projects / openwrt / staging / mkresin.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
add d80211 from a recent wireless-dev checkout
[openwrt/staging/mkresin.git] / package / d80211 / src / ieee80211_sta.c
1 /*
2 * BSS client mode implementation
3 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
4 * Copyright 2004, Instant802 Networks, Inc.
5 * Copyright 2005, Devicescape Software, Inc.
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
10 */
11
12 /* TODO:
13 * BSS table: use <BSSID,SSID> as the key to support multi-SSID APs
14 * order BSS list by RSSI(?) ("quality of AP")
15 * scan result table filtering (by capability (privacy, IBSS/BSS, WPA/RSN IE,
16 * SSID)
17 */
18 #include <linux/if_ether.h>
19 #include <linux/skbuff.h>
20 #include <linux/netdevice.h>
21 #include <linux/if_arp.h>
22 #include <linux/wireless.h>
23 #include <linux/random.h>
24 #include <net/iw_handler.h>
25 #include <asm/types.h>
26 #include <asm/delay.h>
27
28 #include <net/d80211.h>
29 #include <net/d80211_mgmt.h>
30 #include "ieee80211_i.h"
31 #include "ieee80211_rate.h"
32 #include "hostapd_ioctl.h"
33
34 #define IEEE80211_AUTH_TIMEOUT (HZ / 5)
35 #define IEEE80211_AUTH_MAX_TRIES 3
36 #define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
37 #define IEEE80211_ASSOC_MAX_TRIES 3
38 #define IEEE80211_MONITORING_INTERVAL (2 * HZ)
39 #define IEEE80211_PROBE_INTERVAL (60 * HZ)
40 #define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ)
41 #define IEEE80211_SCAN_INTERVAL (2 * HZ)
42 #define IEEE80211_SCAN_INTERVAL_SLOW (15 * HZ)
43 #define IEEE80211_IBSS_JOIN_TIMEOUT (20 * HZ)
44
45 #define IEEE80211_PROBE_DELAY (HZ / 33)
46 #define IEEE80211_CHANNEL_TIME (HZ / 33)
47 #define IEEE80211_PASSIVE_CHANNEL_TIME (HZ / 5)
48 #define IEEE80211_SCAN_RESULT_EXPIRE (10 * HZ)
49 #define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
50 #define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
51
52 #define IEEE80211_IBSS_MAX_STA_ENTRIES 128
53
54
55 #define IEEE80211_FC(type, stype) cpu_to_le16(type | stype)
56
57 #define ERP_INFO_USE_PROTECTION BIT(1)
58
59 static void ieee80211_send_probe_req(struct net_device *dev, u8 *dst,
60 u8 *ssid, size_t ssid_len);
61 static struct ieee80211_sta_bss *
62 ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid);
63 static void ieee80211_rx_bss_put(struct net_device *dev,
64 struct ieee80211_sta_bss *bss);
65 static int ieee80211_sta_find_ibss(struct net_device *dev,
66 struct ieee80211_if_sta *ifsta);
67 static int ieee80211_sta_wep_configured(struct net_device *dev);
68
69
70 /* Parsed Information Elements */
71 struct ieee802_11_elems {
72 u8 *ssid;
73 u8 ssid_len;
74 u8 *supp_rates;
75 u8 supp_rates_len;
76 u8 *fh_params;
77 u8 fh_params_len;
78 u8 *ds_params;
79 u8 ds_params_len;
80 u8 *cf_params;
81 u8 cf_params_len;
82 u8 *tim;
83 u8 tim_len;
84 u8 *ibss_params;
85 u8 ibss_params_len;
86 u8 *challenge;
87 u8 challenge_len;
88 u8 *wpa;
89 u8 wpa_len;
90 u8 *rsn;
91 u8 rsn_len;
92 u8 *erp_info;
93 u8 erp_info_len;
94 u8 *ext_supp_rates;
95 u8 ext_supp_rates_len;
96 u8 *wmm_info;
97 u8 wmm_info_len;
98 u8 *wmm_param;
99 u8 wmm_param_len;
100 };
101
102 typedef enum { ParseOK = 0, ParseUnknown = 1, ParseFailed = -1 } ParseRes;
103
104
105 static ParseRes ieee802_11_parse_elems(u8 *start, size_t len,
106 struct ieee802_11_elems *elems)
107 {
108 size_t left = len;
109 u8 *pos = start;
110 int unknown = 0;
111
112 memset(elems, 0, sizeof(*elems));
113
114 while (left >= 2) {
115 u8 id, elen;
116
117 id = *pos++;
118 elen = *pos++;
119 left -= 2;
120
121 if (elen > left) {
122 #if 0
123 if (net_ratelimit())
124 printk(KERN_DEBUG "IEEE 802.11 element parse "
125 "failed (id=%d elen=%d left=%d)\n",
126 id, elen, left);
127 #endif
128 return ParseFailed;
129 }
130
131 switch (id) {
132 case WLAN_EID_SSID:
133 elems->ssid = pos;
134 elems->ssid_len = elen;
135 break;
136 case WLAN_EID_SUPP_RATES:
137 elems->supp_rates = pos;
138 elems->supp_rates_len = elen;
139 break;
140 case WLAN_EID_FH_PARAMS:
141 elems->fh_params = pos;
142 elems->fh_params_len = elen;
143 break;
144 case WLAN_EID_DS_PARAMS:
145 elems->ds_params = pos;
146 elems->ds_params_len = elen;
147 break;
148 case WLAN_EID_CF_PARAMS:
149 elems->cf_params = pos;
150 elems->cf_params_len = elen;
151 break;
152 case WLAN_EID_TIM:
153 elems->tim = pos;
154 elems->tim_len = elen;
155 break;
156 case WLAN_EID_IBSS_PARAMS:
157 elems->ibss_params = pos;
158 elems->ibss_params_len = elen;
159 break;
160 case WLAN_EID_CHALLENGE:
161 elems->challenge = pos;
162 elems->challenge_len = elen;
163 break;
164 case WLAN_EID_WPA:
165 if (elen >= 4 && pos[0] == 0x00 && pos[1] == 0x50 &&
166 pos[2] == 0xf2) {
167 /* Microsoft OUI (00:50:F2) */
168 if (pos[3] == 1) {
169 /* OUI Type 1 - WPA IE */
170 elems->wpa = pos;
171 elems->wpa_len = elen;
172 } else if (elen >= 5 && pos[3] == 2) {
173 if (pos[4] == 0) {
174 elems->wmm_info = pos;
175 elems->wmm_info_len = elen;
176 } else if (pos[4] == 1) {
177 elems->wmm_param = pos;
178 elems->wmm_param_len = elen;
179 }
180 }
181 }
182 break;
183 case WLAN_EID_RSN:
184 elems->rsn = pos;
185 elems->rsn_len = elen;
186 break;
187 case WLAN_EID_ERP_INFO:
188 elems->erp_info = pos;
189 elems->erp_info_len = elen;
190 break;
191 case WLAN_EID_EXT_SUPP_RATES:
192 elems->ext_supp_rates = pos;
193 elems->ext_supp_rates_len = elen;
194 break;
195 default:
196 #if 0
197 printk(KERN_DEBUG "IEEE 802.11 element parse ignored "
198 "unknown element (id=%d elen=%d)\n",
199 id, elen);
200 #endif
201 unknown++;
202 break;
203 }
204
205 left -= elen;
206 pos += elen;
207 }
208
209 /* Do not trigger error if left == 1 as Apple Airport base stations
210 * send AssocResps that are one spurious byte too long. */
211
212 return unknown ? ParseUnknown : ParseOK;
213 }
214
215
216
217
218 static int ecw2cw(int ecw)
219 {
220 int cw = 1;
221 while (ecw > 0) {
222 cw <<= 1;
223 ecw--;
224 }
225 return cw - 1;
226 }
227
228
229 static void ieee80211_sta_wmm_params(struct net_device *dev,
230 struct ieee80211_if_sta *ifsta,
231 u8 *wmm_param, size_t wmm_param_len)
232 {
233 struct ieee80211_local *local = dev->ieee80211_ptr;
234 struct ieee80211_tx_queue_params params;
235 size_t left;
236 int count;
237 u8 *pos;
238
239 if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1)
240 return;
241 count = wmm_param[6] & 0x0f;
242 if (count == ifsta->wmm_last_param_set)
243 return;
244 ifsta->wmm_last_param_set = count;
245
246 pos = wmm_param + 8;
247 left = wmm_param_len - 8;
248
249 memset(&params, 0, sizeof(params));
250
251 if (!local->ops->conf_tx)
252 return;
253
254 local->wmm_acm = 0;
255 for (; left >= 4; left -= 4, pos += 4) {
256 int aci = (pos[0] >> 5) & 0x03;
257 int acm = (pos[0] >> 4) & 0x01;
258 int queue;
259
260 switch (aci) {
261 case 1:
262 queue = IEEE80211_TX_QUEUE_DATA3;
263 if (acm) {
264 local->wmm_acm |= BIT(1) | BIT(2);
265 }
266 break;
267 case 2:
268 queue = IEEE80211_TX_QUEUE_DATA1;
269 if (acm) {
270 local->wmm_acm |= BIT(4) | BIT(5);
271 }
272 break;
273 case 3:
274 queue = IEEE80211_TX_QUEUE_DATA0;
275 if (acm) {
276 local->wmm_acm |= BIT(6) | BIT(7);
277 }
278 break;
279 case 0:
280 default:
281 queue = IEEE80211_TX_QUEUE_DATA2;
282 if (acm) {
283 local->wmm_acm |= BIT(0) | BIT(3);
284 }
285 break;
286 }
287
288 params.aifs = pos[0] & 0x0f;
289 params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4);
290 params.cw_min = ecw2cw(pos[1] & 0x0f);
291 /* TXOP is in units of 32 usec; burst_time in 0.1 ms */
292 params.burst_time = (pos[2] | (pos[3] << 8)) * 32 / 100;
293 printk(KERN_DEBUG "%s: WMM queue=%d aci=%d acm=%d aifs=%d "
294 "cWmin=%d cWmax=%d burst=%d\n",
295 dev->name, queue, aci, acm, params.aifs, params.cw_min,
296 params.cw_max, params.burst_time);
297 /* TODO: handle ACM (block TX, fallback to next lowest allowed
298 * AC for now) */
299 if (local->ops->conf_tx(local_to_hw(local), queue, &params)) {
300 printk(KERN_DEBUG "%s: failed to set TX queue "
301 "parameters for queue %d\n", dev->name, queue);
302 }
303 }
304 }
305
306
307 static void ieee80211_sta_send_associnfo(struct net_device *dev,
308 struct ieee80211_if_sta *ifsta)
309 {
310 char *buf;
311 size_t len;
312 int i;
313 union iwreq_data wrqu;
314
315 if (!ifsta->assocreq_ies && !ifsta->assocresp_ies)
316 return;
317
318 buf = kmalloc(50 + 2 * (ifsta->assocreq_ies_len +
319 ifsta->assocresp_ies_len), GFP_ATOMIC);
320 if (!buf)
321 return;
322
323 len = sprintf(buf, "ASSOCINFO(");
324 if (ifsta->assocreq_ies) {
325 len += sprintf(buf + len, "ReqIEs=");
326 for (i = 0; i < ifsta->assocreq_ies_len; i++) {
327 len += sprintf(buf + len, "%02x",
328 ifsta->assocreq_ies[i]);
329 }
330 }
331 if (ifsta->assocresp_ies) {
332 if (ifsta->assocreq_ies)
333 len += sprintf(buf + len, " ");
334 len += sprintf(buf + len, "RespIEs=");
335 for (i = 0; i < ifsta->assocresp_ies_len; i++) {
336 len += sprintf(buf + len, "%02x",
337 ifsta->assocresp_ies[i]);
338 }
339 }
340 len += sprintf(buf + len, ")");
341
342 if (len > IW_CUSTOM_MAX) {
343 len = sprintf(buf, "ASSOCRESPIE=");
344 for (i = 0; i < ifsta->assocresp_ies_len; i++) {
345 len += sprintf(buf + len, "%02x",
346 ifsta->assocresp_ies[i]);
347 }
348 }
349
350 memset(&wrqu, 0, sizeof(wrqu));
351 wrqu.data.length = len;
352 wireless_send_event(dev, IWEVCUSTOM, &wrqu, buf);
353
354 kfree(buf);
355 }
356
357
358 static void ieee80211_set_associated(struct net_device *dev,
359 struct ieee80211_if_sta *ifsta, int assoc)
360 {
361 union iwreq_data wrqu;
362
363 if (ifsta->associated == assoc)
364 return;
365
366 ifsta->associated = assoc;
367
368 if (assoc) {
369 struct ieee80211_sub_if_data *sdata;
370 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
371 if (sdata->type != IEEE80211_IF_TYPE_STA)
372 return;
373 ifsta->prev_bssid_set = 1;
374 memcpy(ifsta->prev_bssid, sdata->u.sta.bssid, ETH_ALEN);
375 memcpy(wrqu.ap_addr.sa_data, sdata->u.sta.bssid, ETH_ALEN);
376 ieee80211_sta_send_associnfo(dev, ifsta);
377 } else {
378 memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
379 }
380 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
381 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
382 ifsta->last_probe = jiffies;
383 }
384
385 static void ieee80211_set_disassoc(struct net_device *dev,
386 struct ieee80211_if_sta *ifsta, int deauth)
387 {
388 if (deauth)
389 ifsta->auth_tries = 0;
390 ifsta->assoc_tries = 0;
391 ieee80211_set_associated(dev, ifsta, 0);
392 }
393
394 static void ieee80211_sta_tx(struct net_device *dev, struct sk_buff *skb,
