2 * BSS client mode implementation
3 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
4 * Copyright 2004, Instant802 Networks, Inc.
5 * Copyright 2005, Devicescape Software, Inc.
6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
7 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 2 as
11 * published by the Free Software Foundation.
15 * order BSS list by RSSI(?) ("quality of AP")
16 * scan result table filtering (by capability (privacy, IBSS/BSS, WPA/RSN IE,
19 #include <linux/delay.h>
20 #include <linux/if_ether.h>
21 #include <linux/skbuff.h>
22 #include <linux/netdevice.h>
23 #include <linux/if_arp.h>
24 #include <linux/wireless.h>
25 #include <linux/random.h>
26 #include <linux/etherdevice.h>
27 #include <linux/rtnetlink.h>
28 #include <net/iw_handler.h>
29 #include <asm/types.h>
31 #include <net/mac80211.h>
32 #include "ieee80211_i.h"
37 #define IEEE80211_ASSOC_SCANS_MAX_TRIES 2
38 #define IEEE80211_AUTH_TIMEOUT (HZ / 5)
39 #define IEEE80211_AUTH_MAX_TRIES 3
40 #define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
41 #define IEEE80211_ASSOC_MAX_TRIES 3
42 #define IEEE80211_MONITORING_INTERVAL (2 * HZ)
43 #define IEEE80211_MESH_HOUSEKEEPING_INTERVAL (60 * HZ)
44 #define IEEE80211_PROBE_INTERVAL (60 * HZ)
45 #define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ)
46 #define IEEE80211_SCAN_INTERVAL (2 * HZ)
47 #define IEEE80211_SCAN_INTERVAL_SLOW (15 * HZ)
48 #define IEEE80211_IBSS_JOIN_TIMEOUT (7 * HZ)
50 #define IEEE80211_PROBE_DELAY (HZ / 33)
51 #define IEEE80211_CHANNEL_TIME (HZ / 33)
52 #define IEEE80211_PASSIVE_CHANNEL_TIME (HZ / 5)
53 #define IEEE80211_SCAN_RESULT_EXPIRE (10 * HZ)
54 #define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
55 #define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
56 #define IEEE80211_MESH_PEER_INACTIVITY_LIMIT (1800 * HZ)
58 #define IEEE80211_IBSS_MAX_STA_ENTRIES 128
61 #define ERP_INFO_USE_PROTECTION BIT(1)
63 /* mgmt header + 1 byte category code */
64 #define IEEE80211_MIN_ACTION_SIZE (24 + 1)
66 #define IEEE80211_ADDBA_PARAM_POLICY_MASK 0x0002
67 #define IEEE80211_ADDBA_PARAM_TID_MASK 0x003C
68 #define IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK 0xFFA0
69 #define IEEE80211_DELBA_PARAM_TID_MASK 0xF000
70 #define IEEE80211_DELBA_PARAM_INITIATOR_MASK 0x0800
72 /* next values represent the buffer size for A-MPDU frame.
73 * According to IEEE802.11n spec size varies from 8K to 64K (in powers of 2) */
74 #define IEEE80211_MIN_AMPDU_BUF 0x8
75 #define IEEE80211_MAX_AMPDU_BUF 0x40
77 static void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
78 u8 *ssid, size_t ssid_len);
79 static struct ieee80211_sta_bss *
80 ieee80211_rx_bss_get(struct ieee80211_local *local, u8 *bssid, int freq,
81 u8 *ssid, u8 ssid_len);
82 static void ieee80211_rx_bss_put(struct ieee80211_local *local,
83 struct ieee80211_sta_bss *bss);
84 static int ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata,
85 struct ieee80211_if_sta *ifsta);
86 static int ieee80211_sta_wep_configured(struct ieee80211_sub_if_data *sdata);
87 static int ieee80211_sta_start_scan(struct ieee80211_sub_if_data *sdata,
88 u8 *ssid, size_t ssid_len);
89 static int ieee80211_sta_config_auth(struct ieee80211_sub_if_data *sdata,
90 struct ieee80211_if_sta *ifsta);
91 static void sta_rx_agg_session_timer_expired(unsigned long data);
94 static u8 * ieee80211_bss_get_ie(struct ieee80211_sta_bss *bss, u8 ie)
101 end = pos + bss->ies_len;
103 while (pos + 1 < end) {
104 if (pos + 2 + pos[1] > end)
115 static int ecw2cw(int ecw)
117 return (1 << ecw) - 1;
121 static void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata,
122 struct ieee80211_sta_bss *bss,
125 struct ieee80211_local *local = sdata->local;
126 int i, have_higher_than_11mbit = 0;
129 /* cf. IEEE 802.11 9.2.12 */
130 for (i = 0; i < bss->supp_rates_len; i++)
131 if ((bss->supp_rates[i] & 0x7f) * 5 > 110)
132 have_higher_than_11mbit = 1;
134 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
135 have_higher_than_11mbit)
136 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
138 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
141 if (local->ops->conf_tx) {
142 struct ieee80211_tx_queue_params qparam;
144 memset(&qparam, 0, sizeof(qparam));
148 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
149 !(sdata->flags & IEEE80211_SDATA_OPERATING_GMODE))
154 qparam.cw_max = 1023;
157 for (i = 0; i < local_to_hw(local)->queues; i++)
158 local->ops->conf_tx(local_to_hw(local), i, &qparam);
162 static void ieee80211_sta_wmm_params(struct ieee80211_local *local,
163 struct ieee80211_if_sta *ifsta,
164 u8 *wmm_param, size_t wmm_param_len)
166 struct ieee80211_tx_queue_params params;
171 if (!(ifsta->flags & IEEE80211_STA_WMM_ENABLED))
177 if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1)
179 count = wmm_param[6] & 0x0f;
180 if (count == ifsta->wmm_last_param_set)
182 ifsta->wmm_last_param_set = count;
185 left = wmm_param_len - 8;
187 memset(¶ms, 0, sizeof(params));
189 if (!local->ops->conf_tx)
193 for (; left >= 4; left -= 4, pos += 4) {
194 int aci = (pos[0] >> 5) & 0x03;
195 int acm = (pos[0] >> 4) & 0x01;
202 local->wmm_acm |= BIT(0) | BIT(3);
207 local->wmm_acm |= BIT(4) | BIT(5);
212 local->wmm_acm |= BIT(6) | BIT(7);
218 local->wmm_acm |= BIT(1) | BIT(2);
222 params.aifs = pos[0] & 0x0f;
223 params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4);
224 params.cw_min = ecw2cw(pos[1] & 0x0f);
