEE80211_STA_SSID_SET |
3298 IEEE80211_STA_AUTO_SSID_SEL))) {
3299 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request);
3300 queue_work(local->hw.workqueue, &ifsta->work);
3304 static int ieee80211_sta_match_ssid(struct ieee80211_if_sta *ifsta,
3305 const char *ssid, int ssid_len)
3307 int tmp, hidden_ssid;
3309 if (ssid_len == ifsta->ssid_len &&
3310 !memcmp(ifsta->ssid, ssid, ssid_len))
3313 if (ifsta->flags & IEEE80211_STA_AUTO_BSSID_SEL)
3319 if (ssid[tmp] != '\0') {
3325 if (hidden_ssid && ifsta->ssid_len == ssid_len)
3328 if (ssid_len == 1 && ssid[0] == ' ')
3334 static int ieee80211_sta_config_auth(struct net_device *dev,
3335 struct ieee80211_if_sta *ifsta)
3337 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3338 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3339 struct ieee80211_sta_bss *bss, *selected = NULL;
3340 int top_rssi = 0, freq;
3342 if (!(ifsta->flags & (IEEE80211_STA_AUTO_SSID_SEL |
3343 IEEE80211_STA_AUTO_BSSID_SEL | IEEE80211_STA_AUTO_CHANNEL_SEL))) {
3344 ifsta->state = IEEE80211_AUTHENTICATE;
3345 ieee80211_sta_reset_auth(dev, ifsta);
3349 spin_lock_bh(&local->sta_bss_lock);
3350 freq = local->oper_channel->center_freq;
3351 list_for_each_entry(bss, &local->sta_bss_list, list) {
3352 if (!(bss->capability & WLAN_CAPABILITY_ESS))
3355 if (!!(bss->capability & WLAN_CAPABILITY_PRIVACY) ^
3356 !!sdata->default_key)
3359 if (!(ifsta->flags & IEEE80211_STA_AUTO_CHANNEL_SEL) &&
3363 if (!(ifsta->flags & IEEE80211_STA_AUTO_BSSID_SEL) &&
3364 memcmp(bss->bssid, ifsta->bssid, ETH_ALEN))
3367 if (!(ifsta->flags & IEEE80211_STA_AUTO_SSID_SEL) &&
3368 !ieee80211_sta_match_ssid(ifsta, bss->ssid, bss->ssid_len))
3371 if (!selected || top_rssi < bss->rssi) {
3373 top_rssi = bss->rssi;
3377 atomic_inc(&selected->users);
3378 spin_unlock_bh(&local->sta_bss_lock);
3381 ieee80211_set_freq(local, selected->freq);
3382 if (!(ifsta->flags & IEEE80211_STA_SSID_SET))
3383 ieee80211_sta_set_ssid(dev, selected->ssid,
3384 selected->ssid_len);
3385 ieee80211_sta_set_bssid(dev, selected->bssid);
3386 ieee80211_sta_def_wmm_params(dev, selected, 0);
3387 ieee80211_rx_bss_put(dev, selected);
3388 ifsta->state = IEEE80211_AUTHENTICATE;
3389 ieee80211_sta_reset_auth(dev, ifsta);
3392 if (ifsta->state != IEEE80211_AUTHENTICATE) {
3393 if (ifsta->flags & IEEE80211_STA_AUTO_SSID_SEL)
3394 ieee80211_sta_start_scan(dev, NULL, 0);
3396 ieee80211_sta_start_scan(dev, ifsta->ssid,
3398 ifsta->state = IEEE80211_AUTHENTICATE;
3399 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request);
3401 ifsta->state = IEEE80211_DISABLED;
3407 static int ieee80211_sta_create_ibss(struct net_device *dev,
3408 struct ieee80211_if_sta *ifsta)
3410 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3411 struct ieee80211_sta_bss *bss;
3412 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3413 struct ieee80211_supported_band *sband;
3414 u8 bssid[ETH_ALEN], *pos;
3416 DECLARE_MAC_BUF(mac);
3419 /* Easier testing, use fixed BSSID. */
3420 memset(bssid, 0xfe, ETH_ALEN);
3422 /* Generate random, not broadcast, locally administered BSSID. Mix in
3423 * own MAC address to make sure that devices that do not have proper
3424 * random number generator get different BSSID. */
3425 get_random_bytes(bssid, ETH_ALEN);