395 int encrypt, int probe_resp)
396 {
397 struct ieee80211_sub_if_data *sdata;
398 struct ieee80211_tx_packet_data *pkt_data;
399
400 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
401 skb->dev = sdata->local->mdev;
402 skb->mac.raw = skb->nh.raw = skb->h.raw = skb->data;
403
404 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb;
405 memset(pkt_data, 0, sizeof(struct ieee80211_tx_packet_data));
406 pkt_data->ifindex = sdata->dev->ifindex;
407 pkt_data->mgmt_iface = (sdata->type == IEEE80211_IF_TYPE_MGMT);
408 pkt_data->do_not_encrypt = !encrypt;
409 if (probe_resp)
410 pkt_data->pkt_probe_resp = 1;
411
412 dev_queue_xmit(skb);
413 }
414
415
416 static void ieee80211_send_auth(struct net_device *dev,
417 struct ieee80211_if_sta *ifsta,
418 int transaction, u8 *extra, size_t extra_len,
419 int encrypt)
420 {
421 struct sk_buff *skb;
422 struct ieee80211_mgmt *mgmt;
423
424 skb = dev_alloc_skb(sizeof(*mgmt) + 6 + extra_len);
425 if (!skb) {
426 printk(KERN_DEBUG "%s: failed to allocate buffer for auth "
427 "frame\n", dev->name);
428 return;
429 }
430
431 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24 + 6);
432 memset(mgmt, 0, 24 + 6);
433 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
434 IEEE80211_STYPE_AUTH);
435 if (encrypt)
436 mgmt->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
437 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
438 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
439 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
440 mgmt->u.auth.auth_alg = cpu_to_le16(ifsta->auth_alg);
441 mgmt->u.auth.auth_transaction = cpu_to_le16(transaction);
442 ifsta->auth_transaction = transaction + 1;
443 mgmt->u.auth.status_code = cpu_to_le16(0);
444 if (extra)
445 memcpy(skb_put(skb, extra_len), extra, extra_len);
446
447 ieee80211_sta_tx(dev, skb, encrypt, 0);
448 }
449
450
451 static void ieee80211_authenticate(struct net_device *dev,
452 struct ieee80211_if_sta *ifsta)
453 {
454 ifsta->auth_tries++;
455 if (ifsta->auth_tries > IEEE80211_AUTH_MAX_TRIES) {
456 printk(KERN_DEBUG "%s: authentication with AP " MAC_FMT
457 " timed out\n",
458 dev->name, MAC_ARG(ifsta->bssid));
459 return;
460 }
461
462 ifsta->state = IEEE80211_AUTHENTICATE;
463 printk(KERN_DEBUG "%s: authenticate with AP " MAC_FMT "\n",
464 dev->name, MAC_ARG(ifsta->bssid));
465
466 ieee80211_send_auth(dev, ifsta, 1, NULL, 0, 0);
467
468 schedule_delayed_work(&ifsta->work, IEEE80211_AUTH_TIMEOUT);
469 }
470
471
472 static void ieee80211_send_assoc(struct net_device *dev,
473 struct ieee80211_if_sta *ifsta)
474 {
475 struct ieee80211_local *local = dev->ieee80211_ptr;
476 struct sk_buff *skb;
477 struct ieee80211_mgmt *mgmt;
478 u8 *pos, *ies;
479 int i, len;
480 u16 capab;
481 struct ieee80211_sta_bss *bss;
482 int wmm = 0;
483
484 skb = dev_alloc_skb(sizeof(*mgmt) + 200 + ifsta->extra_ie_len +
485 ifsta->ssid_len);
486 if (!skb) {
487 printk(KERN_DEBUG "%s: failed to allocate buffer for assoc "
488 "frame\n", dev->name);
489 return;
490 }
491
492 capab = ifsta->capab;
493 if (local->hw.conf.phymode == MODE_IEEE80211G) {
494 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME |
495 WLAN_CAPABILITY_SHORT_PREAMBLE;
496 }
497 bss = ieee80211_rx_bss_get(dev, ifsta->bssid);
498 if (bss) {
499 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
500 capab |= WLAN_CAPABILITY_PRIVACY;
501 if (bss->wmm_ie) {
502 wmm = 1;
503 }
504 ieee80211_rx_bss_put(dev, bss);
505 }
506
507 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
508 memset(mgmt, 0, 24);
509 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
510 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
511 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
512
513 if (ifsta->prev_bssid_set) {
514 skb_put(skb, 10);
515 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
516 IEEE80211_STYPE_REASSOC_REQ);
517 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
518 mgmt->u.reassoc_req.listen_interval = cpu_to_le16(1);
519 memcpy(mgmt->u.reassoc_req.current_ap, ifsta->prev_bssid,
520 ETH_ALEN);
521 } else {
522 skb_put(skb, 4);
523 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
524 IEEE80211_STYPE_ASSOC_REQ);
525 mgmt->u.assoc_req.capab_info = cpu_to_le16(capab);
526 mgmt->u.assoc_req.listen_interval = cpu_to_le16(1);
527 }
528
529 /* SSID */
530 ies = pos = skb_put(skb, 2 + ifsta->ssid_len);
531 *pos++ = WLAN_EID_SSID;
532 *pos++ = ifsta->ssid_len;
533 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
534
535 len = local->num_curr_rates;
536 if (len > 8)
537 len = 8;
538 pos = skb_put(skb, len + 2);
539 *pos++ = WLAN_EID_SUPP_RATES;
540 *pos++ = len;
541 for (i = 0; i < len; i++) {
542 int rate = local->curr_rates[i].rate;
543 if (local->hw.conf.phymode == MODE_ATHEROS_TURBO)
544 rate /= 2;
545 *pos++ = (u8) (rate / 5);
546 }
547
548 if (local->num_curr_rates > len) {
549 pos = skb_put(skb, local->num_curr_rates - len + 2);
550 *pos++ = WLAN_EID_EXT_SUPP_RATES;
551 *pos++ = local->num_curr_rates - len;
552 for (i = len; i < local->num_curr_rates; i++) {
553 int rate = local->curr_rates[i].rate;
554 if (local->hw.conf.phymode == MODE_ATHEROS_TURBO)
555 rate /= 2;
556 *pos++ = (u8) (rate / 5);
557 }
558 }
559
560 if (ifsta->extra_ie) {
561 pos = skb_put(skb, ifsta->extra_ie_len);
562 memcpy(pos, ifsta->extra_ie, ifsta->extra_ie_len);
563 }
564
565 if (wmm && ifsta->wmm_enabled) {
566 pos = skb_put(skb, 9);
567 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
568 *pos++ = 7; /* len */
569 *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */
570 *pos++ = 0x50;
571 *pos++ = 0xf2;
572 *pos++ = 2; /* WME */
573 *pos++ = 0; /* WME info */
574 *pos++ = 1; /* WME ver */
575 *pos++ = 0;
576 }
577
578 kfree(ifsta->assocreq_ies);
579 ifsta->assocreq_ies_len = (skb->data + skb->len) - ies;
580 ifsta->assocreq_ies = kmalloc(ifsta->assocreq_ies_len, GFP_ATOMIC);
581 if (ifsta->assocreq_ies)
582 memcpy(ifsta->assocreq_ies, ies, ifsta->assocreq_ies_len);
583
584 ieee80211_sta_tx(dev, skb, 0, 0);
585 }
586
587
588 static void ieee80211_send_deauth(struct net_device *dev,
589 struct ieee80211_if_sta *ifsta, u16 reason)
590 {
591 struct sk_buff *skb;
592 struct ieee80211_mgmt *mgmt;
593
594 skb = dev_alloc_skb(sizeof(*mgmt));
595 if (!skb) {
596 printk(KERN_DEBUG "%s: failed to allocate buffer for deauth "
597 "frame\n", dev->name);
598 return;
599 }
600
601 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
602 memset(mgmt, 0, 24);
603 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
604 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
605 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
606 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
607 IEEE80211_STYPE_DEAUTH);
608 skb_put(skb, 2);
609 mgmt->u.deauth.reason_code = cpu_to_le16(reason);
610
611 ieee80211_sta_tx(dev, skb, 0, 0);
612 }
613
614
615 static void ieee80211_send_disassoc(struct net_device *dev,
616 struct ieee80211_if_sta *ifsta, u16 reason)
617 {
618 struct sk_buff *skb;
619 struct ieee80211_mgmt *mgmt;
620
621 skb = dev_alloc_skb(sizeof(*mgmt));
622 if (!skb) {
623 printk(KERN_DEBUG "%s: failed to allocate buffer for disassoc "
624 "frame\n", dev->name);
625 return;
626 }
627
628 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
629 memset(mgmt, 0, 24);
630 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
631 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
632 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
633 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
634 IEEE80211_STYPE_DISASSOC);
635 skb_put(skb, 2);
636 mgmt->u.disassoc.reason_code = cpu_to_le16(reason);
637
638 ieee80211_sta_tx(dev, skb, 0, 0);
639 }
640
641
642 static int ieee80211_privacy_mismatch(struct net_device *dev,
643 struct ieee80211_if_sta *ifsta)
644 {
645 struct ieee80211_sta_bss *bss;
646 int res = 0;
647
648 if (!ifsta || ifsta->mixed_cell ||
649 ifsta->key_mgmt != IEEE80211_KEY_MGMT_NONE)
650 return 0;
651
652 bss = ieee80211_rx_bss_get(dev, ifsta->bssid);
653 if (!bss)
654 return 0;
655
656 if (ieee80211_sta_wep_configured(dev) !=
657 !!(bss->capability & WLAN_CAPABILITY_PRIVACY))
658 res = 1;
659
660 ieee80211_rx_bss_put(dev, bss);
661
662 return res;
663 }
664
665
666 static void ieee80211_associate(struct net_device *dev,
667 struct ieee80211_if_sta *ifsta)
668 {
669 ifsta->assoc_tries++;
670 if (ifsta->assoc_tries > IEEE80211_ASSOC_MAX_TRIES) {
671 printk(KERN_DEBUG "%s: association with AP " MAC_FMT
672 " timed out\n",
673 dev->name, MAC_ARG(ifsta->bssid));
674 return;
675 }
676
677 ifsta->state = IEEE80211_ASSOCIATE;
678 printk(KERN_DEBUG "%s: associate with AP " MAC_FMT "\n",
679 dev->name, MAC_ARG(ifsta->bssid));
680 if (ieee80211_privacy_mismatch(dev, ifsta)) {
681 printk(KERN_DEBUG "%s: mismatch in privacy configuration and "
682 "mixed-cell disabled - abort association\n", dev->name);
683 return;
684 }
685
686 ieee80211_send_assoc(dev, ifsta);
687
688 schedule_delayed_work(&ifsta->work, IEEE80211_ASSOC_TIMEOUT);
689 }
690
691
692 static void ieee80211_associated(struct net_device *dev,
693 struct ieee80211_if_sta *ifsta)
694 {
695 struct ieee80211_local *local = dev->ieee80211_ptr;
696 struct sta_info *sta;
697 int disassoc;
698
699 /* TODO: start monitoring current AP signal quality and number of
700 * missed beacons. Scan other channels every now and then and search
701 * for better APs. */
702 /* TODO: remove expired BSSes */
703
704 ifsta->state = IEEE80211_ASSOCIATED;
705
706 sta = sta_info_get(local, ifsta->bssid);
707 if (!sta) {
708 printk(KERN_DEBUG "%s: No STA entry for own AP " MAC_FMT "\n",
709 dev->name, MAC_ARG(ifsta->bssid));
710 disassoc = 1;
711 } else {
712 disassoc = 0;
713 if (time_after(jiffies,
714 sta->last_rx + IEEE80211_MONITORING_INTERVAL)) {
715 if (ifsta->probereq_poll) {
716 printk(KERN_DEBUG "%s: No ProbeResp from "
717 "current AP " MAC_FMT " - assume out of "
718 "range\n",
719 dev->name, MAC_ARG(ifsta->bssid));
720 disassoc = 1;
721 sta_info_free(sta, 0);
722 ifsta->probereq_poll = 0;
723 } else {
724 ieee80211_send_probe_req(dev, ifsta->bssid,
725 local->scan_ssid,
726 local->scan_ssid_len);
727 ifsta->probereq_poll = 1;
728 }
729 } else {
730 ifsta->probereq_poll = 0;
731 if (time_after(jiffies, ifsta->last_probe +
732 IEEE80211_PROBE_INTERVAL)) {
733 ifsta->last_probe = jiffies;
734 ieee80211_send_probe_req(dev, ifsta->bssid,
735 ifsta->ssid,
736 ifsta->ssid_len);
737 }
738 }
739 sta_info_put(sta);
740 }
741 if (disassoc) {