225 params.txop = get_unaligned_le16(pos + 2);
226 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
227 printk(KERN_DEBUG "%s: WMM queue=%d aci=%d acm=%d aifs=%d "
228 "cWmin=%d cWmax=%d txop=%d\n",
229 local->mdev->name, queue, aci, acm, params.aifs, params.cw_min,
230 params.cw_max, params.txop);
232 /* TODO: handle ACM (block TX, fallback to next lowest allowed
234 if (local->ops->conf_tx(local_to_hw(local), queue, ¶ms)) {
235 printk(KERN_DEBUG "%s: failed to set TX queue "
236 "parameters for queue %d\n", local->mdev->name, queue);
241 static u32 ieee80211_handle_protect_preamb(struct ieee80211_sub_if_data *sdata,
243 bool use_short_preamble)
245 struct ieee80211_bss_conf *bss_conf = &sdata->bss_conf;
246 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
247 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
248 DECLARE_MAC_BUF(mac);
252 if (use_protection != bss_conf->use_cts_prot) {
253 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
254 if (net_ratelimit()) {
255 printk(KERN_DEBUG "%s: CTS protection %s (BSSID="
258 use_protection ? "enabled" : "disabled",
259 print_mac(mac, ifsta->bssid));
262 bss_conf->use_cts_prot = use_protection;
263 changed |= BSS_CHANGED_ERP_CTS_PROT;
266 if (use_short_preamble != bss_conf->use_short_preamble) {
267 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
268 if (net_ratelimit()) {
269 printk(KERN_DEBUG "%s: switched to %s barker preamble"
272 use_short_preamble ? "short" : "long",
273 print_mac(mac, ifsta->bssid));
276 bss_conf->use_short_preamble = use_short_preamble;
277 changed |= BSS_CHANGED_ERP_PREAMBLE;
283 static u32 ieee80211_handle_erp_ie(struct ieee80211_sub_if_data *sdata,
286 bool use_protection = (erp_value & WLAN_ERP_USE_PROTECTION) != 0;
287 bool use_short_preamble = (erp_value & WLAN_ERP_BARKER_PREAMBLE) == 0;
289 return ieee80211_handle_protect_preamb(sdata,
290 use_protection, use_short_preamble);
293 static u32 ieee80211_handle_bss_capability(struct ieee80211_sub_if_data *sdata,
294 struct ieee80211_sta_bss *bss)
298 if (bss->has_erp_value)
299 changed |= ieee80211_handle_erp_ie(sdata, bss->erp_value);
301 u16 capab = bss->capability;
302 changed |= ieee80211_handle_protect_preamb(sdata, false,
303 (capab & WLAN_CAPABILITY_SHORT_PREAMBLE) != 0);
309 int ieee80211_ht_cap_ie_to_ht_info(struct ieee80211_ht_cap *ht_cap_ie,
310 struct ieee80211_ht_info *ht_info)
316 memset(ht_info, 0, sizeof(*ht_info));
319 u8 ampdu_info = ht_cap_ie->ampdu_params_info;
321 ht_info->ht_supported = 1;
322 ht_info->cap = le16_to_cpu(ht_cap_ie->cap_info);
323 ht_info->ampdu_factor =
324 ampdu_info & IEEE80211_HT_CAP_AMPDU_FACTOR;
325 ht_info->ampdu_density =
326 (ampdu_info & IEEE80211_HT_CAP_AMPDU_DENSITY) >> 2;
327 memcpy(ht_info->supp_mcs_set, ht_cap_ie->supp_mcs_set, 16);
329 ht_info->ht_supported = 0;
334 int ieee80211_ht_addt_info_ie_to_ht_bss_info(
335 struct ieee80211_ht_addt_info *ht_add_info_ie,
336 struct ieee80211_ht_bss_info *bss_info)
338 if (bss_info == NULL)
341 memset(bss_info, 0, sizeof(*bss_info));
343 if (ht_add_info_ie) {
345 op_mode = le16_to_cpu(ht_add_info_ie->operation_mode);
347 bss_info->primary_channel = ht_add_info_ie->control_chan;
348 bss_info->bss_cap = ht_add_info_ie->ht_param;
349 bss_info->bss_op_mode = (u8)(op_mode & 0xff);
355 static void ieee80211_sta_send_apinfo(struct ieee80211_sub_if_data *sdata,
356 struct ieee80211_if_sta *ifsta)
358 union iwreq_data wrqu;
359 memset(&wrqu, 0, sizeof(wrqu));
360 if (ifsta->flags & IEEE80211_STA_ASSOCIATED)
361 memcpy(wrqu.ap_addr.sa_data, sdata->u.sta.bssid, ETH_ALEN);
362 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
363 wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL);
366 static void ieee80211_sta_send_associnfo(struct ieee80211_sub_if_data *sdata,
367 struct ieee80211_if_sta *ifsta)
369 union iwreq_data wrqu;
371 if (ifsta->assocreq_ies) {
372 memset(&wrqu, 0, sizeof(wrqu));
373 wrqu.data.length = ifsta->assocreq_ies_len;
374 wireless_send_event(sdata->dev, IWEVASSOCREQIE, &wrqu,
375 ifsta->assocreq_ies);
377 if (ifsta->assocresp_ies) {
378 memset(&wrqu, 0, sizeof(wrqu));
379 wrqu.data.length = ifsta->assocresp_ies_len;
380 wireless_send_event(sdata->dev, IWEVASSOCRESPIE, &wrqu,
381 ifsta->assocresp_ies);
386 static void ieee80211_set_associated(struct ieee80211_sub_if_data *sdata,
387 struct ieee80211_if_sta *ifsta)
389 struct ieee80211_local *local = sdata->local;
390 struct ieee80211_conf *conf = &local_to_hw(local)->conf;
391 u32 changed = BSS_CHANGED_ASSOC;
393 struct ieee80211_sta_bss *bss;
395 ifsta->flags |= IEEE80211_STA_ASSOCIATED;
397 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
400 bss = ieee80211_rx_bss_get(local, ifsta->bssid,
401 conf->channel->center_freq,
402 ifsta->ssid, ifsta->ssid_len);
404 /* set timing information */
405 sdata->bss_conf.beacon_int = bss->beacon_int;
406 sdata->bss_conf.timestamp = bss->timestamp;
407 sdata->bss_conf.dtim_period = bss->dtim_period;
409 changed |= ieee80211_handle_bss_capability(sdata, bss);
411 ieee80211_rx_bss_put(local, bss);
414 if (conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE) {
415 changed |= BSS_CHANGED_HT;
416 sdata->bss_conf.assoc_ht = 1;
417 sdata->bss_conf.ht_conf = &conf->ht_conf;
418 sdata->bss_conf.ht_bss_conf = &conf->ht_bss_conf;
421 ifsta->flags |= IEEE80211_STA_PREV_BSSID_SET;
422 memcpy(ifsta->prev_bssid, sdata->u.sta.bssid, ETH_ALEN);