3426 for (i = 0; i < ETH_ALEN; i++)
3427 bssid[i] ^= dev->dev_addr[i];
3432 printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID %s\n",
3433 dev->name, print_mac(mac, bssid));
3435 bss = ieee80211_rx_bss_add(dev, bssid,
3436 local->hw.conf.channel->center_freq,
3437 sdata->u.sta.ssid, sdata->u.sta.ssid_len);
3441 bss->band = local->hw.conf.channel->band;
3442 sband = local->hw.wiphy->bands[bss->band];
3444 if (local->hw.conf.beacon_int == 0)
3445 local->hw.conf.beacon_int = 10000;
3446 bss->beacon_int = local->hw.conf.beacon_int;
3447 bss->last_update = jiffies;
3448 bss->capability = WLAN_CAPABILITY_IBSS;
3449 if (sdata->default_key) {
3450 bss->capability |= WLAN_CAPABILITY_PRIVACY;
3452 sdata->drop_unencrypted = 0;
3453 bss->supp_rates_len = sband->n_bitrates;
3454 pos = bss->supp_rates;
3455 for (i = 0; i < sband->n_bitrates; i++) {
3456 int rate = sband->bitrates[i].bitrate;
3457 *pos++ = (u8) (rate / 5);
3460 return ieee80211_sta_join_ibss(dev, ifsta, bss);
3464 static int ieee80211_sta_find_ibss(struct net_device *dev,
3465 struct ieee80211_if_sta *ifsta)
3467 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3468 struct ieee80211_sta_bss *bss;
3472 DECLARE_MAC_BUF(mac);
3473 DECLARE_MAC_BUF(mac2);
3475 if (ifsta->ssid_len == 0)
3478 active_ibss = ieee80211_sta_active_ibss(dev);
3479 #ifdef CONFIG_MAC80211_IBSS_DEBUG
3480 printk(KERN_DEBUG "%s: sta_find_ibss (active_ibss=%d)\n",
3481 dev->name, active_ibss);
3482 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
3483 spin_lock_bh(&local->sta_bss_lock);
3484 list_for_each_entry(bss, &local->sta_bss_list, list) {
3485 if (ifsta->ssid_len != bss->ssid_len ||
3486 memcmp(ifsta->ssid, bss->ssid, bss->ssid_len) != 0
3487 || !(bss->capability & WLAN_CAPABILITY_IBSS))
3489 #ifdef CONFIG_MAC80211_IBSS_DEBUG
3490 printk(KERN_DEBUG " bssid=%s found\n",
3491 print_mac(mac, bss->bssid));
3492 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
3493 memcpy(bssid, bss->bssid, ETH_ALEN);
3495 if (active_ibss || memcmp(bssid, ifsta->bssid, ETH_ALEN) != 0)
3498 spin_unlock_bh(&local->sta_bss_lock);
3500 #ifdef CONFIG_MAC80211_IBSS_DEBUG
3501 printk(KERN_DEBUG " sta_find_ibss: selected %s current "
3502 "%s\n", print_mac(mac, bssid), print_mac(mac2, ifsta->bssid));
3503 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
3504 if (found && memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0 &&
3505 (bss = ieee80211_rx_bss_get(dev, bssid,
3506 local->hw.conf.channel->center_freq,
3507 ifsta->ssid, ifsta->ssid_len))) {
3508 printk(KERN_DEBUG "%s: Selected IBSS BSSID %s"
3509 " based on configured SSID\n",
3510 dev->name, print_mac(mac, bssid));
3511 return ieee80211_sta_join_ibss(dev, ifsta, bss);
3513 #ifdef CONFIG_MAC80211_IBSS_DEBUG
3514 printk(KERN_DEBUG " did not try to join ibss\n");
3515 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
3517 /* Selected IBSS not found in current scan results - try to scan */
3518 if (ifsta->state == IEEE80211_IBSS_JOINED &&
3519 !ieee80211_sta_active_ibss(dev)) {
3520 mod_timer(&ifsta->timer, jiffies +
3521 IEEE80211_IBSS_MERGE_INTERVAL);
3522 } else if (time_after(jiffies, local->last_scan_completed +
3523 IEEE80211_SCAN_INTERVAL)) {
3524 printk(KERN_DEBUG "%s: Trigger new scan to find an IBSS to "