742 union iwreq_data wrqu;
743 memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
744 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
745 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
746 schedule_delayed_work(&ifsta->work,
747 IEEE80211_MONITORING_INTERVAL + 30 * HZ);
748 } else {
749 schedule_delayed_work(&ifsta->work,
750 IEEE80211_MONITORING_INTERVAL);
751 }
752 }
753
754
755 static void ieee80211_send_probe_req(struct net_device *dev, u8 *dst,
756 u8 *ssid, size_t ssid_len)
757 {
758 struct ieee80211_local *local = dev->ieee80211_ptr;
759 struct sk_buff *skb;
760 struct ieee80211_mgmt *mgmt;
761 u8 *pos, *supp_rates, *esupp_rates = NULL;
762 int i;
763
764 skb = dev_alloc_skb(sizeof(*mgmt) + 200);
765 if (!skb) {
766 printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
767 "request\n", dev->name);
768 return;
769 }
770
771 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
772 memset(mgmt, 0, 24);
773 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
774 IEEE80211_STYPE_PROBE_REQ);
775 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
776 if (dst) {
777 memcpy(mgmt->da, dst, ETH_ALEN);
778 memcpy(mgmt->bssid, dst, ETH_ALEN);
779 } else {
780 memset(mgmt->da, 0xff, ETH_ALEN);
781 memset(mgmt->bssid, 0xff, ETH_ALEN);
782 }
783 pos = skb_put(skb, 2 + ssid_len);
784 *pos++ = WLAN_EID_SSID;
785 *pos++ = ssid_len;
786 memcpy(pos, ssid, ssid_len);
787
788 supp_rates = skb_put(skb, 2);
789 supp_rates[0] = WLAN_EID_SUPP_RATES;
790 supp_rates[1] = 0;
791 for (i = 0; i < local->num_curr_rates; i++) {
792 struct ieee80211_rate *rate = &local->curr_rates[i];
793 if (!(rate->flags & IEEE80211_RATE_SUPPORTED))
794 continue;
795 if (esupp_rates) {
796 pos = skb_put(skb, 1);
797 esupp_rates[1]++;
798 } else if (supp_rates[1] == 8) {
799 esupp_rates = skb_put(skb, 3);
800 esupp_rates[0] = WLAN_EID_EXT_SUPP_RATES;
801 esupp_rates[1] = 1;
802 pos = &esupp_rates[2];
803 } else {
804 pos = skb_put(skb, 1);
805 supp_rates[1]++;
806 }
807 if (local->hw.conf.phymode == MODE_ATHEROS_TURBO)
808 *pos = rate->rate / 10;
809 else
810 *pos = rate->rate / 5;
811 }
812
813 ieee80211_sta_tx(dev, skb, 0, 0);
814 }
815
816
817 static int ieee80211_sta_wep_configured(struct net_device *dev)
818 {
819 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
820 if (!sdata || !sdata->default_key ||
821 sdata->default_key->alg != ALG_WEP)
822 return 0;
823 return 1;
824 }
825
826
827 static void ieee80211_auth_completed(struct net_device *dev,
828 struct ieee80211_if_sta *ifsta)
829 {
830 printk(KERN_DEBUG "%s: authenticated\n", dev->name);
831 ifsta->authenticated = 1;
832 ieee80211_associate(dev, ifsta);
833 }
834
835
836 static void ieee80211_auth_challenge(struct net_device *dev,
837 struct ieee80211_if_sta *ifsta,
838 struct ieee80211_mgmt *mgmt,
839 size_t len,
840 struct ieee80211_rx_status *rx_status)
841 {
842 u8 *pos;
843 struct ieee802_11_elems elems;
844
845 printk(KERN_DEBUG "%s: replying to auth challenge\n", dev->name);
846 pos = mgmt->u.auth.variable;
847 if (ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems)
848 == ParseFailed) {
849 printk(KERN_DEBUG "%s: failed to parse Auth(challenge)\n",
850 dev->name);
851 return;
852 }
853 if (!elems.challenge) {
854 printk(KERN_DEBUG "%s: no challenge IE in shared key auth "
855 "frame\n", dev->name);
856 return;
857 }
858 ieee80211_send_auth(dev, ifsta, 3, elems.challenge - 2,
859 elems.challenge_len + 2, 1);
860 }
861
862
863 static void ieee80211_rx_mgmt_auth(struct net_device *dev,
864 struct ieee80211_if_sta *ifsta,
865 struct ieee80211_mgmt *mgmt,
866 size_t len,
867 struct ieee80211_rx_status *rx_status)
868 {
869 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
870 u16 auth_alg, auth_transaction, status_code;
871
872 if (ifsta->state != IEEE80211_AUTHENTICATE &&
873 sdata->type != IEEE80211_IF_TYPE_IBSS) {
874 printk(KERN_DEBUG "%s: authentication frame received from "
875 MAC_FMT ", but not in authenticate state - ignored\n",
876 dev->name, MAC_ARG(mgmt->sa));
877 return;
878 }
879
880 if (len < 24 + 6) {
881 printk(KERN_DEBUG "%s: too short (%zd) authentication frame "
882 "received from " MAC_FMT " - ignored\n",
883 dev->name, len, MAC_ARG(mgmt->sa));
884 return;
885 }
886
887 if (sdata->type != IEEE80211_IF_TYPE_IBSS &&
888 memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
889 printk(KERN_DEBUG "%s: authentication frame received from "
890 "unknown AP (SA=" MAC_FMT " BSSID=" MAC_FMT ") - "
891 "ignored\n", dev->name, MAC_ARG(mgmt->sa),
892 MAC_ARG(mgmt->bssid));
893 return;
894 }
895
896 if (sdata->type != IEEE80211_IF_TYPE_IBSS &&
897 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0) {
898 printk(KERN_DEBUG "%s: authentication frame received from "
899 "unknown BSSID (SA=" MAC_FMT " BSSID=" MAC_FMT ") - "
900 "ignored\n", dev->name, MAC_ARG(mgmt->sa),
901 MAC_ARG(mgmt->bssid));
902 return;
903 }
904
905 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
906 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
907 status_code = le16_to_cpu(mgmt->u.auth.status_code);
908
909 printk(KERN_DEBUG "%s: RX authentication from " MAC_FMT " (alg=%d "
910 "transaction=%d status=%d)\n",
911 dev->name, MAC_ARG(mgmt->sa), auth_alg,
912 auth_transaction, status_code);
913
914 if (sdata->type == IEEE80211_IF_TYPE_IBSS) {
915 /* IEEE 802.11 standard does not require authentication in IBSS
916 * networks and most implementations do not seem to use it.
917 * However, try to reply to authentication attempts if someone
918 * has actually implemented this.
919 * TODO: Could implement shared key authentication. */
920 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1) {
921 printk(KERN_DEBUG "%s: unexpected IBSS authentication "
922 "frame (alg=%d transaction=%d)\n",
923 dev->name, auth_alg, auth_transaction);
924 return;
925 }
926 ieee80211_send_auth(dev, ifsta, 2, NULL, 0, 0);
927 }
928
929 if (auth_alg != ifsta->auth_alg ||
930 auth_transaction != ifsta->auth_transaction) {
931 printk(KERN_DEBUG "%s: unexpected authentication frame "
932 "(alg=%d transaction=%d)\n",
933 dev->name, auth_alg, auth_transaction);
934 return;
935 }
936
937 if (status_code != WLAN_STATUS_SUCCESS) {
938 printk(KERN_DEBUG "%s: AP denied authentication (auth_alg=%d "
939 "code=%d)\n", dev->name, ifsta->auth_alg, status_code);
940 if (status_code == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) {
941 u8 algs[3];
942 const int num_algs = ARRAY_SIZE(algs);
943 int i, pos;
944 algs[0] = algs[1] = algs[2] = 0xff;
945 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN)
946 algs[0] = WLAN_AUTH_OPEN;
947 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
948 algs[1] = WLAN_AUTH_SHARED_KEY;
949 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP)
950 algs[2] = WLAN_AUTH_LEAP;
951 if (ifsta->auth_alg == WLAN_AUTH_OPEN)
952 pos = 0;
953 else if (ifsta->auth_alg == WLAN_AUTH_SHARED_KEY)
954 pos = 1;
955 else
956 pos = 2;
957 for (i = 0; i < num_algs; i++) {
958 pos++;
959 if (pos >= num_algs)
960 pos = 0;
961 if (algs[pos] == ifsta->auth_alg ||
962 algs[pos] == 0xff)
963 continue;
964 if (algs[pos] == WLAN_AUTH_SHARED_KEY &&
965 !ieee80211_sta_wep_configured(dev))
966 continue;
967 ifsta->auth_alg = algs[pos];
968 printk(KERN_DEBUG "%s: set auth_alg=%d for "
969 "next try\n",
970 dev->name, ifsta->auth_alg);
971 break;
972 }
973 }
974 return;
975 }
976
977 switch (ifsta->auth_alg) {
978 case WLAN_AUTH_OPEN:
979 case WLAN_AUTH_LEAP:
980 ieee80211_auth_completed(dev, ifsta);
981 break;
982 case WLAN_AUTH_SHARED_KEY:
983 if (ifsta->auth_transaction == 4)
984 ieee80211_auth_completed(dev, ifsta);
985 else
986 ieee80211_auth_challenge(dev, ifsta, mgmt, len,
987 rx_status);
988 break;
989 }
990 }
991
992
993 static void ieee80211_rx_mgmt_deauth(struct net_device *dev,
994 struct ieee80211_if_sta *ifsta,
995 struct ieee80211_mgmt *mgmt,
996 size_t len,
997 struct ieee80211_rx_status *rx_status)
998 {
999 u16 reason_code;
1000
1001 if (len < 24 + 2) {
1002 printk(KERN_DEBUG "%s: too short (%zd) deauthentication frame "
1003 "received from " MAC_FMT " - ignored\n",
1004 dev->name, len, MAC_ARG(mgmt->sa));
1005 return;
1006 }
1007
1008 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1009 printk(KERN_DEBUG "%s: deauthentication frame received from "
1010 "unknown AP (SA=" MAC_FMT " BSSID=" MAC_FMT ") - "
1011 "ignored\n", dev->name, MAC_ARG(mgmt->sa),
1012 MAC_ARG(mgmt->bssid));
1013 return;
1014 }
1015
1016 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code);
1017
1018 printk(KERN_DEBUG "%s: RX deauthentication from " MAC_FMT
1019 " (reason=%d)\n",
1020 dev->name, MAC_ARG(mgmt->sa), reason_code);
1021
1022 if (ifsta->authenticated) {
1023 printk(KERN_DEBUG "%s: deauthenticated\n", dev->name);
1024 }
1025
1026 if (ifsta->state == IEEE80211_AUTHENTICATE ||
1027 ifsta->state == IEEE80211_ASSOCIATE ||
1028 ifsta->state == IEEE80211_ASSOCIATED) {
1029 ifsta->state = IEEE80211_AUTHENTICATE;
1030 schedule_delayed_work(&ifsta->work,
1031 IEEE80211_RETRY_AUTH_INTERVAL);
1032 }
1033
1034 ieee80211_set_disassoc(dev, ifsta, 1);
1035 ifsta->authenticated = 0;
1036 }
1037
1038
1039 static void ieee80211_rx_mgmt_disassoc(struct net_device *dev,
1040 struct ieee80211_if_sta *ifsta,
1041 struct ieee80211_mgmt *mgmt,
1042 size_t len,
1043 struct ieee80211_rx_status *rx_status)
1044 {
1045 u16 reason_code;
1046
1047 if (len < 24 + 2) {
1048 printk(KERN_DEBUG "%s: too short (%zd) disassociation frame "
1049 "received from " MAC_FMT " - ignored\n",
1050 dev->name, len, MAC_ARG(mgmt->sa));
1051 return;
1052 }
1053
1054 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1055 printk(KERN_DEBUG "%s: disassociation frame received from "
1056 "unknown AP (SA=" MAC_FMT " BSSID=" MAC_FMT ") - "
1057 "ignored\n", dev->name, MAC_ARG(mgmt->sa),
1058 MAC_ARG(mgmt->bssid));
1059 return;
1060 }
1061
1062 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
1063
1064 printk(KERN_DEBUG "%s: RX disassociation from " MAC_FMT
1065 " (reason=%d)\n",
1066 dev->name, MAC_ARG(mgmt->sa), reason_code);
1067
1068 if (ifsta->associated)
1069 printk(KERN_DEBUG "%s: disassociated\n", dev->name);
1070
1071 if (ifsta->state == IEEE80211_ASSOCIATED) {
1072 ifsta->state = IEEE80211_ASSOCIATE;
1073 schedule_delayed_work(&ifsta->work,
1074 IEEE80211_RETRY_AUTH_INTERVAL);
1075 }
1076
1077 ieee80211_set_disassoc(dev, ifsta, 0);
1078 }
1079
1080
1081 static void ieee80211_rx_mgmt_assoc_resp(struct net_device *dev,
1082 struct ieee80211_if_sta *ifsta,