423 ieee80211_sta_send_associnfo(sdata, ifsta);
425 ifsta->last_probe = jiffies;
426 ieee80211_led_assoc(local, 1);
428 sdata->bss_conf.assoc = 1;
429 ieee80211_bss_info_change_notify(sdata, changed);
431 netif_tx_start_all_queues(sdata->dev);
432 netif_carrier_on(sdata->dev);
434 ieee80211_sta_send_apinfo(sdata, ifsta);
437 void ieee80211_sta_tx(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
440 skb->dev = sdata->local->mdev;
441 skb_set_mac_header(skb, 0);
442 skb_set_network_header(skb, 0);
443 skb_set_transport_header(skb, 0);
445 skb->iif = sdata->dev->ifindex;
446 skb->do_not_encrypt = !encrypt;
452 static void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata,
453 struct ieee80211_if_sta *ifsta,
454 int transaction, u8 *extra, size_t extra_len,
457 struct ieee80211_local *local = sdata->local;
459 struct ieee80211_mgmt *mgmt;
461 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
462 sizeof(*mgmt) + 6 + extra_len);
464 printk(KERN_DEBUG "%s: failed to allocate buffer for auth "
465 "frame\n", sdata->dev->name);
468 skb_reserve(skb, local->hw.extra_tx_headroom);
470 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24 + 6);
471 memset(mgmt, 0, 24 + 6);
472 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
473 IEEE80211_STYPE_AUTH);
475 mgmt->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
476 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
477 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
478 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
479 mgmt->u.auth.auth_alg = cpu_to_le16(ifsta->auth_alg);
480 mgmt->u.auth.auth_transaction = cpu_to_le16(transaction);
481 ifsta->auth_transaction = transaction + 1;
482 mgmt->u.auth.status_code = cpu_to_le16(0);
484 memcpy(skb_put(skb, extra_len), extra, extra_len);
486 ieee80211_sta_tx(sdata, skb, encrypt);
489 static void ieee80211_direct_probe(struct ieee80211_sub_if_data *sdata,
490 struct ieee80211_if_sta *ifsta)
492 DECLARE_MAC_BUF(mac);
494 ifsta->direct_probe_tries++;
495 if (ifsta->direct_probe_tries > IEEE80211_AUTH_MAX_TRIES) {
496 printk(KERN_DEBUG "%s: direct probe to AP %s timed out\n",
497 sdata->dev->name, print_mac(mac, ifsta->bssid));
498 ifsta->state = IEEE80211_STA_MLME_DISABLED;
502 printk(KERN_DEBUG "%s: direct probe to AP %s try %d\n",
503 sdata->dev->name, print_mac(mac, ifsta->bssid),
504 ifsta->direct_probe_tries);
506 ifsta->state = IEEE80211_STA_MLME_DIRECT_PROBE;
508 set_bit(IEEE80211_STA_REQ_DIRECT_PROBE, &ifsta->request);
510 /* Direct probe is sent to broadcast address as some APs
511 * will not answer to direct packet in unassociated state.
513 ieee80211_send_probe_req(sdata, NULL,
514 ifsta->ssid, ifsta->ssid_len);
516 mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
520 static void ieee80211_authenticate(struct ieee80211_sub_if_data *sdata,
521 struct ieee80211_if_sta *ifsta)
523 DECLARE_MAC_BUF(mac);
526 if (ifsta->auth_tries > IEEE80211_AUTH_MAX_TRIES) {
527 printk(KERN_DEBUG "%s: authentication with AP %s"
529 sdata->dev->name, print_mac(mac, ifsta->bssid));
530 ifsta->state = IEEE80211_STA_MLME_DISABLED;
534 ifsta->state = IEEE80211_STA_MLME_AUTHENTICATE;
535 printk(KERN_DEBUG "%s: authenticate with AP %s\n",
536 sdata->dev->name, print_mac(mac, ifsta->bssid));
538 ieee80211_send_auth(sdata, ifsta, 1, NULL, 0, 0);
540 mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
543 static int ieee80211_compatible_rates(struct ieee80211_sta_bss *bss,
544 struct ieee80211_supported_band *sband,
550 for (i = 0; i < bss->supp_rates_len; i++) {
551 int rate = (bss->supp_rates[i] & 0x7F) * 5;
553 for (j = 0; j < sband->n_bitrates; j++)
554 if (sband->bitrates[j].bitrate == rate) {
564 static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
565 struct ieee80211_if_sta *ifsta)
567 struct ieee80211_local *local = sdata->local;
569 struct ieee80211_mgmt *mgmt;
570 u8 *pos, *ies, *ht_add_ie;
571 int i, len, count, rates_len, supp_rates_len;
573 struct ieee80211_sta_bss *bss;
575 struct ieee80211_supported_band *sband;
578 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
579 sizeof(*mgmt) + 200 + ifsta->extra_ie_len +
582 printk(KERN_DEBUG "%s: failed to allocate buffer for assoc "
583 "frame\n", sdata->dev->name);
586 skb_reserve(skb, local->hw.extra_tx_headroom);
588 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
590 capab = ifsta->capab;
592 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ) {
593 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
594 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
595 if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE))
596 capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
599 bss = ieee80211_rx_bss_get(local, ifsta->bssid,
600 local->hw.conf.channel->center_freq,
601 ifsta->ssid, ifsta->ssid_len);
603 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
604 capab |= WLAN_CAPABILITY_PRIVACY;
608 /* get all rates supported by the device and the AP as
609 * some APs don't like getting a superset of their rates
610 * in the association request (e.g. D-Link DAP 1353 in
612 rates_len = ieee80211_compatible_rates(bss, sband, &rates);
614 if ((bss->capability & WLAN_CAPABILITY_SPECTRUM_MGMT) &&
615 (local->hw.flags & IEEE80211_HW_SPECTRUM_MGMT))
616 capab |= WLAN_CAPABILITY_SPECTRUM_MGMT;
618 ieee80211_rx_bss_put(local, bss);
621 rates_len = sband->n_bitrates;
624 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