3525 "join\n", dev->name);
3526 return ieee80211_sta_req_scan(dev, ifsta->ssid,
3528 } else if (ifsta->state != IEEE80211_IBSS_JOINED) {
3529 int interval = IEEE80211_SCAN_INTERVAL;
3531 if (time_after(jiffies, ifsta->ibss_join_req +
3532 IEEE80211_IBSS_JOIN_TIMEOUT)) {
3533 if ((ifsta->flags & IEEE80211_STA_CREATE_IBSS) &&
3534 (!(local->oper_channel->flags &
3535 IEEE80211_CHAN_NO_IBSS)))
3536 return ieee80211_sta_create_ibss(dev, ifsta);
3537 if (ifsta->flags & IEEE80211_STA_CREATE_IBSS) {
3538 printk(KERN_DEBUG "%s: IBSS not allowed on"
3539 " %d MHz\n", dev->name,
3540 local->hw.conf.channel->center_freq);
3543 /* No IBSS found - decrease scan interval and continue
3545 interval = IEEE80211_SCAN_INTERVAL_SLOW;
3548 ifsta->state = IEEE80211_IBSS_SEARCH;
3549 mod_timer(&ifsta->timer, jiffies + interval);
3557 int ieee80211_sta_set_ssid(struct net_device *dev, char *ssid, size_t len)
3559 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3560 struct ieee80211_if_sta *ifsta;
3562 if (len > IEEE80211_MAX_SSID_LEN)
3565 ifsta = &sdata->u.sta;
3567 if (ifsta->ssid_len != len || memcmp(ifsta->ssid, ssid, len) != 0)
3568 ifsta->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
3569 memcpy(ifsta->ssid, ssid, len);
3570 memset(ifsta->ssid + len, 0, IEEE80211_MAX_SSID_LEN - len);
3571 ifsta->ssid_len = len;
3574 ifsta->flags |= IEEE80211_STA_SSID_SET;
3576 ifsta->flags &= ~IEEE80211_STA_SSID_SET;
3577 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS &&
3578 !(ifsta->flags & IEEE80211_STA_BSSID_SET)) {
3579 ifsta->ibss_join_req = jiffies;
3580 ifsta->state = IEEE80211_IBSS_SEARCH;
3581 return ieee80211_sta_find_ibss(dev, ifsta);
3587 int ieee80211_sta_get_ssid(struct net_device *dev, char *ssid, size_t *len)
3589 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3590 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3591 memcpy(ssid, ifsta->ssid, ifsta->ssid_len);
3592 *len = ifsta->ssid_len;
3597 int ieee80211_sta_set_bssid(struct net_device *dev, u8 *bssid)
3599 struct ieee80211_sub_if_data *sdata;
3600 struct ieee80211_if_sta *ifsta;
3603 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3604 ifsta = &sdata->u.sta;
3606 if (memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0) {
3607 memcpy(ifsta->bssid, bssid, ETH_ALEN);
3608 res = ieee80211_if_config(dev);
3610 printk(KERN_DEBUG "%s: Failed to config new BSSID to "
3611 "the low-level driver\n", dev->name);
3616 if (is_valid_ether_addr(bssid))
3617 ifsta->flags |= IEEE80211_STA_BSSID_SET;
3619 ifsta->flags &= ~IEEE80211_STA_BSSID_SET;
3625 static void ieee80211_send_nullfunc(struct ieee80211_local *local,
3626 struct ieee80211_sub_if_data *sdata,
3629 struct sk_buff *skb;
3630 struct ieee80211_hdr *nullfunc;
3633 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 24);
3635 printk(KERN_DEBUG "%s: failed to allocate buffer for nullfunc "
3636 "frame\n", sdata->dev->name);
3639 skb_reserve(skb, local->hw.extra_tx_headroom);
3641 nullfunc = (struct ieee80211_hdr *) skb_put(skb, 24);
3642 memset(nullfunc, 0, 24);
3643 fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC |
3644 IEEE80211_FCTL_TODS;
3646 fc |= IEEE80211_FCTL_PM;
3647 nullfunc->frame_control = cpu_to_le16(fc);
3648 memcpy(nullfunc->addr1, sdata->u.sta.bssid, ETH_ALEN);