1083 struct ieee80211_mgmt *mgmt,
1084 size_t len,
1085 struct ieee80211_rx_status *rx_status,
1086 int reassoc)
1087 {
1088 struct ieee80211_local *local = dev->ieee80211_ptr;
1089 struct sta_info *sta;
1090 u32 rates;
1091 u16 capab_info, status_code, aid;
1092 struct ieee802_11_elems elems;
1093 u8 *pos;
1094 int i, j;
1095
1096 /* AssocResp and ReassocResp have identical structure, so process both
1097 * of them in this function. */
1098
1099 if (ifsta->state != IEEE80211_ASSOCIATE) {
1100 printk(KERN_DEBUG "%s: association frame received from "
1101 MAC_FMT ", but not in associate state - ignored\n",
1102 dev->name, MAC_ARG(mgmt->sa));
1103 return;
1104 }
1105
1106 if (len < 24 + 6) {
1107 printk(KERN_DEBUG "%s: too short (%zd) association frame "
1108 "received from " MAC_FMT " - ignored\n",
1109 dev->name, len, MAC_ARG(mgmt->sa));
1110 return;
1111 }
1112
1113 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1114 printk(KERN_DEBUG "%s: association frame received from "
1115 "unknown AP (SA=" MAC_FMT " BSSID=" MAC_FMT ") - "
1116 "ignored\n", dev->name, MAC_ARG(mgmt->sa),
1117 MAC_ARG(mgmt->bssid));
1118 return;
1119 }
1120
1121 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
1122 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code);
1123 aid = le16_to_cpu(mgmt->u.assoc_resp.aid);
1124 if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14)))
1125 printk(KERN_DEBUG "%s: invalid aid value %d; bits 15:14 not "
1126 "set\n", dev->name, aid);
1127 aid &= ~(BIT(15) | BIT(14));
1128
1129 printk(KERN_DEBUG "%s: RX %sssocResp from " MAC_FMT " (capab=0x%x "
1130 "status=%d aid=%d)\n",
1131 dev->name, reassoc ? "Rea" : "A", MAC_ARG(mgmt->sa),
1132 capab_info, status_code, aid);
1133
1134 if (status_code != WLAN_STATUS_SUCCESS) {
1135 printk(KERN_DEBUG "%s: AP denied association (code=%d)\n",
1136 dev->name, status_code);
1137 return;
1138 }
1139
1140 pos = mgmt->u.assoc_resp.variable;
1141 if (ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems)
1142 == ParseFailed) {
1143 printk(KERN_DEBUG "%s: failed to parse AssocResp\n",
1144 dev->name);
1145 return;
1146 }
1147
1148 if (!elems.supp_rates) {
1149 printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n",
1150 dev->name);
1151 return;
1152 }
1153
1154 printk(KERN_DEBUG "%s: associated\n", dev->name);
1155 ifsta->aid = aid;
1156 ifsta->ap_capab = capab_info;
1157
1158 kfree(ifsta->assocresp_ies);
1159 ifsta->assocresp_ies_len = len - (pos - (u8 *) mgmt);
1160 ifsta->assocresp_ies = kmalloc(ifsta->assocresp_ies_len, GFP_ATOMIC);
1161 if (ifsta->assocresp_ies)
1162 memcpy(ifsta->assocresp_ies, pos, ifsta->assocresp_ies_len);
1163
1164 ieee80211_set_associated(dev, ifsta, 1);
1165
1166 /* Add STA entry for the AP */
1167 sta = sta_info_get(local, ifsta->bssid);
1168 if (!sta) {
1169 sta = sta_info_add(local, dev, ifsta->bssid, GFP_ATOMIC);
1170 if (!sta) {
1171 printk(KERN_DEBUG "%s: failed to add STA entry for the"
1172 " AP\n", dev->name);
1173 return;
1174 }
1175 }
1176
1177 sta->dev = dev;
1178 sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC;
1179 sta->assoc_ap = 1;
1180
1181 rates = 0;
1182 for (i = 0; i < elems.supp_rates_len; i++) {
1183 int rate = (elems.supp_rates[i] & 0x7f) * 5;
1184 if (local->hw.conf.phymode == MODE_ATHEROS_TURBO)
1185 rate *= 2;
1186 for (j = 0; j < local->num_curr_rates; j++)
1187 if (local->curr_rates[j].rate == rate)
1188 rates |= BIT(j);
1189 }
1190 for (i = 0; i < elems.ext_supp_rates_len; i++) {
1191 int rate = (elems.ext_supp_rates[i] & 0x7f) * 5;
1192 if (local->hw.conf.phymode == MODE_ATHEROS_TURBO)
1193 rate *= 2;
1194 for (j = 0; j < local->num_curr_rates; j++)
1195 if (local->curr_rates[j].rate == rate)
1196 rates |= BIT(j);
1197 }
1198 sta->supp_rates = rates;
1199
1200 rate_control_rate_init(sta, local);
1201
1202 if (elems.wmm_param && ifsta->wmm_enabled) {
1203 sta->flags |= WLAN_STA_WME;
1204 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param,
1205 elems.wmm_param_len);
1206 }
1207
1208
1209 sta_info_put(sta);
1210
1211 ieee80211_associated(dev, ifsta);
1212 }
1213
1214
1215 /* Caller must hold local->sta_bss_lock */
1216 static void __ieee80211_rx_bss_hash_add(struct net_device *dev,
1217 struct ieee80211_sta_bss *bss)
1218 {
1219 struct ieee80211_local *local = dev->ieee80211_ptr;
1220 bss->hnext = local->sta_bss_hash[STA_HASH(bss->bssid)];
1221 local->sta_bss_hash[STA_HASH(bss->bssid)] = bss;
1222 }
1223
1224
1225 /* Caller must hold local->sta_bss_lock */
1226 static void __ieee80211_rx_bss_hash_del(struct net_device *dev,
1227 struct ieee80211_sta_bss *bss)
1228 {
1229 struct ieee80211_local *local = dev->ieee80211_ptr;
1230 struct ieee80211_sta_bss *b, *prev = NULL;
1231 b = local->sta_bss_hash[STA_HASH(bss->bssid)];
1232 while (b) {
1233 if (b == bss) {
1234 if (!prev)
1235 local->sta_bss_hash[STA_HASH(bss->bssid)] =
1236 bss->hnext;
1237 else
1238 prev->hnext = bss->hnext;
1239 break;
1240 }
1241 prev = b;
1242 b = b->hnext;
1243 }
1244 }
1245
1246
1247 static struct ieee80211_sta_bss *
1248 ieee80211_rx_bss_add(struct net_device *dev, u8 *bssid)
1249 {
1250 struct ieee80211_local *local = dev->ieee80211_ptr;
1251 struct ieee80211_sta_bss *bss;
1252
1253 bss = kmalloc(sizeof(*bss), GFP_ATOMIC);
1254 if (!bss)
1255 return NULL;
1256 memset(bss, 0, sizeof(*bss));
1257 atomic_inc(&bss->users);
1258 atomic_inc(&bss->users);
1259 memcpy(bss->bssid, bssid, ETH_ALEN);
1260
1261 spin_lock_bh(&local->sta_bss_lock);
1262 /* TODO: order by RSSI? */
1263 list_add_tail(&bss->list, &local->sta_bss_list);
1264 __ieee80211_rx_bss_hash_add(dev, bss);
1265 spin_unlock_bh(&local->sta_bss_lock);
1266 return bss;
1267 }
1268
1269
1270 static struct ieee80211_sta_bss *
1271 ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid)
1272 {
1273 struct ieee80211_local *local = dev->ieee80211_ptr;
1274 struct ieee80211_sta_bss *bss;
1275
1276 spin_lock_bh(&local->sta_bss_lock);
1277 bss = local->sta_bss_hash[STA_HASH(bssid)];
1278 while (bss) {
1279 if (memcmp(bss->bssid, bssid, ETH_ALEN) == 0) {
1280 atomic_inc(&bss->users);
1281 break;
1282 }
1283 bss = bss->hnext;
1284 }
1285 spin_unlock_bh(&local->sta_bss_lock);
1286 return bss;
1287 }
1288
1289
1290 static void ieee80211_rx_bss_free(struct ieee80211_sta_bss *bss)
1291 {
1292 kfree(bss->wpa_ie);
1293 kfree(bss->rsn_ie);
1294 kfree(bss->wmm_ie);
1295 kfree(bss);
1296 }
1297
1298
1299 static void ieee80211_rx_bss_put(struct net_device *dev,
1300 struct ieee80211_sta_bss *bss)
1301 {
1302 struct ieee80211_local *local = dev->ieee80211_ptr;
1303 if (!atomic_dec_and_test(&bss->users))
1304 return;
1305
1306 spin_lock_bh(&local->sta_bss_lock);
1307 __ieee80211_rx_bss_hash_del(dev, bss);
1308 list_del(&bss->list);
1309 spin_unlock_bh(&local->sta_bss_lock);
1310 ieee80211_rx_bss_free(bss);
1311 }
1312
1313
1314 void ieee80211_rx_bss_list_init(struct net_device *dev)
1315 {
1316 struct ieee80211_local *local = dev->ieee80211_ptr;
1317 spin_lock_init(&local->sta_bss_lock);
1318 INIT_LIST_HEAD(&local->sta_bss_list);
1319 }
1320
1321
1322 void ieee80211_rx_bss_list_deinit(struct net_device *dev)
1323 {
1324 struct ieee80211_local *local = dev->ieee80211_ptr;
1325 struct ieee80211_sta_bss *bss, *tmp;
1326
1327 list_for_each_entry_safe(bss, tmp, &local->sta_bss_list, list)
1328 ieee80211_rx_bss_put(dev, bss);
1329 }
1330
1331
1332 static void ieee80211_rx_bss_info(struct net_device *dev,
1333 struct ieee80211_mgmt *mgmt,
1334 size_t len,
1335 struct ieee80211_rx_status *rx_status,
1336 int beacon)
1337 {
1338 struct ieee80211_local *local = dev->ieee80211_ptr;
1339 struct ieee802_11_elems elems;
1340 size_t baselen;
1341 int channel, invalid = 0, clen;
1342 struct ieee80211_sta_bss *bss;
1343 struct sta_info *sta;
1344 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1345 u64 timestamp;
1346
1347 if (!beacon && memcmp(mgmt->da, dev->dev_addr, ETH_ALEN))
1348 return; /* ignore ProbeResp to foreign address */
1349
1350 #if 0
1351 printk(KERN_DEBUG "%s: RX %s from " MAC_FMT " to " MAC_FMT "\n",
1352 dev->name, beacon ? "Beacon" : "Probe Response",
1353 MAC_ARG(mgmt->sa), MAC_ARG(mgmt->da));
1354 #endif
1355
1356 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
1357 if (baselen > len)
1358 return;
1359
1360 timestamp = le64_to_cpu(mgmt->u.beacon.timestamp);
1361
1362 if (sdata->type == IEEE80211_IF_TYPE_IBSS && beacon &&
1363 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0) {
1364 #ifdef CONFIG_D80211_IBSS_DEBUG
1365 static unsigned long last_tsf_debug = 0;
1366 u64 tsf;
1367 if (local->ops->get_tsf)
1368 tsf = local->ops->get_tsf(local->mdev);
1369 else
1370 tsf = -1LLU;
1371 if (time_after(jiffies, last_tsf_debug + 5 * HZ)) {
1372 printk(KERN_DEBUG "RX beacon SA=" MAC_FMT " BSSID="
1373 MAC_FMT " TSF=0x%llx BCN=0x%llx diff=%lld "
1374 "@%ld\n",
1375 MAC_ARG(mgmt->sa), MAC_ARG(mgmt->bssid),
1376 tsf, timestamp, tsf - timestamp, jiffies);
1377 last_tsf_debug = jiffies;
1378 }
1379 #endif /* CONFIG_D80211_IBSS_DEBUG */
1380 }
1381
1382 if (ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen,
1383 &elems) == ParseFailed)
1384 invalid = 1;
1385
1386 if (sdata->type == IEEE80211_IF_TYPE_IBSS && elems.supp_rates &&
1387 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0 &&
1388 (sta = sta_info_get(local, mgmt->sa))) {
1389 struct ieee80211_rate *rates;
1390 size_t num_rates;
1391 u32 supp_rates, prev_rates;
1392 int i, j, oper_mode;
1393
1394 rates = local->curr_rates;
1395 num_rates = local->num_curr_rates;
1396 oper_mode = local->sta_scanning ? local->scan_oper_phymode :
1397 local->hw.conf.phymode;
1398 for (i = 0; i < local->hw.num_modes; i++) {
1399 struct ieee80211_hw_modes *mode = &local->hw.modes[i];
1400 if (oper_mode == mode->mode) {
1401 rates = mode->rates;
1402 num_rates = mode->num_rates;
1403 break;
1404 }
1405 }
1406
1407 supp_rates = 0;
1408 for (i = 0; i < elems.supp_rates_len +
1409 elems.ext_supp_rates_len; i++) {
1410 u8 rate = 0;
1411 int own_rate;
1412 if (i < elems.supp_rates_len)
1413 rate = elems.supp_rates[i];
1414 else if (elems.ext_supp_rates)
1415 rate = elems.ext_supp_rates
1416 [i - elems.supp_rates_len];
1417 own_rate = 5 * (rate & 0x7f);
1418 if (oper_mode == MODE_ATHEROS_TURBO)
1419 own_rate *= 2;
1420 for (j = 0; j < num_rates; j++)
1421 if (rates[j].rate == own_rate)
1422 supp_rates |= BIT(j);
1423 }
1424
1425 prev_rates = sta->supp_rates;
1426 sta->supp_rates &= supp_rates;
1427 if (sta->supp_rates == 0) {
1428 /* No matching rates - this should not really happen.