626 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
627 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
628 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
630 if (ifsta->flags & IEEE80211_STA_PREV_BSSID_SET) {
632 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
633 IEEE80211_STYPE_REASSOC_REQ);
634 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
635 mgmt->u.reassoc_req.listen_interval =
636 cpu_to_le16(local->hw.conf.listen_interval);
637 memcpy(mgmt->u.reassoc_req.current_ap, ifsta->prev_bssid,
641 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
642 IEEE80211_STYPE_ASSOC_REQ);
643 mgmt->u.assoc_req.capab_info = cpu_to_le16(capab);
644 mgmt->u.reassoc_req.listen_interval =
645 cpu_to_le16(local->hw.conf.listen_interval);
649 ies = pos = skb_put(skb, 2 + ifsta->ssid_len);
650 *pos++ = WLAN_EID_SSID;
651 *pos++ = ifsta->ssid_len;
652 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
654 /* add all rates which were marked to be used above */
655 supp_rates_len = rates_len;
656 if (supp_rates_len > 8)
659 len = sband->n_bitrates;
660 pos = skb_put(skb, supp_rates_len + 2);
661 *pos++ = WLAN_EID_SUPP_RATES;
662 *pos++ = supp_rates_len;
665 for (i = 0; i < sband->n_bitrates; i++) {
666 if (BIT(i) & rates) {
667 int rate = sband->bitrates[i].bitrate;
668 *pos++ = (u8) (rate / 5);
674 if (rates_len > count) {
675 pos = skb_put(skb, rates_len - count + 2);
676 *pos++ = WLAN_EID_EXT_SUPP_RATES;
677 *pos++ = rates_len - count;
679 for (i++; i < sband->n_bitrates; i++) {
680 if (BIT(i) & rates) {
681 int rate = sband->bitrates[i].bitrate;
682 *pos++ = (u8) (rate / 5);
687 if (capab & WLAN_CAPABILITY_SPECTRUM_MGMT) {
688 /* 1. power capabilities */
689 pos = skb_put(skb, 4);
690 *pos++ = WLAN_EID_PWR_CAPABILITY;
692 *pos++ = 0; /* min tx power */
693 *pos++ = local->hw.conf.channel->max_power; /* max tx power */
695 /* 2. supported channels */
696 /* TODO: get this in reg domain format */
697 pos = skb_put(skb, 2 * sband->n_channels + 2);
698 *pos++ = WLAN_EID_SUPPORTED_CHANNELS;
699 *pos++ = 2 * sband->n_channels;
700 for (i = 0; i < sband->n_channels; i++) {
701 *pos++ = ieee80211_frequency_to_channel(
702 sband->channels[i].center_freq);
703 *pos++ = 1; /* one channel in the subband*/
707 if (ifsta->extra_ie) {
708 pos = skb_put(skb, ifsta->extra_ie_len);
709 memcpy(pos, ifsta->extra_ie, ifsta->extra_ie_len);
712 if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
713 pos = skb_put(skb, 9);
714 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
715 *pos++ = 7; /* len */
716 *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */
719 *pos++ = 2; /* WME */
720 *pos++ = 0; /* WME info */
721 *pos++ = 1; /* WME ver */
725 /* wmm support is a must to HT */
726 if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED) &&
727 sband->ht_info.ht_supported &&
728 (ht_add_ie = ieee80211_bss_get_ie(bss, WLAN_EID_HT_EXTRA_INFO))) {
729 struct ieee80211_ht_addt_info *ht_add_info =
730 (struct ieee80211_ht_addt_info *)ht_add_ie;
731 u16 cap = sband->ht_info.cap;
733 u32 flags = local->hw.conf.channel->flags;
735 switch (ht_add_info->ht_param & IEEE80211_HT_IE_CHA_SEC_OFFSET) {
736 case IEEE80211_HT_IE_CHA_SEC_ABOVE:
737 if (flags & IEEE80211_CHAN_NO_FAT_ABOVE) {
738 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH;
739 cap &= ~IEEE80211_HT_CAP_SGI_40;
742 case IEEE80211_HT_IE_CHA_SEC_BELOW:
743 if (flags & IEEE80211_CHAN_NO_FAT_BELOW) {
744 cap &= ~IEEE80211_HT_CAP_SUP_WIDTH;
745 cap &= ~IEEE80211_HT_CAP_SGI_40;
750 tmp = cpu_to_le16(cap);
751 pos = skb_put(skb, sizeof(struct ieee80211_ht_cap)+2);
752 *pos++ = WLAN_EID_HT_CAPABILITY;
753 *pos++ = sizeof(struct ieee80211_ht_cap);
754 memset(pos, 0, sizeof(struct ieee80211_ht_cap));
755 memcpy(pos, &tmp, sizeof(u16));
757 /* TODO: needs a define here for << 2 */
758 *pos++ = sband->ht_info.ampdu_factor |
759 (sband->ht_info.ampdu_density << 2);
760 memcpy(pos, sband->ht_info.supp_mcs_set, 16);
763 kfree(ifsta->assocreq_ies);
764 ifsta->assocreq_ies_len = (skb->data + skb->len) - ies;
765 ifsta->assocreq_ies = kmalloc(ifsta->assocreq_ies_len, GFP_KERNEL);
766 if (ifsta->assocreq_ies)
767 memcpy(ifsta->assocreq_ies, ies, ifsta->assocreq_ies_len);
769 ieee80211_sta_tx(sdata, skb, 0);
773 static void ieee80211_send_deauth(struct ieee80211_sub_if_data *sdata,
774 struct ieee80211_if_sta *ifsta, u16 reason)
776 struct ieee80211_local *local = sdata->local;
778 struct ieee80211_mgmt *mgmt;
780 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
782 printk(KERN_DEBUG "%s: failed to allocate buffer for deauth "
783 "frame\n", sdata->dev->name);
786 skb_reserve(skb, local->hw.extra_tx_headroom);
788 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
790 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
791 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
792 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
793 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
794 IEEE80211_STYPE_DEAUTH);
796 mgmt->u.deauth.reason_code = cpu_to_le16(reason);
798 ieee80211_sta_tx(sdata, skb, 0);
802 static void ieee80211_send_disassoc(struct ieee80211_sub_if_data *sdata,
803 struct ieee80211_if_sta *ifsta, u16 reason)
805 struct ieee80211_local *local = sdata->local;
807 struct ieee80211_mgmt *mgmt;
809 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
811 printk(KERN_DEBUG "%s: failed to allocate buffer for disassoc "