3649 memcpy(nullfunc->addr2, sdata->dev->dev_addr, ETH_ALEN);
3650 memcpy(nullfunc->addr3, sdata->u.sta.bssid, ETH_ALEN);
3652 ieee80211_sta_tx(sdata->dev, skb, 0);
3656 static void ieee80211_restart_sta_timer(struct ieee80211_sub_if_data *sdata)
3658 if (sdata->vif.type == IEEE80211_IF_TYPE_STA ||
3659 ieee80211_vif_is_mesh(&sdata->vif))
3660 ieee80211_sta_timer((unsigned long)sdata);
3663 void ieee80211_scan_completed(struct ieee80211_hw *hw)
3665 struct ieee80211_local *local = hw_to_local(hw);
3666 struct net_device *dev = local->scan_dev;
3667 struct ieee80211_sub_if_data *sdata;
3668 union iwreq_data wrqu;
3670 local->last_scan_completed = jiffies;
3671 memset(&wrqu, 0, sizeof(wrqu));
3672 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL);
3674 if (local->sta_hw_scanning) {
3675 local->sta_hw_scanning = 0;
3676 if (ieee80211_hw_config(local))
3677 printk(KERN_DEBUG "%s: failed to restore operational "
3678 "channel after scan\n", dev->name);
3679 /* Restart STA timer for HW scan case */
3681 list_for_each_entry_rcu(sdata, &local->interfaces, list)
3682 ieee80211_restart_sta_timer(sdata);
3688 local->sta_sw_scanning = 0;
3689 if (ieee80211_hw_config(local))
3690 printk(KERN_DEBUG "%s: failed to restore operational "
3691 "channel after scan\n", dev->name);
3694 netif_tx_lock_bh(local->mdev);
3695 local->filter_flags &= ~FIF_BCN_PRBRESP_PROMISC;
3696 local->ops->configure_filter(local_to_hw(local),
3697 FIF_BCN_PRBRESP_PROMISC,
3698 &local->filter_flags,
3699 local->mdev->mc_count,
3700 local->mdev->mc_list);
3702 netif_tx_unlock_bh(local->mdev);
3705 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
3707 /* No need to wake the master device. */
3708 if (sdata->dev == local->mdev)
3711 /* Tell AP we're back */
3712 if (sdata->vif.type == IEEE80211_IF_TYPE_STA &&
3713 sdata->u.sta.flags & IEEE80211_STA_ASSOCIATED)
3714 ieee80211_send_nullfunc(local, sdata, 0);
3716 ieee80211_restart_sta_timer(sdata);
3718 netif_wake_queue(sdata->dev);
3723 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3724 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS) {
3725 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3726 if (!(ifsta->flags & IEEE80211_STA_BSSID_SET) ||
3727 (!ifsta->state == IEEE80211_IBSS_JOINED &&
3728 !ieee80211_sta_active_ibss(dev)))
3729 ieee80211_sta_find_ibss(dev, ifsta);
3732 EXPORT_SYMBOL(ieee80211_scan_completed);
3734 void ieee80211_sta_scan_work(struct work_struct *work)
3736 struct ieee80211_local *local =
3737 container_of(work, struct ieee80211_local, scan_work.work);
3738 struct net_device *dev = local->scan_dev;
3739 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3740 struct ieee80211_supported_band *sband;
3741 struct ieee80211_channel *chan;
3743 unsigned long next_delay = 0;
3745 if (!local->sta_sw_scanning)
3748 switch (local->scan_state) {
3749 case SCAN_SET_CHANNEL:
3751 * Get current scan band. scan_band may be IEEE80211_NUM_BANDS
3752 * after we successfully scanned the last channel of the last
3753 * band (and the last band is supported by the hw)
3755 if (local->scan_band < IEEE80211_NUM_BANDS)
3756 sband = local->hw.wiphy->bands[local->scan_band];
3761 * If we are at an unsupported band and have more bands
3762 * left to scan, advance to the next supported one.