1429 * Make sure that at least one rate is marked
1430 * supported to avoid issues with TX rate ctrl. */
1431 sta->supp_rates = sdata->u.sta.supp_rates_bits;
1432 }
1433 if (sta->supp_rates != prev_rates) {
1434 printk(KERN_DEBUG "%s: updated supp_rates set for "
1435 MAC_FMT " based on beacon info (0x%x & 0x%x -> "
1436 "0x%x)\n",
1437 dev->name, MAC_ARG(sta->addr), prev_rates,
1438 supp_rates, sta->supp_rates);
1439 }
1440 sta_info_put(sta);
1441 }
1442
1443 if (!elems.ssid)
1444 return;
1445
1446 if (elems.ds_params && elems.ds_params_len == 1)
1447 channel = elems.ds_params[0];
1448 else
1449 channel = rx_status->channel;
1450
1451 bss = ieee80211_rx_bss_get(dev, mgmt->bssid);
1452 if (!bss) {
1453 bss = ieee80211_rx_bss_add(dev, mgmt->bssid);
1454 if (!bss)
1455 return;
1456 } else {
1457 #if 0
1458 /* TODO: order by RSSI? */
1459 spin_lock_bh(&local->sta_bss_lock);
1460 list_move_tail(&bss->list, &local->sta_bss_list);
1461 spin_unlock_bh(&local->sta_bss_lock);
1462 #endif
1463 }
1464
1465 if (bss->probe_resp && beacon) {
1466 /* Do not allow beacon to override data from Probe Response. */
1467 ieee80211_rx_bss_put(dev, bss);
1468 return;
1469 }
1470
1471 bss->beacon_int = le16_to_cpu(mgmt->u.beacon.beacon_int);
1472 bss->capability = le16_to_cpu(mgmt->u.beacon.capab_info);
1473 if (elems.ssid && elems.ssid_len <= IEEE80211_MAX_SSID_LEN) {
1474 memcpy(bss->ssid, elems.ssid, elems.ssid_len);
1475 bss->ssid_len = elems.ssid_len;
1476 }
1477
1478 bss->supp_rates_len = 0;
1479 if (elems.supp_rates) {
1480 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len;
1481 if (clen > elems.supp_rates_len)
1482 clen = elems.supp_rates_len;
1483 memcpy(&bss->supp_rates[bss->supp_rates_len], elems.supp_rates,
1484 clen);
1485 bss->supp_rates_len += clen;
1486 }
1487 if (elems.ext_supp_rates) {
1488 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len;
1489 if (clen > elems.ext_supp_rates_len)
1490 clen = elems.ext_supp_rates_len;
1491 memcpy(&bss->supp_rates[bss->supp_rates_len],
1492 elems.ext_supp_rates, clen);
1493 bss->supp_rates_len += clen;
1494 }
1495
1496 if (elems.wpa &&
1497 (!bss->wpa_ie || bss->wpa_ie_len != elems.wpa_len ||
1498 memcmp(bss->wpa_ie, elems.wpa, elems.wpa_len))) {
1499 kfree(bss->wpa_ie);
1500 bss->wpa_ie = kmalloc(elems.wpa_len + 2, GFP_ATOMIC);
1501 if (bss->wpa_ie) {
1502 memcpy(bss->wpa_ie, elems.wpa - 2, elems.wpa_len + 2);
1503 bss->wpa_ie_len = elems.wpa_len + 2;
1504 } else
1505 bss->wpa_ie_len = 0;
1506 } else if (!elems.wpa && bss->wpa_ie) {
1507 kfree(bss->wpa_ie);
1508 bss->wpa_ie = NULL;
1509 bss->wpa_ie_len = 0;
1510 }
1511
1512 if (elems.rsn &&
1513 (!bss->rsn_ie || bss->rsn_ie_len != elems.rsn_len ||
1514 memcmp(bss->rsn_ie, elems.rsn, elems.rsn_len))) {
1515 kfree(bss->rsn_ie);
1516 bss->rsn_ie = kmalloc(elems.rsn_len + 2, GFP_ATOMIC);
1517 if (bss->rsn_ie) {
1518 memcpy(bss->rsn_ie, elems.rsn - 2, elems.rsn_len + 2);
1519 bss->rsn_ie_len = elems.rsn_len + 2;
1520 } else
1521 bss->rsn_ie_len = 0;
1522 } else if (!elems.rsn && bss->rsn_ie) {
1523 kfree(bss->rsn_ie);
1524 bss->rsn_ie = NULL;
1525 bss->rsn_ie_len = 0;
1526 }
1527
1528 if (elems.wmm_param &&
1529 (!bss->wmm_ie || bss->wmm_ie_len != elems.wmm_param_len ||
1530 memcmp(bss->wmm_ie, elems.wmm_param, elems.wmm_param_len))) {
1531 kfree(bss->wmm_ie);
1532 bss->wmm_ie = kmalloc(elems.wmm_param_len + 2, GFP_ATOMIC);
1533 if (bss->wmm_ie) {
1534 memcpy(bss->wmm_ie, elems.wmm_param - 2,
1535 elems.wmm_param_len + 2);
1536 bss->wmm_ie_len = elems.wmm_param_len + 2;
1537 } else
1538 bss->wmm_ie_len = 0;
1539 } else if (!elems.wmm_param && bss->wmm_ie) {
1540 kfree(bss->wmm_ie);
1541 bss->wmm_ie = NULL;
1542 bss->wmm_ie_len = 0;
1543 }
1544
1545
1546 bss->hw_mode = rx_status->phymode;
1547 bss->channel = channel;
1548 bss->freq = rx_status->freq;
1549 if (channel != rx_status->channel &&
1550 (bss->hw_mode == MODE_IEEE80211G ||
1551 bss->hw_mode == MODE_IEEE80211B) &&
1552 channel >= 1 && channel <= 14) {
1553 static const int freq_list[] = {
1554 2412, 2417, 2422, 2427, 2432, 2437, 2442,
1555 2447, 2452, 2457, 2462, 2467, 2472, 2484
1556 };
1557 /* IEEE 802.11g/b mode can receive packets from neighboring
1558 * channels, so map the channel into frequency. */
1559 bss->freq = freq_list[channel - 1];
1560 }
1561 bss->timestamp = timestamp;
1562 bss->last_update = jiffies;
1563 bss->rssi = rx_status->ssi;
1564 if (!beacon)
1565 bss->probe_resp++;
1566 ieee80211_rx_bss_put(dev, bss);
1567 }
1568
1569
1570 static void ieee80211_rx_mgmt_probe_resp(struct net_device *dev,
1571 struct ieee80211_mgmt *mgmt,
1572 size_t len,
1573 struct ieee80211_rx_status *rx_status)
1574 {
1575 ieee80211_rx_bss_info(dev, mgmt, len, rx_status, 0);
1576 }
1577
1578
1579 static void ieee80211_rx_mgmt_beacon(struct net_device *dev,
1580 struct ieee80211_mgmt *mgmt,
1581 size_t len,
1582 struct ieee80211_rx_status *rx_status)
1583 {
1584 struct ieee80211_local *local = dev->ieee80211_ptr;
1585 struct ieee80211_sub_if_data *sdata;
1586 struct ieee80211_if_sta *ifsta;
1587 int use_protection;
1588 size_t baselen;
1589 struct ieee802_11_elems elems;
1590
1591 ieee80211_rx_bss_info(dev, mgmt, len, rx_status, 1);
1592
1593 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1594 if (sdata->type != IEEE80211_IF_TYPE_STA)
1595 return;
1596 ifsta = &sdata->u.sta;
1597
1598 if (!ifsta->associated ||
1599 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0)
1600 return;
1601
1602 /* Process beacon from the current BSS */
1603 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
1604 if (baselen > len)
1605 return;
1606
1607 if (ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen,
1608 &elems) == ParseFailed)
1609 return;
1610
1611 use_protection = 0;
1612 if (elems.erp_info && elems.erp_info_len >= 1) {
1613 use_protection =
1614 (elems.erp_info[0] & ERP_INFO_USE_PROTECTION) != 0;
1615 }
1616
1617 if (use_protection != !!ifsta->use_protection) {
1618 if (net_ratelimit()) {
1619 printk(KERN_DEBUG "%s: CTS protection %s (BSSID="
1620 MAC_FMT ")\n",
1621 dev->name,
1622 use_protection ? "enabled" : "disabled",
1623 MAC_ARG(ifsta->bssid));
1624 }
1625 ifsta->use_protection = use_protection ? 1 : 0;
1626 local->cts_protect_erp_frames = use_protection;
1627 }
1628
1629 if (elems.wmm_param && ifsta->wmm_enabled) {
1630 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param,
1631 elems.wmm_param_len);
1632 }
1633 }
1634
1635
1636 static void ieee80211_rx_mgmt_probe_req(struct net_device *dev,
1637 struct ieee80211_if_sta *ifsta,
1638 struct ieee80211_mgmt *mgmt,
1639 size_t len,
1640 struct ieee80211_rx_status *rx_status)
1641 {
1642 struct ieee80211_local *local = dev->ieee80211_ptr;
1643 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1644 int tx_last_beacon;
1645 struct sk_buff *skb;
1646 struct ieee80211_mgmt *resp;
1647 u8 *pos, *end;
1648
1649 if (sdata->type != IEEE80211_IF_TYPE_IBSS ||
1650 ifsta->state != IEEE80211_IBSS_JOINED ||
1651 len < 24 + 2 || !ifsta->probe_resp)
1652 return;
1653
1654 if (local->ops->tx_last_beacon)
1655 tx_last_beacon = local->ops->tx_last_beacon(local_to_hw(local));
1656 else
1657 tx_last_beacon = 1;
1658
1659 #ifdef CONFIG_D80211_IBSS_DEBUG
1660 printk(KERN_DEBUG "%s: RX ProbeReq SA=" MAC_FMT " DA=" MAC_FMT " BSSID="
1661 MAC_FMT " (tx_last_beacon=%d)\n",
1662 dev->name, MAC_ARG(mgmt->sa), MAC_ARG(mgmt->da),
1663 MAC_ARG(mgmt->bssid), tx_last_beacon);
1664 #endif /* CONFIG_D80211_IBSS_DEBUG */
1665
1666 if (!tx_last_beacon)
1667 return;
1668
1669 if (memcmp(mgmt->bssid, ifsta->bssid, ETH_ALEN) != 0 &&
1670 memcmp(mgmt->bssid, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0)
1671 return;
1672
1673 end = ((u8 *) mgmt) + len;
1674 pos = mgmt->u.probe_req.variable;
1675 if (pos[0] != WLAN_EID_SSID ||
1676 pos + 2 + pos[1] > end) {
1677 if (net_ratelimit()) {
1678 printk(KERN_DEBUG "%s: Invalid SSID IE in ProbeReq "
1679 "from " MAC_FMT "\n",
1680 dev->name, MAC_ARG(mgmt->sa));
1681 }
1682 return;
1683 }
1684 if (pos[1] != 0 &&
1685 (pos[1] != ifsta->ssid_len ||
1686 memcmp(pos + 2, ifsta->ssid, ifsta->ssid_len) != 0)) {
1687 /* Ignore ProbeReq for foreign SSID */
1688 return;
1689 }
1690
1691 /* Reply with ProbeResp */
1692 skb = skb_copy(ifsta->probe_resp, GFP_ATOMIC);
1693 if (!skb)
1694 return;
1695
1696 resp = (struct ieee80211_mgmt *) skb->data;
1697 memcpy(resp->da, mgmt->sa, ETH_ALEN);
1698 #ifdef CONFIG_D80211_IBSS_DEBUG
1699 printk(KERN_DEBUG "%s: Sending ProbeResp to " MAC_FMT "\n",
1700 dev->name, MAC_ARG(resp->da));
1701 #endif /* CONFIG_D80211_IBSS_DEBUG */
1702 ieee80211_sta_tx(dev, skb, 0, 1);
1703 }
1704
1705
1706 void ieee80211_sta_rx_mgmt(struct net_device *dev, struct sk_buff *skb,
1707 struct ieee80211_rx_status *rx_status)
1708 {
1709 struct ieee80211_sub_if_data *sdata;
1710 struct ieee80211_if_sta *ifsta;
1711 struct ieee80211_mgmt *mgmt;
1712 u16 fc;
1713
1714 if (skb->len < 24)
1715 goto fail;
1716
1717 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1718 ifsta = &sdata->u.sta;
1719
1720 mgmt = (struct ieee80211_mgmt *) skb->data;
1721 fc = le16_to_cpu(mgmt->frame_control);
1722
1723 switch (fc & IEEE80211_FCTL_STYPE) {
1724 case IEEE80211_STYPE_PROBE_REQ:
1725 ieee80211_rx_mgmt_probe_req(dev, ifsta, mgmt, skb->len,
1726 rx_status);
1727 break;
1728 case IEEE80211_STYPE_PROBE_RESP:
1729 ieee80211_rx_mgmt_probe_resp(dev, mgmt, skb->len, rx_status);
1730 break;
1731 case IEEE80211_STYPE_BEACON:
1732 ieee80211_rx_mgmt_beacon(dev, mgmt, skb->len, rx_status);
1733 break;
1734 case IEEE80211_STYPE_AUTH:
1735 ieee80211_rx_mgmt_auth(dev, ifsta, mgmt, skb->len, rx_status);
1736 break;
1737 case IEEE80211_STYPE_ASSOC_RESP:
1738 ieee80211_rx_mgmt_assoc_resp(dev, ifsta, mgmt, skb->len,
1739 rx_status, 0);
1740 break;
1741 case IEEE80211_STYPE_REASSOC_RESP:
1742 ieee80211_rx_mgmt_assoc_resp(dev, ifsta, mgmt, skb->len,
1743 rx_status, 1);
1744 break;
1745 case IEEE80211_STYPE_DEAUTH:
1746 ieee80211_rx_mgmt_deauth(dev, ifsta, mgmt, skb->len,
1747 rx_status);
1748 break;
1749 case IEEE80211_STYPE_DISASSOC:
1750 ieee80211_rx_mgmt_disassoc(dev, ifsta, mgmt, skb->len,
1751 rx_status);
1752 break;
1753 default:
1754 printk(KERN_DEBUG "%s: received unknown management frame - "
1755 "stype=%d\n", dev->name,
1756 (fc & IEEE80211_FCTL_STYPE) >> 4);
1757 break;
1758 }
1759
1760 fail:
1761 dev_kfree_skb(skb);
1762 }
1763
1764
1765 void ieee80211_sta_rx_scan(struct net_device *dev, struct sk_buff *skb,
1766 struct ieee80211_rx_status *rx_status)
1767 {
1768 struct ieee80211_mgmt *mgmt;
1769 u16 fc;
1770
1771 if (skb->len < 24) {
1772 dev_kfree_skb(skb);
1773 return;
1774 }
1775
1776 mgmt = (struct ieee80211_mgmt *) skb->data;
1777 fc = le16_to_cpu(mgmt->frame_control);
1778
1779 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT) {
1780 if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PROBE_RESP) {
1781 ieee80211_rx_mgmt_probe_resp(dev, mgmt,
1782 skb->len, rx_status);
1783 } else if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_BEACON) {
1784 ieee80211_rx_mgmt_beacon(dev, mgmt, skb->len,
1785 rx_status);
1786 }
1787 }
1788
1789 dev_kfree_skb(skb);
1790 }
1791
1792
1793 static int ieee80211_sta_active_ibss(struct net_device *dev)
1794 {
1795 struct ieee80211_local *local = dev->ieee80211_ptr;