812 "frame\n", sdata->dev->name);
815 skb_reserve(skb, local->hw.extra_tx_headroom);
817 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
819 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
820 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
821 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
822 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
823 IEEE80211_STYPE_DISASSOC);
825 mgmt->u.disassoc.reason_code = cpu_to_le16(reason);
827 ieee80211_sta_tx(sdata, skb, 0);
830 static void ieee80211_set_disassoc(struct ieee80211_sub_if_data *sdata,
831 struct ieee80211_if_sta *ifsta, bool deauth,
832 bool self_disconnected, u16 reason)
834 struct ieee80211_local *local = sdata->local;
835 struct sta_info *sta;
836 u32 changed = BSS_CHANGED_ASSOC;
840 sta = sta_info_get(local, ifsta->bssid);
847 ifsta->direct_probe_tries = 0;
848 ifsta->auth_tries = 0;
850 ifsta->assoc_scan_tries = 0;
851 ifsta->assoc_tries = 0;
853 netif_tx_stop_all_queues(sdata->dev);
854 netif_carrier_off(sdata->dev);
856 ieee80211_sta_tear_down_BA_sessions(sdata, sta->addr);
858 if (self_disconnected) {
860 ieee80211_send_deauth(sdata, ifsta, reason);
862 ieee80211_send_disassoc(sdata, ifsta, reason);
865 ifsta->flags &= ~IEEE80211_STA_ASSOCIATED;
866 changed |= ieee80211_reset_erp_info(sdata);
868 if (sdata->bss_conf.assoc_ht)
869 changed |= BSS_CHANGED_HT;
871 sdata->bss_conf.assoc_ht = 0;
872 sdata->bss_conf.ht_conf = NULL;
873 sdata->bss_conf.ht_bss_conf = NULL;
875 ieee80211_led_assoc(local, 0);
876 sdata->bss_conf.assoc = 0;
878 ieee80211_sta_send_apinfo(sdata, ifsta);
880 if (self_disconnected)
881 ifsta->state = IEEE80211_STA_MLME_DISABLED;
883 sta_info_unlink(&sta);
887 sta_info_destroy(sta);
890 static int ieee80211_privacy_mismatch(struct ieee80211_sub_if_data *sdata,
891 struct ieee80211_if_sta *ifsta)
893 struct ieee80211_local *local = sdata->local;
894 struct ieee80211_sta_bss *bss;
899 if (!ifsta || (ifsta->flags & IEEE80211_STA_MIXED_CELL))
902 bss = ieee80211_rx_bss_get(local, ifsta->bssid,
903 local->hw.conf.channel->center_freq,
904 ifsta->ssid, ifsta->ssid_len);
908 bss_privacy = !!(bss->capability & WLAN_CAPABILITY_PRIVACY);
909 wep_privacy = !!ieee80211_sta_wep_configured(sdata);
910 privacy_invoked = !!(ifsta->flags & IEEE80211_STA_PRIVACY_INVOKED);
912 ieee80211_rx_bss_put(local, bss);
914 if ((bss_privacy == wep_privacy) || (bss_privacy == privacy_invoked))
921 static void ieee80211_associate(struct ieee80211_sub_if_data *sdata,
922 struct ieee80211_if_sta *ifsta)
924 DECLARE_MAC_BUF(mac);
926 ifsta->assoc_tries++;
927 if (ifsta->assoc_tries > IEEE80211_ASSOC_MAX_TRIES) {
928 printk(KERN_DEBUG "%s: association with AP %s"
930 sdata->dev->name, print_mac(mac, ifsta->bssid));
931 ifsta->state = IEEE80211_STA_MLME_DISABLED;
935 ifsta->state = IEEE80211_STA_MLME_ASSOCIATE;
936 printk(KERN_DEBUG "%s: associate with AP %s\n",
937 sdata->dev->name, print_mac(mac, ifsta->bssid));
938 if (ieee80211_privacy_mismatch(sdata, ifsta)) {
939 printk(KERN_DEBUG "%s: mismatch in privacy configuration and "
940 "mixed-cell disabled - abort association\n", sdata->dev->name);
941 ifsta->state = IEEE80211_STA_MLME_DISABLED;
945 ieee80211_send_assoc(sdata, ifsta);
947 mod_timer(&ifsta->timer, jiffies + IEEE80211_ASSOC_TIMEOUT);
951 static void ieee80211_associated(struct ieee80211_sub_if_data *sdata,
952 struct ieee80211_if_sta *ifsta)
954 struct ieee80211_local *local = sdata->local;
955 struct sta_info *sta;
957 DECLARE_MAC_BUF(mac);
959 /* TODO: start monitoring current AP signal quality and number of
960 * missed beacons. Scan other channels every now and then and search
962 /* TODO: remove expired BSSes */
964 ifsta->state = IEEE80211_STA_MLME_ASSOCIATED;
968 sta = sta_info_get(local, ifsta->bssid);
970 printk(KERN_DEBUG "%s: No STA entry for own AP %s\n",
971 sdata->dev->name, print_mac(mac, ifsta->bssid));
975 if (time_after(jiffies,
976 sta->last_rx + IEEE80211_MONITORING_INTERVAL)) {
977 if (ifsta->flags & IEEE80211_STA_PROBEREQ_POLL) {
978 printk(KERN_DEBUG "%s: No ProbeResp from "
979 "current AP %s - assume out of "
981 sdata->dev->name, print_mac(mac, ifsta->bssid));
984 ieee80211_send_probe_req(sdata, ifsta->bssid,
986 local->scan_ssid_len);
987 ifsta->flags ^= IEEE80211_STA_PROBEREQ_POLL;
989 ifsta->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
990 if (time_after(jiffies, ifsta->last_probe +
991 IEEE80211_PROBE_INTERVAL)) {
992 ifsta->last_probe = jiffies;
993 ieee80211_send_probe_req(sdata, ifsta->bssid,
1003 ieee80211_set_disassoc(sdata, ifsta, true, true,
1004 WLAN_REASON_PREV_AUTH_NOT_VALID);
1006 mod_timer(&ifsta->timer, jiffies +
1007 IEEE80211_MONITORING_INTERVAL);
1011 static void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
1012 u8 *ssid, size_t ssid_len)
1014 struct ieee80211_local *local = sdata->local;
1015 struct ieee80211_supported_band *sband;
1016 struct sk_buff *skb;
1017 struct ieee80211_mgmt *mgmt;
1018 u8 *pos, *supp_rates, *esupp_rates = NULL;
1021 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) + 200);
1023 printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
1024 "request\n", sdata->dev->name);
1027 skb_reserve(skb, local->hw.extra_tx_headroom);
1029 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
1030 memset(mgmt, 0, 24);
1031 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1032 IEEE80211_STYPE_PROBE_REQ);