3764 while (!sband && local->scan_band < IEEE80211_NUM_BANDS - 1) {
3766 sband = local->hw.wiphy->bands[local->scan_band];
3767 local->scan_channel_idx = 0;
3770 /* if no more bands/channels left, complete scan */
3771 if (!sband || local->scan_channel_idx >= sband->n_channels) {
3772 ieee80211_scan_completed(local_to_hw(local));
3776 chan = &sband->channels[local->scan_channel_idx];
3778 if (chan->flags & IEEE80211_CHAN_DISABLED ||
3779 (sdata->vif.type == IEEE80211_IF_TYPE_IBSS &&
3780 chan->flags & IEEE80211_CHAN_NO_IBSS))
3784 local->scan_channel = chan;
3785 if (ieee80211_hw_config(local)) {
3786 printk(KERN_DEBUG "%s: failed to set freq to "
3787 "%d MHz for scan\n", dev->name,
3793 /* advance state machine to next channel/band */
3794 local->scan_channel_idx++;
3795 if (local->scan_channel_idx >= sband->n_channels) {
3797 * scan_band may end up == IEEE80211_NUM_BANDS, but
3798 * we'll catch that case above and complete the scan
3799 * if that is the case.
3802 local->scan_channel_idx = 0;
3808 next_delay = IEEE80211_PROBE_DELAY +
3809 usecs_to_jiffies(local->hw.channel_change_time);
3810 local->scan_state = SCAN_SEND_PROBE;
3812 case SCAN_SEND_PROBE:
3813 next_delay = IEEE80211_PASSIVE_CHANNEL_TIME;
3814 local->scan_state = SCAN_SET_CHANNEL;
3816 if (local->scan_channel->flags & IEEE80211_CHAN_PASSIVE_SCAN)
3818 ieee80211_send_probe_req(dev, NULL, local->scan_ssid,
3819 local->scan_ssid_len);
3820 next_delay = IEEE80211_CHANNEL_TIME;
3824 if (local->sta_sw_scanning)
3825 queue_delayed_work(local->hw.workqueue, &local->scan_work,
3830 static int ieee80211_sta_start_scan(struct net_device *dev,
3831 u8 *ssid, size_t ssid_len)
3833 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3834 struct ieee80211_sub_if_data *sdata;
3836 if (ssid_len > IEEE80211_MAX_SSID_LEN)
3839 /* MLME-SCAN.request (page 118) page 144 (11.1.3.1)
3840 * BSSType: INFRASTRUCTURE, INDEPENDENT, ANY_BSS
3843 * ScanType: ACTIVE, PASSIVE
3844 * ProbeDelay: delay (in microseconds) to be used prior to transmitting
3845 * a Probe frame during active scanning
3847 * MinChannelTime (>= ProbeDelay), in TU
3848 * MaxChannelTime: (>= MinChannelTime), in TU
3851 /* MLME-SCAN.confirm
3853 * ResultCode: SUCCESS, INVALID_PARAMETERS
3856 if (local->sta_sw_scanning || local->sta_hw_scanning) {
3857 if (local->scan_dev == dev)
3862 if (local->ops->hw_scan) {
3863 int rc = local->ops->hw_scan(local_to_hw(local),
3866 local->sta_hw_scanning = 1;
3867 local->scan_dev = dev;
3872 local->sta_sw_scanning = 1;
3875 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
3877 /* Don't stop the master interface, otherwise we can't transmit
3879 if (sdata->dev == local->mdev)
3882 netif_stop_queue(sdata->dev);
3883 if (sdata->vif.type == IEEE80211_IF_TYPE_STA &&
3884 (sdata->u.sta.flags & IEEE80211_STA_ASSOCIATED))
3885 ieee80211_send_nullfunc(local, sdata, 1);
3890 local->scan_ssid_len = ssid_len;
3891 memcpy(local->scan_ssid, ssid, ssid_len);
3893 local->scan_ssid_len = 0;
3894 local->scan_state = SCAN_SET_CHANNEL;