1796 int active = 0;
1797 struct sta_info *sta;
1798
1799 spin_lock_bh(&local->sta_lock);
1800 list_for_each_entry(sta, &local->sta_list, list) {
1801 if (sta->dev == dev &&
1802 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL,
1803 jiffies)) {
1804 active++;
1805 break;
1806 }
1807 }
1808 spin_unlock_bh(&local->sta_lock);
1809
1810 return active;
1811 }
1812
1813
1814 static void ieee80211_sta_expire(struct net_device *dev)
1815 {
1816 struct ieee80211_local *local = dev->ieee80211_ptr;
1817 struct sta_info *sta, *tmp;
1818
1819 spin_lock_bh(&local->sta_lock);
1820 list_for_each_entry_safe(sta, tmp, &local->sta_list, list)
1821 if (time_after(jiffies, sta->last_rx +
1822 IEEE80211_IBSS_INACTIVITY_LIMIT)) {
1823 printk(KERN_DEBUG "%s: expiring inactive STA " MAC_FMT
1824 "\n", dev->name, MAC_ARG(sta->addr));
1825 sta_info_free(sta, 1);
1826 }
1827 spin_unlock_bh(&local->sta_lock);
1828 }
1829
1830
1831 static void ieee80211_sta_merge_ibss(struct net_device *dev,
1832 struct ieee80211_if_sta *ifsta)
1833 {
1834 schedule_delayed_work(&ifsta->work, IEEE80211_IBSS_MERGE_INTERVAL);
1835
1836 ieee80211_sta_expire(dev);
1837 if (ieee80211_sta_active_ibss(dev))
1838 return;
1839
1840 printk(KERN_DEBUG "%s: No active IBSS STAs - trying to scan for other "
1841 "IBSS networks with same SSID (merge)\n", dev->name);
1842 ieee80211_sta_req_scan(dev, ifsta->ssid, ifsta->ssid_len);
1843 }
1844
1845
1846 void ieee80211_sta_work(void *ptr)
1847 {
1848 struct net_device *dev = ptr;
1849 struct ieee80211_sub_if_data *sdata;
1850 struct ieee80211_if_sta *ifsta;
1851
1852 if (!netif_running(dev))
1853 return;
1854
1855 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1856 if (sdata->type != IEEE80211_IF_TYPE_STA &&
1857 sdata->type != IEEE80211_IF_TYPE_IBSS) {
1858 printk(KERN_DEBUG "%s: ieee80211_sta_work: non-STA interface "
1859 "(type=%d)\n", dev->name, sdata->type);
1860 return;
1861 }
1862 ifsta = &sdata->u.sta;
1863
1864 switch (ifsta->state) {
1865 case IEEE80211_DISABLED:
1866 break;
1867 case IEEE80211_AUTHENTICATE:
1868 ieee80211_authenticate(dev, ifsta);
1869 break;
1870 case IEEE80211_ASSOCIATE:
1871 ieee80211_associate(dev, ifsta);
1872 break;
1873 case IEEE80211_ASSOCIATED:
1874 ieee80211_associated(dev, ifsta);
1875 break;
1876 case IEEE80211_IBSS_SEARCH:
1877 ieee80211_sta_find_ibss(dev, ifsta);
1878 break;
1879 case IEEE80211_IBSS_JOINED:
1880 ieee80211_sta_merge_ibss(dev, ifsta);
1881 break;
1882 default:
1883 printk(KERN_DEBUG "ieee80211_sta_work: Unknown state %d\n",
1884 ifsta->state);
1885 break;
1886 }
1887
1888 if (ieee80211_privacy_mismatch(dev, ifsta)) {
1889 printk(KERN_DEBUG "%s: privacy configuration mismatch and "
1890 "mixed-cell disabled - disassociate\n", dev->name);
1891
1892 ieee80211_send_disassoc(dev, ifsta, WLAN_REASON_UNSPECIFIED);
1893 ieee80211_set_disassoc(dev, ifsta, 0);
1894 }
1895 }
1896
1897
1898 static void ieee80211_sta_new_auth(struct net_device *dev,
1899 struct ieee80211_if_sta *ifsta)
1900 {
1901 struct ieee80211_local *local = dev->ieee80211_ptr;
1902 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1903
1904 if (sdata->type != IEEE80211_IF_TYPE_STA)
1905 return;
1906
1907 if (local->ops->reset_tsf) {
1908 /* Reset own TSF to allow time synchronization work. */
1909 local->ops->reset_tsf(local_to_hw(local));
1910 }
1911
1912 ifsta->wmm_last_param_set = -1; /* allow any WMM update */
1913
1914
1915 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN)
1916 ifsta->auth_alg = WLAN_AUTH_OPEN;
1917 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
1918 ifsta->auth_alg = WLAN_AUTH_SHARED_KEY;
1919 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP)
1920 ifsta->auth_alg = WLAN_AUTH_LEAP;
1921 else
1922 ifsta->auth_alg = WLAN_AUTH_OPEN;
1923 printk(KERN_DEBUG "%s: Initial auth_alg=%d\n", dev->name,
1924 ifsta->auth_alg);
1925 ifsta->auth_transaction = -1;
1926 ifsta->auth_tries = ifsta->assoc_tries = 0;
1927 ieee80211_authenticate(dev, ifsta);
1928 }
1929
1930
1931 static int ieee80211_ibss_allowed(struct ieee80211_local *local)
1932 {
1933 int m, c;
1934
1935 for (m = 0; m < local->hw.num_modes; m++) {
1936 struct ieee80211_hw_modes *mode = &local->hw.modes[m];
1937 if (mode->mode != local->hw.conf.phymode)
1938 continue;
1939 for (c = 0; c < mode->num_channels; c++) {
1940 struct ieee80211_channel *chan = &mode->channels[c];
1941 if (chan->flag & IEEE80211_CHAN_W_SCAN &&
1942 chan->chan == local->hw.conf.channel) {
1943 if (chan->flag & IEEE80211_CHAN_W_IBSS)
1944 return 1;
1945 break;
1946 }
1947 }
1948 }
1949
1950 return 0;
1951 }
1952
1953
1954 extern int ieee80211_ioctl_siwfreq(struct net_device *dev,
1955 struct iw_request_info *info,
1956 struct iw_freq *freq, char *extra);
1957
1958 static int ieee80211_sta_join_ibss(struct net_device *dev,
1959 struct ieee80211_if_sta *ifsta,
1960 struct ieee80211_sta_bss *bss)
1961 {
1962 struct ieee80211_local *local = dev->ieee80211_ptr;
1963 struct iw_freq rq;
1964 int res, rates, i, j;
1965 struct sk_buff *skb;
1966 struct ieee80211_mgmt *mgmt;
1967 struct ieee80211_tx_control control;
1968 struct ieee80211_rate *rate;
1969 struct rate_control_extra extra;
1970 u8 *pos;
1971 struct ieee80211_sub_if_data *sdata;
1972
1973 /* Remove possible STA entries from other IBSS networks. */
1974 sta_info_flush(local, NULL);
1975
1976 if (local->ops->reset_tsf) {
1977 /* Reset own TSF to allow time synchronization work. */
1978 local->ops->reset_tsf(local_to_hw(local));
1979 }
1980 memcpy(ifsta->bssid, bss->bssid, ETH_ALEN);
1981 res = ieee80211_if_config(dev);
1982 if (res)
1983 return res;
1984
1985 local->hw.conf.beacon_int = bss->beacon_int >= 10 ? bss->beacon_int : 10;
1986
1987 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1988 sdata->drop_unencrypted = bss->capability &
1989 WLAN_CAPABILITY_PRIVACY ? 1 : 0;
1990
1991 memset(&rq, 0, sizeof(rq));
1992 rq.m = bss->freq * 100000;
1993 rq.e = 1;
1994 res = ieee80211_ioctl_siwfreq(dev, NULL, &rq, NULL);
1995
1996 if (!ieee80211_ibss_allowed(local)) {
1997 printk(KERN_DEBUG "%s: IBSS not allowed on channel %d "
1998 "(%d MHz)\n", dev->name, local->hw.conf.channel,
1999 local->hw.conf.freq);
2000 return -1;
2001 }
2002
2003 /* Set beacon template based on scan results */
2004 skb = dev_alloc_skb(400);
2005 do {
2006 if (!skb)
2007 break;
2008
2009 mgmt = (struct ieee80211_mgmt *)
2010 skb_put(skb, 24 + sizeof(mgmt->u.beacon));
2011 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon));
2012 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
2013 IEEE80211_STYPE_BEACON);
2014 memset(mgmt->da, 0xff, ETH_ALEN);
2015 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
2016 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
2017 mgmt->u.beacon.beacon_int =
2018 cpu_to_le16(local->hw.conf.beacon_int);
2019 mgmt->u.beacon.capab_info = cpu_to_le16(bss->capability);
2020
2021 pos = skb_put(skb, 2 + ifsta->ssid_len);
2022 *pos++ = WLAN_EID_SSID;
2023 *pos++ = ifsta->ssid_len;
2024 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
2025
2026 rates = bss->supp_rates_len;
2027 if (rates > 8)
2028 rates = 8;
2029 pos = skb_put(skb, 2 + rates);
2030 *pos++ = WLAN_EID_SUPP_RATES;
2031 *pos++ = rates;
2032 memcpy(pos, bss->supp_rates, rates);
2033
2034 pos = skb_put(skb, 2 + 1);
2035 *pos++ = WLAN_EID_DS_PARAMS;
2036 *pos++ = 1;
2037 *pos++ = bss->channel;
2038
2039 pos = skb_put(skb, 2 + 2);
2040 *pos++ = WLAN_EID_IBSS_PARAMS;
2041 *pos++ = 2;
2042 /* FIX: set ATIM window based on scan results */
2043 *pos++ = 0;
2044 *pos++ = 0;
2045
2046 if (bss->supp_rates_len > 8) {
2047 rates = bss->supp_rates_len - 8;
2048 pos = skb_put(skb, 2 + rates);
2049 *pos++ = WLAN_EID_EXT_SUPP_RATES;
2050 *pos++ = rates;
2051 memcpy(pos, &bss->supp_rates[8], rates);
2052 }
2053
2054 memset(&control, 0, sizeof(control));
2055 control.pkt_type = PKT_PROBE_RESP;
2056 memset(&extra, 0, sizeof(extra));
2057 extra.endidx = local->num_curr_rates;
2058 rate = rate_control_get_rate(local, dev, skb, &extra);
2059 if (!rate) {
2060 printk(KERN_DEBUG "%s: Failed to determine TX rate "
2061 "for IBSS beacon\n", dev->name);
2062 break;
2063 }
2064 control.tx_rate = (local->short_preamble &&
2065 (rate->flags & IEEE80211_RATE_PREAMBLE2)) ?
2066 rate->val2 : rate->val;
2067 control.antenna_sel = local->hw.conf.antenna_sel;
2068 control.power_level = local->hw.conf.power_level;
2069 control.flags |= IEEE80211_TXCTL_NO_ACK;
2070 control.retry_limit = 1;
2071 control.rts_cts_duration = 0;
2072
2073 ifsta->probe_resp = skb_copy(skb, GFP_ATOMIC);
2074 if (ifsta->probe_resp) {
2075 mgmt = (struct ieee80211_mgmt *)
2076 ifsta->probe_resp->data;
2077 mgmt->frame_control =
2078 IEEE80211_FC(IEEE80211_FTYPE_MGMT,
2079 IEEE80211_STYPE_PROBE_RESP);
2080 } else {
2081 printk(KERN_DEBUG "%s: Could not allocate ProbeResp "
2082 "template for IBSS\n", dev->name);
2083 }
2084
2085 if (local->ops->beacon_update &&
2086 local->ops->beacon_update(local_to_hw(local),
2087 skb, &control) == 0) {
2088 printk(KERN_DEBUG "%s: Configured IBSS beacon "
2089 "template based on scan results\n", dev->name);
2090 skb = NULL;
2091 }
2092
2093 rates = 0;
2094 for (i = 0; i < bss->supp_rates_len; i++) {
2095 int rate = (bss->supp_rates[i] & 0x7f) * 5;
2096 if (local->hw.conf.phymode == MODE_ATHEROS_TURBO)
2097 rate *= 2;
2098 for (j = 0; j < local->num_curr_rates; j++)
2099 if (local->curr_rates[j].rate == rate)
2100 rates |= BIT(j);
2101 }
2102 ifsta->supp_rates_bits = rates;
2103 } while (0);
2104
2105 if (skb) {
2106 printk(KERN_DEBUG "%s: Failed to configure IBSS beacon "
2107 "template\n", dev->name);
2108 dev_kfree_skb(skb);
2109 }
2110
2111 ifsta->state = IEEE80211_IBSS_JOINED;
2112 schedule_delayed_work(&ifsta->work, IEEE80211_IBSS_MERGE_INTERVAL);
2113
2114 ieee80211_rx_bss_put(dev, bss);
2115
2116 return res;
2117 }
2118
2119
2120 static int ieee80211_sta_create_ibss(struct net_device *dev,
2121 struct ieee80211_if_sta *ifsta)
2122 {
2123 struct ieee80211_local *local = dev->ieee80211_ptr;
2124 struct ieee80211_sta_bss *bss;
2125 struct ieee80211_sub_if_data *sdata;
2126 u8 bssid[ETH_ALEN], *pos;
2127 int i;
2128
2129 #if 0
2130 /* Easier testing, use fixed BSSID. */
2131 memset(bssid, 0xfe, ETH_ALEN);
2132 #else
2133 /* Generate random, not broadcast, locally administered BSSID. Mix in
2134 * own MAC address to make sure that devices that do not have proper
2135 * random number generator get different BSSID. */
2136 get_random_bytes(bssid, ETH_ALEN);
2137 for (i = 0; i < ETH_ALEN; i++)
2138 bssid[i] ^= dev->dev_addr[i];
2139 bssid[0] &= ~0x01;
2140 bssid[0] |= 0x02;
2141 #endif
2142
2143 printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID " MAC_FMT "\n",
2144 dev->name, MAC_ARG(bssid));
2145
2146 bss = ieee80211_rx_bss_add(dev, bssid);
2147 if (!bss)
2148 return -ENOMEM;
2149
2150 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2151
2152 if (local->hw.conf.beacon_int == 0)
2153 local->hw.conf.beacon_int = 100;
2154 bss->beacon_int = local->hw.conf.beacon_int;
2155 bss->hw_mode = local->hw.conf.phymode;
2156 bss->channel = local->hw.conf.channel;
2157 bss->freq = local->hw.conf.freq;
2158 bss->last_update = jiffies;
2159 bss->capability = WLAN_CAPABILITY_IBSS;
2160 if (sdata->default_key) {
2161 bss->capability |= WLAN_CAPABILITY_PRIVACY;