1033 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
1035 memcpy(mgmt->da, dst, ETH_ALEN);
1036 memcpy(mgmt->bssid, dst, ETH_ALEN);
1038 memset(mgmt->da, 0xff, ETH_ALEN);
1039 memset(mgmt->bssid, 0xff, ETH_ALEN);
1041 pos = skb_put(skb, 2 + ssid_len);
1042 *pos++ = WLAN_EID_SSID;
1044 memcpy(pos, ssid, ssid_len);
1046 supp_rates = skb_put(skb, 2);
1047 supp_rates[0] = WLAN_EID_SUPP_RATES;
1049 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
1051 for (i = 0; i < sband->n_bitrates; i++) {
1052 struct ieee80211_rate *rate = &sband->bitrates[i];
1054 pos = skb_put(skb, 1);
1056 } else if (supp_rates[1] == 8) {
1057 esupp_rates = skb_put(skb, 3);
1058 esupp_rates[0] = WLAN_EID_EXT_SUPP_RATES;
1060 pos = &esupp_rates[2];
1062 pos = skb_put(skb, 1);
1065 *pos = rate->bitrate / 5;
1068 ieee80211_sta_tx(sdata, skb, 0);
1072 static int ieee80211_sta_wep_configured(struct ieee80211_sub_if_data *sdata)
1074 if (!sdata || !sdata->default_key ||
1075 sdata->default_key->conf.alg != ALG_WEP)
1081 static void ieee80211_auth_completed(struct ieee80211_sub_if_data *sdata,
1082 struct ieee80211_if_sta *ifsta)
1084 printk(KERN_DEBUG "%s: authenticated\n", sdata->dev->name);
1085 ifsta->flags |= IEEE80211_STA_AUTHENTICATED;
1086 ieee80211_associate(sdata, ifsta);
1090 static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata,
1091 struct ieee80211_if_sta *ifsta,
1092 struct ieee80211_mgmt *mgmt,
1096 struct ieee802_11_elems elems;
1098 pos = mgmt->u.auth.variable;
1099 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
1100 if (!elems.challenge)
1102 ieee80211_send_auth(sdata, ifsta, 3, elems.challenge - 2,
1103 elems.challenge_len + 2, 1);
1106 static void ieee80211_send_addba_resp(struct ieee80211_sub_if_data *sdata, u8 *da, u16 tid,
1107 u8 dialog_token, u16 status, u16 policy,
1108 u16 buf_size, u16 timeout)
1110 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
1111 struct ieee80211_local *local = sdata->local;
1112 struct sk_buff *skb;
1113 struct ieee80211_mgmt *mgmt;
1116 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
1119 printk(KERN_DEBUG "%s: failed to allocate buffer "
1120 "for addba resp frame\n", sdata->dev->name);
1124 skb_reserve(skb, local->hw.extra_tx_headroom);
1125 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
1126 memset(mgmt, 0, 24);
1127 memcpy(mgmt->da, da, ETH_ALEN);
1128 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
1129 if (sdata->vif.type == IEEE80211_IF_TYPE_AP)
1130 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN);
1132 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1133 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1134 IEEE80211_STYPE_ACTION);
1136 skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_resp));
1137 mgmt->u.action.category = WLAN_CATEGORY_BACK;
1138 mgmt->u.action.u.addba_resp.action_code = WLAN_ACTION_ADDBA_RESP;
1139 mgmt->u.action.u.addba_resp.dialog_token = dialog_token;
1141 capab = (u16)(policy << 1); /* bit 1 aggregation policy */
1142 capab |= (u16)(tid << 2); /* bit 5:2 TID number */
1143 capab |= (u16)(buf_size << 6); /* bit 15:6 max size of aggregation */
1145 mgmt->u.action.u.addba_resp.capab = cpu_to_le16(capab);
1146 mgmt->u.action.u.addba_resp.timeout = cpu_to_le16(timeout);
1147 mgmt->u.action.u.addba_resp.status = cpu_to_le16(status);
1149 ieee80211_sta_tx(sdata, skb, 0);
1154 void ieee80211_send_addba_request(struct ieee80211_sub_if_data *sdata, const u8 *da,
1155 u16 tid, u8 dialog_token, u16 start_seq_num,
1156 u16 agg_size, u16 timeout)
1158 struct ieee80211_local *local = sdata->local;
1159 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
1160 struct sk_buff *skb;
1161 struct ieee80211_mgmt *mgmt;
1164 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
1167 printk(KERN_ERR "%s: failed to allocate buffer "
1168 "for addba request frame\n", sdata->dev->name);
1171 skb_reserve(skb, local->hw.extra_tx_headroom);
1172 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
1173 memset(mgmt, 0, 24);
1174 memcpy(mgmt->da, da, ETH_ALEN);
1175 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
1176 if (sdata->vif.type == IEEE80211_IF_TYPE_AP)
1177 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN);
1179 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1181 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1182 IEEE80211_STYPE_ACTION);
1184 skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_req));
1186 mgmt->u.action.category = WLAN_CATEGORY_BACK;
1187 mgmt->u.action.u.addba_req.action_code = WLAN_ACTION_ADDBA_REQ;
1189 mgmt->u.action.u.addba_req.dialog_token = dialog_token;
1190 capab = (u16)(1 << 1); /* bit 1 aggregation policy */
1191 capab |= (u16)(tid << 2); /* bit 5:2 TID number */
1192 capab |= (u16)(agg_size << 6); /* bit 15:6 max size of aggergation */
1194 mgmt->u.action.u.addba_req.capab = cpu_to_le16(capab);
1196 mgmt->u.action.u.addba_req.timeout = cpu_to_le16(timeout);
1197 mgmt->u.action.u.addba_req.start_seq_num =
1198 cpu_to_le16(start_seq_num << 4);
1200 ieee80211_sta_tx(sdata, skb, 0);
1203 static void ieee80211_sta_process_addba_request(struct ieee80211_local *local,
1204 struct ieee80211_mgmt *mgmt,
1207 struct ieee80211_hw *hw = &local->hw;
1208 struct ieee80211_conf *conf = &hw->conf;
1209 struct sta_info *sta;
1210 struct tid_ampdu_rx *tid_agg_rx;
1211 u16 capab, tid, timeout, ba_policy, buf_size, start_seq_num, status;
1213 int ret = -EOPNOTSUPP;
1214 DECLARE_MAC_BUF(mac);