3895 local->scan_channel_idx = 0;
3896 local->scan_band = IEEE80211_BAND_2GHZ;
3897 local->scan_dev = dev;
3899 netif_tx_lock_bh(local->mdev);
3900 local->filter_flags |= FIF_BCN_PRBRESP_PROMISC;
3901 local->ops->configure_filter(local_to_hw(local),
3902 FIF_BCN_PRBRESP_PROMISC,
3903 &local->filter_flags,
3904 local->mdev->mc_count,
3905 local->mdev->mc_list);
3906 netif_tx_unlock_bh(local->mdev);
3908 /* TODO: start scan as soon as all nullfunc frames are ACKed */
3909 queue_delayed_work(local->hw.workqueue, &local->scan_work,
3910 IEEE80211_CHANNEL_TIME);
3916 int ieee80211_sta_req_scan(struct net_device *dev, u8 *ssid, size_t ssid_len)
3918 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3919 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3920 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3922 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
3923 return ieee80211_sta_start_scan(dev, ssid, ssid_len);
3925 if (local->sta_sw_scanning || local->sta_hw_scanning) {
3926 if (local->scan_dev == dev)
3931 ifsta->scan_ssid_len = ssid_len;
3933 memcpy(ifsta->scan_ssid, ssid, ssid_len);
3934 set_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request);
3935 queue_work(local->hw.workqueue, &ifsta->work);
3940 ieee80211_sta_scan_result(struct net_device *dev,
3941 struct ieee80211_sta_bss *bss,
3942 char *current_ev, char *end_buf)
3944 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3945 struct iw_event iwe;
3947 if (time_after(jiffies,
3948 bss->last_update + IEEE80211_SCAN_RESULT_EXPIRE))
3951 memset(&iwe, 0, sizeof(iwe));
3952 iwe.cmd = SIOCGIWAP;
3953 iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
3954 memcpy(iwe.u.ap_addr.sa_data, bss->bssid, ETH_ALEN);
3955 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
3958 memset(&iwe, 0, sizeof(iwe));
3959 iwe.cmd = SIOCGIWESSID;
3960 if (bss_mesh_cfg(bss)) {
3961 iwe.u.data.length = bss_mesh_id_len(bss);
3962 iwe.u.data.flags = 1;
3963 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
3966 iwe.u.data.length = bss->ssid_len;
3967 iwe.u.data.flags = 1;
3968 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
3972 if (bss->capability & (WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_IBSS)
3973 || bss_mesh_cfg(bss)) {
3974 memset(&iwe, 0, sizeof(iwe));
3975 iwe.cmd = SIOCGIWMODE;
3976 if (bss_mesh_cfg(bss))
3977 iwe.u.mode = IW_MODE_MESH;
3978 else if (bss->capability & WLAN_CAPABILITY_ESS)
3979 iwe.u.mode = IW_MODE_MASTER;
3981 iwe.u.mode = IW_MODE_ADHOC;
3982 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
3986 memset(&iwe, 0, sizeof(iwe));
3987 iwe.cmd = SIOCGIWFREQ;
3988 iwe.u.freq.m = bss->freq;
3990 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
3993 memset(&iwe, 0, sizeof(iwe));
3994 iwe.cmd = SIOCGIWFREQ;
3995 iwe.u.freq.m = ieee80211_frequency_to_channel(bss->freq);
3997 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
4000 memset(&iwe, 0, sizeof(iwe));
4002 iwe.u.qual.qual = bss->signal;
4003 iwe.u.qual.level = bss->rssi;
4004 iwe.u.qual.noise = bss->noise;