2162 } else
2163 sdata->drop_unencrypted = 0;
2164 bss->supp_rates_len = local->num_curr_rates;
2165 pos = bss->supp_rates;
2166 for (i = 0; i < local->num_curr_rates; i++) {
2167 int rate = local->curr_rates[i].rate;
2168 if (local->hw.conf.phymode == MODE_ATHEROS_TURBO)
2169 rate /= 2;
2170 *pos++ = (u8) (rate / 5);
2171 }
2172
2173 return ieee80211_sta_join_ibss(dev, ifsta, bss);
2174 }
2175
2176
2177 static int ieee80211_sta_find_ibss(struct net_device *dev,
2178 struct ieee80211_if_sta *ifsta)
2179 {
2180 struct ieee80211_local *local = dev->ieee80211_ptr;
2181 struct ieee80211_sta_bss *bss;
2182 int found = 0;
2183 u8 bssid[ETH_ALEN];
2184 int active_ibss;
2185
2186 if (ifsta->ssid_len == 0)
2187 return -EINVAL;
2188
2189 active_ibss = ieee80211_sta_active_ibss(dev);
2190 #ifdef CONFIG_D80211_IBSS_DEBUG
2191 printk(KERN_DEBUG "%s: sta_find_ibss (active_ibss=%d)\n",
2192 dev->name, active_ibss);
2193 #endif /* CONFIG_D80211_IBSS_DEBUG */
2194 spin_lock_bh(&local->sta_bss_lock);
2195 list_for_each_entry(bss, &local->sta_bss_list, list) {
2196 if (ifsta->ssid_len != bss->ssid_len ||
2197 memcmp(ifsta->ssid, bss->ssid, bss->ssid_len) != 0
2198 || !(bss->capability & WLAN_CAPABILITY_IBSS))
2199 continue;
2200 #ifdef CONFIG_D80211_IBSS_DEBUG
2201 printk(KERN_DEBUG " bssid=" MAC_FMT " found\n",
2202 MAC_ARG(bss->bssid));
2203 #endif /* CONFIG_D80211_IBSS_DEBUG */
2204 memcpy(bssid, bss->bssid, ETH_ALEN);
2205 found = 1;
2206 if (active_ibss || memcmp(bssid, ifsta->bssid, ETH_ALEN) != 0)
2207 break;
2208 }
2209 spin_unlock_bh(&local->sta_bss_lock);
2210
2211 #ifdef CONFIG_D80211_IBSS_DEBUG
2212 printk(KERN_DEBUG " sta_find_ibss: selected " MAC_FMT " current "
2213 MAC_FMT "\n", MAC_ARG(bssid), MAC_ARG(ifsta->bssid));
2214 #endif /* CONFIG_D80211_IBSS_DEBUG */
2215 if (found && memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0 &&
2216 (bss = ieee80211_rx_bss_get(dev, bssid))) {
2217 printk(KERN_DEBUG "%s: Selected IBSS BSSID " MAC_FMT
2218 " based on configured SSID\n",
2219 dev->name, MAC_ARG(bssid));
2220 return ieee80211_sta_join_ibss(dev, ifsta, bss);
2221 }
2222 #ifdef CONFIG_D80211_IBSS_DEBUG
2223 printk(KERN_DEBUG " did not try to join ibss\n");
2224 #endif /* CONFIG_D80211_IBSS_DEBUG */
2225
2226 /* Selected IBSS not found in current scan results - try to scan */
2227 if (ifsta->state == IEEE80211_IBSS_JOINED &&
2228 !ieee80211_sta_active_ibss(dev)) {
2229 schedule_delayed_work(&ifsta->work,
2230 IEEE80211_IBSS_MERGE_INTERVAL);
2231 } else if (time_after(jiffies, local->last_scan_completed +
2232 IEEE80211_SCAN_INTERVAL)) {
2233 printk(KERN_DEBUG "%s: Trigger new scan to find an IBSS to "
2234 "join\n", dev->name);
2235 return ieee80211_sta_req_scan(dev, ifsta->ssid,
2236 ifsta->ssid_len);
2237 } else if (ifsta->state != IEEE80211_IBSS_JOINED) {
2238 int interval = IEEE80211_SCAN_INTERVAL;
2239
2240 if (time_after(jiffies, ifsta->ibss_join_req +
2241 IEEE80211_IBSS_JOIN_TIMEOUT)) {
2242 if (ifsta->create_ibss &&
2243 ieee80211_ibss_allowed(local))
2244 return ieee80211_sta_create_ibss(dev, ifsta);
2245 if (ifsta->create_ibss) {
2246 printk(KERN_DEBUG "%s: IBSS not allowed on the"
2247 " configured channel %d (%d MHz)\n",
2248 dev->name, local->hw.conf.channel,
2249 local->hw.conf.freq);
2250 }
2251
2252 /* No IBSS found - decrease scan interval and continue
2253 * scanning. */
2254 interval = IEEE80211_SCAN_INTERVAL_SLOW;
2255 }
2256
2257 ifsta->state = IEEE80211_IBSS_SEARCH;
2258 schedule_delayed_work(&ifsta->work, interval);
2259 return 0;
2260 }
2261
2262 return 0;
2263 }
2264
2265
2266 int ieee80211_sta_set_ssid(struct net_device *dev, char *ssid, size_t len)
2267 {
2268 struct ieee80211_sub_if_data *sdata;
2269 struct ieee80211_if_sta *ifsta;
2270 struct ieee80211_local *local = dev->ieee80211_ptr;
2271
2272 if (len > IEEE80211_MAX_SSID_LEN)
2273 return -EINVAL;
2274
2275 /* TODO: This should always be done for IBSS, even if IEEE80211_QOS is
2276 * not defined. */
2277 if (local->ops->conf_tx) {
2278 struct ieee80211_tx_queue_params qparam;
2279 int i;
2280
2281 memset(&qparam, 0, sizeof(qparam));
2282 /* TODO: are these ok defaults for all hw_modes? */
2283 qparam.aifs = 2;
2284 qparam.cw_min =
2285 local->hw.conf.phymode == MODE_IEEE80211B ? 31 : 15;
2286 qparam.cw_max = 1023;
2287 qparam.burst_time = 0;
2288 for (i = IEEE80211_TX_QUEUE_DATA0; i < NUM_TX_DATA_QUEUES; i++)
2289 {
2290 local->ops->conf_tx(local_to_hw(local),
2291 i + IEEE80211_TX_QUEUE_DATA0,
2292 &qparam);
2293 }
2294 /* IBSS uses different parameters for Beacon sending */
2295 qparam.cw_min++;
2296 qparam.cw_min *= 2;
2297 qparam.cw_min--;
2298 local->ops->conf_tx(local_to_hw(local),
2299 IEEE80211_TX_QUEUE_BEACON, &qparam);
2300 }
2301
2302 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2303 ifsta = &sdata->u.sta;
2304
2305 if (ifsta->ssid_len != len || memcmp(ifsta->ssid, ssid, len) != 0)
2306 ifsta->prev_bssid_set = 0;
2307 memcpy(ifsta->ssid, ssid, len);
2308 memset(ifsta->ssid + len, 0, IEEE80211_MAX_SSID_LEN - len);
2309 ifsta->ssid_len = len;
2310
2311 ifsta->ssid_set = 1;
2312 if (sdata->type == IEEE80211_IF_TYPE_IBSS && !ifsta->bssid_set) {
2313 ifsta->ibss_join_req = jiffies;
2314 ifsta->state = IEEE80211_IBSS_SEARCH;
2315 return ieee80211_sta_find_ibss(dev, ifsta);
2316 }
2317
2318 if (ifsta->bssid_set && ifsta->state != IEEE80211_AUTHENTICATE)
2319 ieee80211_sta_new_auth(dev, ifsta);
2320
2321 return 0;
2322 }
2323
2324
2325 int ieee80211_sta_get_ssid(struct net_device *dev, char *ssid, size_t *len)
2326 {
2327 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2328 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2329 memcpy(ssid, ifsta->ssid, ifsta->ssid_len);
2330 *len = ifsta->ssid_len;
2331 return 0;
2332 }
2333
2334
2335 int ieee80211_sta_set_bssid(struct net_device *dev, u8 *bssid)
2336 {
2337 struct ieee80211_sub_if_data *sdata;
2338 struct ieee80211_if_sta *ifsta;
2339 int res;
2340
2341 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2342 ifsta = &sdata->u.sta;
2343
2344 if (memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0) {
2345 memcpy(ifsta->bssid, bssid, ETH_ALEN);
2346 res = ieee80211_if_config(dev);
2347 if (res) {
2348 printk(KERN_DEBUG "%s: Failed to config new BSSID to "
2349 "the low-level driver\n", dev->name);
2350 return res;
2351 }
2352 }
2353
2354 if (memcmp(bssid, "\x00\x00\x00\x00\x00\x00", ETH_ALEN) == 0)
2355 ifsta->bssid_set = 0;
2356 else
2357 ifsta->bssid_set = 1;
2358 if (ifsta->ssid_set)
2359 ieee80211_sta_new_auth(dev, ifsta);
2360
2361 return 0;
2362 }
2363
2364
2365 static void ieee80211_sta_save_oper_chan(struct net_device *dev)
2366 {
2367 struct ieee80211_local *local = dev->ieee80211_ptr;
2368 local->scan_oper_channel = local->hw.conf.channel;
2369 local->scan_oper_channel_val = local->hw.conf.channel_val;
2370 local->scan_oper_power_level = local->hw.conf.power_level;
2371 local->scan_oper_freq = local->hw.conf.freq;
2372 local->scan_oper_phymode = local->hw.conf.phymode;
2373 local->scan_oper_antenna_max = local->hw.conf.antenna_max;
2374 }
2375
2376
2377 static int ieee80211_sta_restore_oper_chan(struct net_device *dev)
2378 {
2379 struct ieee80211_local *local = dev->ieee80211_ptr;
2380 local->hw.conf.channel = local->scan_oper_channel;
2381 local->hw.conf.channel_val = local->scan_oper_channel_val;
2382 local->hw.conf.power_level = local->scan_oper_power_level;
2383 local->hw.conf.freq = local->scan_oper_freq;
2384 local->hw.conf.phymode = local->scan_oper_phymode;
2385 local->hw.conf.antenna_max = local->scan_oper_antenna_max;
2386 return ieee80211_hw_config(local);
2387 }
2388
2389
2390 static int ieee80211_active_scan(struct ieee80211_local *local)
2391 {
2392 int m, c;
2393
2394 for (m = 0; m < local->hw.num_modes; m++) {
2395 struct ieee80211_hw_modes *mode = &local->hw.modes[m];
2396 if (mode->mode != local->hw.conf.phymode)
2397 continue;
2398 for (c = 0; c < mode->num_channels; c++) {
2399 struct ieee80211_channel *chan = &mode->channels[c];
2400 if (chan->flag & IEEE80211_CHAN_W_SCAN &&
2401 chan->chan == local->hw.conf.channel) {
2402 if (chan->flag & IEEE80211_CHAN_W_ACTIVE_SCAN)
2403 return 1;
2404 break;
2405 }
2406 }
2407 }
2408
2409 return 0;
2410 }
2411
2412
2413 void ieee80211_scan_completed(struct ieee80211_hw *hw)
2414 {
2415 struct ieee80211_local *local = hw_to_local(hw);
2416 struct net_device *dev = local->scan_work.data;
2417 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2418 union iwreq_data wrqu;
2419
2420 printk(KERN_DEBUG "%s: scan completed\n", dev->name);
2421 local->sta_scanning = 0;
2422 local->last_scan_completed = jiffies;
2423
2424 memset(&wrqu, 0, sizeof(wrqu));
2425 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL);
2426
2427 if (sdata->type == IEEE80211_IF_TYPE_IBSS) {
2428 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2429 if (!ifsta->bssid_set ||
2430 (!ifsta->state == IEEE80211_IBSS_JOINED &&
2431 !ieee80211_sta_active_ibss(dev)))
2432 ieee80211_sta_find_ibss(dev, ifsta);
2433 }
2434 }
2435 EXPORT_SYMBOL(ieee80211_scan_completed);
2436
2437 static void ieee80211_sta_scan_work(void *ptr)
2438 {
2439 struct net_device *dev = ptr;
2440 struct ieee80211_local *local = dev->ieee80211_ptr;
2441 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2442 struct ieee80211_hw_modes *mode;
2443 struct ieee80211_channel *chan;
2444 int skip;
2445 unsigned long next_delay = 0;
2446
2447 if (!local->sta_scanning)
2448 return;
2449
2450 switch (local->scan_state) {
2451 case SCAN_SET_CHANNEL:
2452 mode = &local->hw.modes[local->scan_hw_mode_idx];
2453 if (local->scan_hw_mode_idx >= local->hw.num_modes ||
2454 (local->scan_hw_mode_idx + 1 == local->hw.num_modes &&
2455 local->scan_channel_idx >= mode->num_channels)) {
2456 if (ieee80211_sta_restore_oper_chan(dev)) {
2457 printk(KERN_DEBUG "%s: failed to restore "
2458 "operational channel after scan\n",
2459 dev->name);
2460 }
2461
2462 ieee80211_scan_completed(local_to_hw(local));
2463 return;
2464 }
2465 skip = !(local->enabled_modes & (1 << mode->mode));
2466 chan = &mode->channels[local->scan_channel_idx];
2467 if (!(chan->flag & IEEE80211_CHAN_W_SCAN) ||
2468 (sdata->type == IEEE80211_IF_TYPE_IBSS &&
2469 !(chan->flag & IEEE80211_CHAN_W_IBSS)) ||
2470 (local->hw_modes & local->enabled_modes &
2471 (1 << MODE_IEEE80211G) && mode->mode == MODE_IEEE80211B))
2472 skip = 1;
2473
2474 if (!skip) {
2475 #if 0
2476 printk(KERN_DEBUG "%s: scan channel %d (%d MHz)\n",
2477 dev->name, chan->chan, chan->freq);
2478 #endif
2479
2480 local->hw.conf.channel = chan->chan;
2481 local->hw.conf.channel_val = chan->val;
2482 local->hw.conf.power_level = chan->power_level;
2483 local->hw.conf.freq = chan->freq;
2484 local->hw.conf.phymode = mode->mode;
2485 local->hw.conf.antenna_max = chan->antenna_max;
2486 if (ieee80211_hw_config(local)) {
2487 printk(KERN_DEBUG "%s: failed to set channel "
2488 "%d (%d MHz) for scan\n", dev->name,
2489 chan->chan, chan->freq);
2490 skip = 1;
2491 }
2492 }
2493
2494 local->scan_channel_idx++;
2495 if (local->scan_channel_idx >=
2496 local->hw.modes[local->scan_hw_mode_idx].num_channels) {
2497 local->scan_hw_mode_idx++;
2498 local->scan_channel_idx = 0;
2499 }
2500
2501 if (skip)
2502 break;
2503
2504 next_delay = IEEE80211_PROBE_DELAY +