1218 sta = sta_info_get(local, mgmt->sa);
1224 /* extract session parameters from addba request frame */
1225 dialog_token = mgmt->u.action.u.addba_req.dialog_token;
1226 timeout = le16_to_cpu(mgmt->u.action.u.addba_req.timeout);
1228 le16_to_cpu(mgmt->u.action.u.addba_req.start_seq_num) >> 4;
1230 capab = le16_to_cpu(mgmt->u.action.u.addba_req.capab);
1231 ba_policy = (capab & IEEE80211_ADDBA_PARAM_POLICY_MASK) >> 1;
1232 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
1233 buf_size = (capab & IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK) >> 6;
1235 status = WLAN_STATUS_REQUEST_DECLINED;
1237 /* sanity check for incoming parameters:
1238 * check if configuration can support the BA policy
1239 * and if buffer size does not exceeds max value */
1240 if (((ba_policy != 1)
1241 && (!(conf->ht_conf.cap & IEEE80211_HT_CAP_DELAY_BA)))
1242 || (buf_size > IEEE80211_MAX_AMPDU_BUF)) {
1243 status = WLAN_STATUS_INVALID_QOS_PARAM;
1244 #ifdef CONFIG_MAC80211_HT_DEBUG
1245 if (net_ratelimit())
1246 printk(KERN_DEBUG "AddBA Req with bad params from "
1247 "%s on tid %u. policy %d, buffer size %d\n",
1248 print_mac(mac, mgmt->sa), tid, ba_policy,
1250 #endif /* CONFIG_MAC80211_HT_DEBUG */
1253 /* determine default buffer size */
1254 if (buf_size == 0) {
1255 struct ieee80211_supported_band *sband;
1257 sband = local->hw.wiphy->bands[conf->channel->band];
1258 buf_size = IEEE80211_MIN_AMPDU_BUF;
1259 buf_size = buf_size << sband->ht_info.ampdu_factor;
1263 /* examine state machine */
1264 spin_lock_bh(&sta->lock);
1266 if (sta->ampdu_mlme.tid_state_rx[tid] != HT_AGG_STATE_IDLE) {
1267 #ifdef CONFIG_MAC80211_HT_DEBUG
1268 if (net_ratelimit())
1269 printk(KERN_DEBUG "unexpected AddBA Req from "
1271 print_mac(mac, mgmt->sa), tid);
1272 #endif /* CONFIG_MAC80211_HT_DEBUG */
1276 /* prepare A-MPDU MLME for Rx aggregation */
1277 sta->ampdu_mlme.tid_rx[tid] =
1278 kmalloc(sizeof(struct tid_ampdu_rx), GFP_ATOMIC);
1279 if (!sta->ampdu_mlme.tid_rx[tid]) {
1280 #ifdef CONFIG_MAC80211_HT_DEBUG
1281 if (net_ratelimit())
1282 printk(KERN_ERR "allocate rx mlme to tid %d failed\n",
1288 sta->ampdu_mlme.tid_rx[tid]->session_timer.function =
1289 sta_rx_agg_session_timer_expired;
1290 sta->ampdu_mlme.tid_rx[tid]->session_timer.data =
1291 (unsigned long)&sta->timer_to_tid[tid];
1292 init_timer(&sta->ampdu_mlme.tid_rx[tid]->session_timer);
1294 tid_agg_rx = sta->ampdu_mlme.tid_rx[tid];
1296 /* prepare reordering buffer */
1297 tid_agg_rx->reorder_buf =
1298 kmalloc(buf_size * sizeof(struct sk_buff *), GFP_ATOMIC);
1299 if (!tid_agg_rx->reorder_buf) {
1300 #ifdef CONFIG_MAC80211_HT_DEBUG
1301 if (net_ratelimit())
1302 printk(KERN_ERR "can not allocate reordering buffer "
1303 "to tid %d\n", tid);
1305 kfree(sta->ampdu_mlme.tid_rx[tid]);
1308 memset(tid_agg_rx->reorder_buf, 0,
1309 buf_size * sizeof(struct sk_buff *));
1311 if (local->ops->ampdu_action)
1312 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_START,
1313 sta->addr, tid, &start_seq_num);
1314 #ifdef CONFIG_MAC80211_HT_DEBUG
1315 printk(KERN_DEBUG "Rx A-MPDU request on tid %d result %d\n", tid, ret);
1316 #endif /* CONFIG_MAC80211_HT_DEBUG */
1319 kfree(tid_agg_rx->reorder_buf);
1321 sta->ampdu_mlme.tid_rx[tid] = NULL;
1325 /* change state and send addba resp */
1326 sta->ampdu_mlme.tid_state_rx[tid] = HT_AGG_STATE_OPERATIONAL;
1327 tid_agg_rx->dialog_token = dialog_token;
1328 tid_agg_rx->ssn = start_seq_num;
1329 tid_agg_rx->head_seq_num = start_seq_num;
1330 tid_agg_rx->buf_size = buf_size;
1331 tid_agg_rx->timeout = timeout;
1332 tid_agg_rx->stored_mpdu_num = 0;
1333 status = WLAN_STATUS_SUCCESS;
1335 spin_unlock_bh(&sta->lock);
1338 ieee80211_send_addba_resp(sta->sdata, sta->addr, tid,
1339 dialog_token, status, 1, buf_size, timeout);
1343 static void ieee80211_sta_process_addba_resp(struct ieee80211_local *local,
1344 struct ieee80211_mgmt *mgmt,
1347 struct ieee80211_hw *hw = &local->hw;
1348 struct sta_info *sta;
1355 sta = sta_info_get(local, mgmt->sa);
1361 capab = le16_to_cpu(mgmt->u.action.u.addba_resp.capab);
1362 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
1364 state = &sta->ampdu_mlme.tid_state_tx[tid];
1366 spin_lock_bh(&sta->lock);
1368 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
1369 spin_unlock_bh(&sta->lock);
1370 goto addba_resp_exit;
1373 if (mgmt->u.action.u.addba_resp.dialog_token !=
1374 sta->ampdu_mlme.tid_tx[tid]->dialog_token) {
1375 spin_unlock_bh(&sta->lock);
1376 #ifdef CONFIG_MAC80211_HT_DEBUG
1377 printk(KERN_DEBUG "wrong addBA response token, tid %d\n", tid);
1378 #endif /* CONFIG_MAC80211_HT_DEBUG */
1379 goto addba_resp_exit;
1382 del_timer_sync(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
1383 #ifdef CONFIG_MAC80211_HT_DEBUG
1384 printk(KERN_DEBUG "switched off addBA timer for tid %d \n", tid);
1385 #endif /* CONFIG_MAC80211_HT_DEBUG */
1386 if (le16_to_cpu(mgmt->u.action.u.addba_resp.status)
1387 == WLAN_STATUS_SUCCESS) {
1388 *state |= HT_ADDBA_RECEIVED_MSK;
1389 sta->ampdu_mlme.addba_req_num[tid] = 0;
1391 if (*state == HT_AGG_STATE_OPERATIONAL)
1392 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]);
1394 spin_unlock_bh(&sta->lock);
1396 sta->ampdu_mlme.addba_req_num[tid]++;
1397 /* this will allow the state check in stop_BA_session */
1398 *state = HT_AGG_STATE_OPERATIONAL;
1399 spin_unlock_bh(&sta->lock);
1400 ieee80211_stop_tx_ba_session(hw, sta->addr, tid,