4005 iwe.u.qual.updated = local->wstats_flags;
4006 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
4009 memset(&iwe, 0, sizeof(iwe));
4010 iwe.cmd = SIOCGIWENCODE;
4011 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
4012 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
4014 iwe.u.data.flags = IW_ENCODE_DISABLED;
4015 iwe.u.data.length = 0;
4016 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe, "");
4018 if (bss && bss->wpa_ie) {
4019 memset(&iwe, 0, sizeof(iwe));
4020 iwe.cmd = IWEVGENIE;
4021 iwe.u.data.length = bss->wpa_ie_len;
4022 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
4026 if (bss && bss->rsn_ie) {
4027 memset(&iwe, 0, sizeof(iwe));
4028 iwe.cmd = IWEVGENIE;
4029 iwe.u.data.length = bss->rsn_ie_len;
4030 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
4034 if (bss && bss->supp_rates_len > 0) {
4035 /* display all supported rates in readable format */
4036 char *p = current_ev + IW_EV_LCP_LEN;
4039 memset(&iwe, 0, sizeof(iwe));
4040 iwe.cmd = SIOCGIWRATE;
4041 /* Those two flags are ignored... */
4042 iwe.u.bitrate.fixed = iwe.u.bitrate.disabled = 0;
4044 for (i = 0; i < bss->supp_rates_len; i++) {
4045 iwe.u.bitrate.value = ((bss->supp_rates[i] &
4047 p = iwe_stream_add_value(current_ev, p,
4048 end_buf, &iwe, IW_EV_PARAM_LEN);
4055 buf = kmalloc(30, GFP_ATOMIC);
4057 memset(&iwe, 0, sizeof(iwe));
4058 iwe.cmd = IWEVCUSTOM;
4059 sprintf(buf, "tsf=%016llx", (unsigned long long)(bss->timestamp));
4060 iwe.u.data.length = strlen(buf);
4061 current_ev = iwe_stream_add_point(current_ev, end_buf,
4067 if (bss_mesh_cfg(bss)) {
4069 u8 *cfg = bss_mesh_cfg(bss);
4070 buf = kmalloc(50, GFP_ATOMIC);
4072 memset(&iwe, 0, sizeof(iwe));
4073 iwe.cmd = IWEVCUSTOM;
4074 sprintf(buf, "Mesh network (version %d)", cfg[0]);
4075 iwe.u.data.length = strlen(buf);
4076 current_ev = iwe_stream_add_point(current_ev, end_buf,
4078 sprintf(buf, "Path Selection Protocol ID: "
4079 "0x%02X%02X%02X%02X", cfg[1], cfg[2], cfg[3],
4081 iwe.u.data.length = strlen(buf);
4082 current_ev = iwe_stream_add_point(current_ev, end_buf,
4084 sprintf(buf, "Path Selection Metric ID: "
4085 "0x%02X%02X%02X%02X", cfg[5], cfg[6], cfg[7],
4087 iwe.u.data.length = strlen(buf);
4088 current_ev = iwe_stream_add_point(current_ev, end_buf,
4090 sprintf(buf, "Congestion Control Mode ID: "
4091 "0x%02X%02X%02X%02X", cfg[9], cfg[10],
4093 iwe.u.data.length = strlen(buf);
4094 current_ev = iwe_stream_add_point(current_ev, end_buf,
4096 sprintf(buf, "Channel Precedence: "
4097 "0x%02X%02X%02X%02X", cfg[13], cfg[14],
4099 iwe.u.data.length = strlen(buf);
4100 current_ev = iwe_stream_add_point(current_ev, end_buf,
4110 int ieee80211_sta_scan_results(struct net_device *dev, char *buf, size_t len)
4112 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
4113 char *current_ev = buf;
4114 char *end_buf = buf + len;
4115 struct ieee80211_sta_bss *bss;
4117 spin_lock_bh(&local->sta_bss_lock);
4118 list_for_each_entry(bss, &local->sta_bss_list, list) {
4119 if (buf + len - current_ev <= IW_EV_ADDR_LEN) {