2505 usecs_to_jiffies(local->hw.channel_change_time);
2506 local->scan_state = SCAN_SEND_PROBE;
2507 break;
2508 case SCAN_SEND_PROBE:
2509 if (ieee80211_active_scan(local)) {
2510 ieee80211_send_probe_req(dev, NULL, local->scan_ssid,
2511 local->scan_ssid_len);
2512 next_delay = IEEE80211_CHANNEL_TIME;
2513 } else
2514 next_delay = IEEE80211_PASSIVE_CHANNEL_TIME;
2515 local->scan_state = SCAN_SET_CHANNEL;
2516 break;
2517 }
2518
2519 if (local->sta_scanning) {
2520 if (next_delay)
2521 schedule_delayed_work(&local->scan_work, next_delay);
2522 else
2523 schedule_work(&local->scan_work);
2524 }
2525 }
2526
2527
2528 int ieee80211_sta_req_scan(struct net_device *dev, u8 *ssid, size_t ssid_len)
2529 {
2530 struct ieee80211_local *local = dev->ieee80211_ptr;
2531
2532 if (ssid_len > IEEE80211_MAX_SSID_LEN)
2533 return -EINVAL;
2534
2535 /* MLME-SCAN.request (page 118) page 144 (11.1.3.1)
2536 * BSSType: INFRASTRUCTURE, INDEPENDENT, ANY_BSS
2537 * BSSID: MACAddress
2538 * SSID
2539 * ScanType: ACTIVE, PASSIVE
2540 * ProbeDelay: delay (in microseconds) to be used prior to transmitting
2541 * a Probe frame during active scanning
2542 * ChannelList
2543 * MinChannelTime (>= ProbeDelay), in TU
2544 * MaxChannelTime: (>= MinChannelTime), in TU
2545 */
2546
2547 /* MLME-SCAN.confirm
2548 * BSSDescriptionSet
2549 * ResultCode: SUCCESS, INVALID_PARAMETERS
2550 */
2551
2552 /* TODO: if assoc, move to power save mode for the duration of the
2553 * scan */
2554
2555 if (local->sta_scanning) {
2556 if (local->scan_work.data == dev)
2557 return 0;
2558 return -EBUSY;
2559 }
2560
2561 printk(KERN_DEBUG "%s: starting scan\n", dev->name);
2562
2563 if (local->ops->hw_scan) {
2564 int rc = local->ops->hw_scan(local_to_hw(local),
2565 ssid, ssid_len);
2566 if (!rc) {
2567 local->sta_scanning = 1;
2568 local->scan_work.data = dev;
2569 }
2570 return rc;
2571 }
2572
2573 ieee80211_sta_save_oper_chan(dev);
2574
2575 local->sta_scanning = 1;
2576 /* TODO: stop TX queue? */
2577
2578 if (ssid) {
2579 local->scan_ssid_len = ssid_len;
2580 memcpy(local->scan_ssid, ssid, ssid_len);
2581 } else
2582 local->scan_ssid_len = 0;
2583 local->scan_state = SCAN_SET_CHANNEL;
2584 local->scan_hw_mode_idx = 0;
2585 local->scan_channel_idx = 0;
2586 INIT_WORK(&local->scan_work, ieee80211_sta_scan_work, dev);
2587 schedule_work(&local->scan_work);
2588
2589 return 0;
2590 }
2591
2592
2593 static char *
2594 ieee80211_sta_scan_result(struct net_device *dev,
2595 struct ieee80211_sta_bss *bss,
2596 char *current_ev, char *end_buf)
2597 {
2598 struct ieee80211_local *local = dev->ieee80211_ptr;
2599 struct iw_event iwe;
2600
2601 if (time_after(jiffies,
2602 bss->last_update + IEEE80211_SCAN_RESULT_EXPIRE))
2603 return current_ev;
2604
2605 if (!(local->enabled_modes & (1 << bss->hw_mode)))
2606 return current_ev;
2607
2608 if (local->scan_flags & IEEE80211_SCAN_WPA_ONLY &&
2609 !bss->wpa_ie && !bss->rsn_ie)
2610 return current_ev;
2611
2612 if (local->scan_flags & IEEE80211_SCAN_MATCH_SSID &&
2613 (local->scan_ssid_len != bss->ssid_len ||
2614 memcmp(local->scan_ssid, bss->ssid, bss->ssid_len) != 0))
2615 return current_ev;
2616
2617 memset(&iwe, 0, sizeof(iwe));
2618 iwe.cmd = SIOCGIWAP;
2619 iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
2620 memcpy(iwe.u.ap_addr.sa_data, bss->bssid, ETH_ALEN);
2621 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
2622 IW_EV_ADDR_LEN);
2623
2624 memset(&iwe, 0, sizeof(iwe));
2625 iwe.cmd = SIOCGIWESSID;
2626 iwe.u.data.length = bss->ssid_len;
2627 iwe.u.data.flags = 1;
2628 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
2629 bss->ssid);
2630
2631 if (bss->capability & (WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_IBSS)) {
2632 memset(&iwe, 0, sizeof(iwe));
2633 iwe.cmd = SIOCGIWMODE;
2634 if (bss->capability & WLAN_CAPABILITY_ESS)
2635 iwe.u.mode = IW_MODE_MASTER;
2636 else
2637 iwe.u.mode = IW_MODE_ADHOC;
2638 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
2639 IW_EV_UINT_LEN);
2640 }
2641
2642 memset(&iwe, 0, sizeof(iwe));
2643 iwe.cmd = SIOCGIWFREQ;
2644 iwe.u.freq.m = bss->freq * 100000;
2645 iwe.u.freq.e = 1;
2646 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
2647 IW_EV_FREQ_LEN);
2648
2649 memset(&iwe, 0, sizeof(iwe));
2650 iwe.cmd = SIOCGIWENCODE;
2651 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
2652 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
2653 else
2654 iwe.u.data.flags = IW_ENCODE_DISABLED;
2655 iwe.u.data.length = 0;
2656 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe, "");
2657
2658 if (bss && bss->wpa_ie) {
2659 char *buf, *p;
2660 int i;
2661 buf = kmalloc(30 + bss->wpa_ie_len * 2, GFP_ATOMIC);
2662 if (buf) {
2663 p = buf;
2664 p += sprintf(p, "wpa_ie=");
2665 for (i = 0; i < bss->wpa_ie_len; i++)
2666 p+= sprintf(p, "%02x", bss->wpa_ie[i]);
2667 memset(&iwe, 0, sizeof(iwe));
2668 iwe.cmd = IWEVCUSTOM;
2669 iwe.u.data.length = strlen(buf);
2670 current_ev = iwe_stream_add_point(current_ev, end_buf,
2671 &iwe, buf);
2672 kfree(buf);
2673 }
2674 }
2675
2676 if (bss && bss->rsn_ie) {
2677 char *buf, *p;
2678 int i;
2679 buf = kmalloc(30 + bss->rsn_ie_len * 2, GFP_ATOMIC);
2680 if (buf) {
2681 p = buf;
2682 p += sprintf(p, "rsn_ie=");
2683 for (i = 0; i < bss->rsn_ie_len; i++)
2684 p+= sprintf(p, "%02x", bss->rsn_ie[i]);
2685 memset(&iwe, 0, sizeof(iwe));
2686 iwe.cmd = IWEVCUSTOM;
2687 iwe.u.data.length = strlen(buf);
2688 current_ev = iwe_stream_add_point(current_ev, end_buf,
2689 &iwe, buf);
2690 kfree(buf);
2691 }
2692 }
2693
2694 if (bss) {
2695 char *buf;
2696 buf = kmalloc(30, GFP_ATOMIC);
2697 if (buf) {
2698 memset(&iwe, 0, sizeof(iwe));
2699 iwe.cmd = IWEVCUSTOM;
2700 sprintf(buf, "tsf=%016llx", bss->timestamp);
2701 iwe.u.data.length = strlen(buf);
2702 current_ev = iwe_stream_add_point(current_ev, end_buf,
2703 &iwe, buf);
2704 kfree(buf);
2705 }
2706 }
2707
2708 do {
2709 char *buf, *p;
2710 int i;
2711
2712 if (!(local->scan_flags & IEEE80211_SCAN_EXTRA_INFO))
2713 break;
2714
2715 buf = kmalloc(100, GFP_ATOMIC);
2716 if (!buf)
2717 break;
2718
2719 memset(&iwe, 0, sizeof(iwe));
2720 iwe.cmd = IWEVCUSTOM;
2721 sprintf(buf, "bcn_int=%d", bss->beacon_int);
2722 iwe.u.data.length = strlen(buf);
2723 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
2724 buf);
2725
2726 memset(&iwe, 0, sizeof(iwe));
2727 iwe.cmd = IWEVCUSTOM;
2728 sprintf(buf, "rssi=%d", bss->rssi);
2729 iwe.u.data.length = strlen(buf);
2730 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
2731 buf);
2732
2733 memset(&iwe, 0, sizeof(iwe));
2734 iwe.cmd = IWEVCUSTOM;
2735 sprintf(buf, "capab=0x%04x", bss->capability);
2736 iwe.u.data.length = strlen(buf);
2737 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
2738 buf);
2739
2740 /* dispaly all support rates in readable format */
2741 p = current_ev + IW_EV_LCP_LEN;
2742 iwe.cmd = SIOCGIWRATE;
2743 /* Those two flags are ignored... */
2744 iwe.u.bitrate.fixed = iwe.u.bitrate.disabled = 0;
2745
2746 for (i = 0; i < bss->supp_rates_len; i++) {
2747 iwe.u.bitrate.value = ((bss->supp_rates[i] &
2748 0x7f) * 500000);
2749 p = iwe_stream_add_value(current_ev, p,
2750 end_buf, &iwe, IW_EV_PARAM_LEN);
2751 }
2752 /* Check if we added any rate */
2753 if((p - current_ev) > IW_EV_LCP_LEN)
2754 current_ev = p;
2755
2756 kfree(buf);
2757 break;
2758 } while (0);
2759
2760 return current_ev;
2761 }
2762
2763
2764 int ieee80211_sta_scan_results(struct net_device *dev, char *buf, size_t len)
2765 {
2766 struct ieee80211_local *local = dev->ieee80211_ptr;
2767 char *current_ev = buf;
2768 char *end_buf = buf + len;
2769 struct ieee80211_sta_bss *bss;
2770
2771 spin_lock_bh(&local->sta_bss_lock);
2772 list_for_each_entry(bss, &local->sta_bss_list, list) {
2773 if (buf + len - current_ev <= IW_EV_ADDR_LEN) {
2774 spin_unlock_bh(&local->sta_bss_lock);
2775 return -E2BIG;
2776 }
2777 current_ev = ieee80211_sta_scan_result(dev, bss, current_ev,
2778 end_buf);
2779 }
2780 spin_unlock_bh(&local->sta_bss_lock);
2781 return current_ev - buf;
2782 }
2783
2784
2785 int ieee80211_sta_set_extra_ie(struct net_device *dev, char *ie, size_t len)
2786 {
2787 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2788 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2789 kfree(ifsta->extra_ie);
2790 if (len == 0) {
2791 ifsta->extra_ie = NULL;
2792 ifsta->extra_ie_len = 0;
2793 return 0;
2794 }
2795 ifsta->extra_ie = kmalloc(len, GFP_KERNEL);
2796 if (!ifsta->extra_ie) {
2797 ifsta->extra_ie_len = 0;
2798 return -ENOMEM;
2799 }
2800 memcpy(ifsta->extra_ie, ie, len);
2801 ifsta->extra_ie_len = len;
2802 if (ifsta->bssid_set && ifsta->ssid_set &&
2803 ifsta->state != IEEE80211_AUTHENTICATE)
2804 ieee80211_sta_new_auth(dev, ifsta);
2805 return 0;
2806 }
2807
2808
2809 struct sta_info * ieee80211_ibss_add_sta(struct net_device *dev,
2810 struct sk_buff *skb, u8 *bssid,
2811 u8 *addr)
2812 {
2813 struct ieee80211_local *local = dev->ieee80211_ptr;
2814 struct sta_info *sta;
2815 struct ieee80211_sub_if_data *sdata = NULL;
2816 struct net_device *sta_dev = NULL;
2817
2818 /* TODO: Could consider removing the least recently used entry and
2819 * allow new one to be added. */
2820 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
2821 if (net_ratelimit()) {
2822 printk(KERN_DEBUG "%s: No room for a new IBSS STA "
2823 "entry " MAC_FMT "\n", dev->name, MAC_ARG(addr));
2824 }
2825 return NULL;
2826 }
2827
2828 spin_lock_bh(&local->sub_if_lock);
2829 list_for_each_entry(sdata, &local->sub_if_list, list)
2830 if (sdata->type == IEEE80211_IF_TYPE_IBSS &&
2831 memcmp(bssid, sdata->u.sta.bssid, ETH_ALEN) == 0) {
2832 sta_dev = sdata->dev;
2833 break;
2834 }
2835 spin_unlock_bh(&local->sub_if_lock);
2836
2837 if (!sta_dev)
2838 return NULL;
2839
2840 printk(KERN_DEBUG "%s: Adding new IBSS station " MAC_FMT " (dev=%s)\n",
2841 dev->name, MAC_ARG(addr), sta_dev->name);
2842
2843 sta = sta_info_add(local, dev, addr, GFP_ATOMIC);
2844 if (!sta)
2845 return NULL;
2846
2847 sta->dev = sta_dev;
2848 sta->supp_rates = sdata->u.sta.supp_rates_bits;
2849
2850 rate_control_rate_init(sta, local);
2851
2852 return sta; /* caller will call sta_info_put() */
2853 }
2854
2855
2856 int ieee80211_sta_deauthenticate(struct net_device *dev, u16 reason)
2857 {
2858 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2859 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2860
2861 printk(KERN_DEBUG "%s: deauthenticate(reason=%d)\n",
2862 dev->name, reason);
2863
2864 if (sdata->type != IEEE80211_IF_TYPE_STA &&
2865 sdata->type != IEEE80211_IF_TYPE_IBSS)
2866 return -EINVAL;
2867
2868 ieee80211_send_deauth(dev, ifsta, reason);
2869 ieee80211_set_disassoc(dev, ifsta, 1);
2870 return 0;
2871 }
2872
2873
2874 int ieee80211_sta_disassociate(struct net_device *dev, u16 reason)
2875 {
2876 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2877 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2878
2879 printk(KERN_DEBUG "%s: disassociate(reason=%d)\n",
2880 dev->name, reason);
2881
2882 if (sdata->type != IEEE80211_IF_TYPE_STA)
2883 return -EINVAL;
2884
2885 if (!ifsta->associated)
2886 return -1;
2887
2888 ieee80211_send_disassoc(dev, ifsta, reason);
2889 ieee80211_set_disassoc(dev, ifsta, 0);
2890 return 0;
2891 }
Staging tree of Mathias Kresin