4120 spin_unlock_bh(&local->sta_bss_lock);
4123 current_ev = ieee80211_sta_scan_result(dev, bss, current_ev,
4126 spin_unlock_bh(&local->sta_bss_lock);
4127 return current_ev - buf;
4131 int ieee80211_sta_set_extra_ie(struct net_device *dev, char *ie, size_t len)
4133 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
4134 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
4135 kfree(ifsta->extra_ie);
4137 ifsta->extra_ie = NULL;
4138 ifsta->extra_ie_len = 0;
4141 ifsta->extra_ie = kmalloc(len, GFP_KERNEL);
4142 if (!ifsta->extra_ie) {
4143 ifsta->extra_ie_len = 0;
4146 memcpy(ifsta->extra_ie, ie, len);
4147 ifsta->extra_ie_len = len;
4152 struct sta_info * ieee80211_ibss_add_sta(struct net_device *dev,
4153 struct sk_buff *skb, u8 *bssid,
4156 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
4157 struct sta_info *sta;
4158 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
4159 DECLARE_MAC_BUF(mac);
4161 /* TODO: Could consider removing the least recently used entry and
4162 * allow new one to be added. */
4163 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
4164 if (net_ratelimit()) {
4165 printk(KERN_DEBUG "%s: No room for a new IBSS STA "
4166 "entry %s\n", dev->name, print_mac(mac, addr));
4171 printk(KERN_DEBUG "%s: Adding new IBSS station %s (dev=%s)\n",
4172 wiphy_name(local->hw.wiphy), print_mac(mac, addr), dev->name);
4174 sta = sta_info_alloc(sdata, addr, GFP_ATOMIC);
4178 sta->flags |= WLAN_STA_AUTHORIZED;
4180 sta->supp_rates[local->hw.conf.channel->band] =
4181 sdata->u.sta.supp_rates_bits[local->hw.conf.channel->band];
4183 rate_control_rate_init(sta, local);
4185 if (sta_info_insert(sta))
4192 int ieee80211_sta_deauthenticate(struct net_device *dev, u16 reason)
4194 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
4195 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
4197 printk(KERN_DEBUG "%s: deauthenticate(reason=%d)\n",
4200 if (sdata->vif.type != IEEE80211_IF_TYPE_STA &&
4201 sdata->vif.type != IEEE80211_IF_TYPE_IBSS)
4204 ieee80211_send_deauth(dev, ifsta, reason);
4205 ieee80211_set_disassoc(dev, ifsta, 1);
4210 int ieee80211_sta_disassociate(struct net_device *dev, u16 reason)
4212 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
4213 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
4215 printk(KERN_DEBUG "%s: disassociate(reason=%d)\n",
4218 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
4221 if (!(ifsta->flags & IEEE80211_STA_ASSOCIATED))
4224 ieee80211_send_disassoc(dev, ifsta, reason);
4225 ieee80211_set_disassoc(dev, ifsta, 0);
4229 void ieee80211_notify_mac(struct ieee80211_hw *hw,
4230 enum ieee80211_notification_types notif_type)
4232 struct ieee80211_local *local = hw_to_local(hw);
4233 struct ieee80211_sub_if_data *sdata;
4235 switch (notif_type) {
4236 case IEEE80211_NOTIFY_RE_ASSOC:
4238 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
4240 if (sdata->vif.type == IEEE80211_IF_TYPE_STA) {
4241 ieee80211_sta_req_auth(sdata->dev,
4250 EXPORT_SYMBOL(ieee80211_notify_mac);
projects / linux-2.6-omap-h63xx.git / blob