1401 WLAN_BACK_INITIATOR);
1408 void ieee80211_send_delba(struct ieee80211_sub_if_data *sdata, const u8 *da, u16 tid,
1409 u16 initiator, u16 reason_code)
1411 struct ieee80211_local *local = sdata->local;
1412 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
1413 struct sk_buff *skb;
1414 struct ieee80211_mgmt *mgmt;
1417 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
1420 printk(KERN_ERR "%s: failed to allocate buffer "
1421 "for delba frame\n", sdata->dev->name);
1425 skb_reserve(skb, local->hw.extra_tx_headroom);
1426 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
1427 memset(mgmt, 0, 24);
1428 memcpy(mgmt->da, da, ETH_ALEN);
1429 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
1430 if (sdata->vif.type == IEEE80211_IF_TYPE_AP)
1431 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN);
1433 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
1434 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1435 IEEE80211_STYPE_ACTION);
1437 skb_put(skb, 1 + sizeof(mgmt->u.action.u.delba));
1439 mgmt->u.action.category = WLAN_CATEGORY_BACK;
1440 mgmt->u.action.u.delba.action_code = WLAN_ACTION_DELBA;
1441 params = (u16)(initiator << 11); /* bit 11 initiator */
1442 params |= (u16)(tid << 12); /* bit 15:12 TID number */
1444 mgmt->u.action.u.delba.params = cpu_to_le16(params);
1445 mgmt->u.action.u.delba.reason_code = cpu_to_le16(reason_code);
1447 ieee80211_sta_tx(sdata, skb, 0);
1450 void ieee80211_send_bar(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid, u16 ssn)
1452 struct ieee80211_local *local = sdata->local;
1453 struct sk_buff *skb;
1454 struct ieee80211_bar *bar;
1455 u16 bar_control = 0;
1457 skb = dev_alloc_skb(sizeof(*bar) + local->hw.extra_tx_headroom);
1459 printk(KERN_ERR "%s: failed to allocate buffer for "
1460 "bar frame\n", sdata->dev->name);
1463 skb_reserve(skb, local->hw.extra_tx_headroom);
1464 bar = (struct ieee80211_bar *)skb_put(skb, sizeof(*bar));
1465 memset(bar, 0, sizeof(*bar));
1466 bar->frame_control = cpu_to_le16(IEEE80211_FTYPE_CTL |
1467 IEEE80211_STYPE_BACK_REQ);
1468 memcpy(bar->ra, ra, ETH_ALEN);
1469 memcpy(bar->ta, sdata->dev->dev_addr, ETH_ALEN);
1470 bar_control |= (u16)IEEE80211_BAR_CTRL_ACK_POLICY_NORMAL;
1471 bar_control |= (u16)IEEE80211_BAR_CTRL_CBMTID_COMPRESSED_BA;
1472 bar_control |= (u16)(tid << 12);
1473 bar->control = cpu_to_le16(bar_control);
1474 bar->start_seq_num = cpu_to_le16(ssn);
1476 ieee80211_sta_tx(sdata, skb, 0);
1479 void ieee80211_sta_stop_rx_ba_session(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid,
1480 u16 initiator, u16 reason)
1482 struct ieee80211_local *local = sdata->local;
1483 struct ieee80211_hw *hw = &local->hw;
1484 struct sta_info *sta;
1486 DECLARE_MAC_BUF(mac);
1490 sta = sta_info_get(local, ra);
1496 /* check if TID is in operational state */
1497 spin_lock_bh(&sta->lock);
1498 if (sta->ampdu_mlme.tid_state_rx[tid]
1499 != HT_AGG_STATE_OPERATIONAL) {
1500 spin_unlock_bh(&sta->lock);
1504 sta->ampdu_mlme.tid_state_rx[tid] =
1505 HT_AGG_STATE_REQ_STOP_BA_MSK |
1506 (initiator << HT_AGG_STATE_INITIATOR_SHIFT);
1507 spin_unlock_bh(&sta->lock);
1509 /* stop HW Rx aggregation. ampdu_action existence
1510 * already verified in session init so we add the BUG_ON */
1511 BUG_ON(!local->ops->ampdu_action);
1513 #ifdef CONFIG_MAC80211_HT_DEBUG
1514 printk(KERN_DEBUG "Rx BA session stop requested for %s tid %u\n",
1515 print_mac(mac, ra), tid);
1516 #endif /* CONFIG_MAC80211_HT_DEBUG */
1518 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_STOP,
1521 printk(KERN_DEBUG "HW problem - can not stop rx "
1522 "aggregation for tid %d\n", tid);
1524 /* shutdown timer has not expired */
1525 if (initiator != WLAN_BACK_TIMER)
1526 del_timer_sync(&sta->ampdu_mlme.tid_rx[tid]->session_timer);
1528 /* check if this is a self generated aggregation halt */
1529 if (initiator == WLAN_BACK_RECIPIENT || initiator == WLAN_BACK_TIMER)
1530 ieee80211_send_delba(sdata, ra, tid, 0, reason);
1532 /* free the reordering buffer */
1533 for (i = 0; i < sta->ampdu_mlme.tid_rx[tid]->buf_size; i++) {
1534 if (sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i]) {
1535 /* release the reordered frames */
1536 dev_kfree_skb(sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i]);
1537 sta->ampdu_mlme.tid_rx[tid]->stored_mpdu_num--;
1538 sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i] = NULL;
1541 /* free resources */
1542 kfree(sta->ampdu_mlme.tid_rx[tid]->reorder_buf);
1543 kfree(sta->ampdu_mlme.tid_rx[tid]);
1544 sta->ampdu_mlme.tid_rx[tid] = NULL;
1545 sta->ampdu_mlme.tid_state_rx[tid] = HT_AGG_STATE_IDLE;
1551 static void ieee80211_sta_process_delba(struct ieee80211_sub_if_data *sdata,
1552 struct ieee80211_mgmt *mgmt, size_t len)
1554 struct ieee80211_local *local = sdata->local;
1555 struct sta_info *sta;
1558 DECLARE_MAC_BUF(mac);
1562 sta = sta_info_get(local, mgmt->sa);
1568 params = le16_to_cpu(mgmt->u.action.u.delba.params);
1569 tid = (params & IEEE80211_DELBA_PARAM_TID_MASK) >> 12;
1570 initiator = (params & IEEE80211_DELBA_PARAM_INITIATOR_MASK) >> 11;
1572 #ifdef CONFIG_MAC80211_HT_DEBUG
1573 if (net_ratelimit())
1574 printk(KERN_DEBUG "delba from %s (%s) tid %d reason code %d\n",
1575 print_mac(mac, mgmt->sa),
1576 initiator ? "initiator" : "recipient", tid,
1577 mgmt->u.action.u.delba.reason_code);
1578 #endif /* CONFIG_MAC80211_HT_DEBUG */
1580 if (initiator == WLAN_BACK_INITIATOR)
1581 ieee80211_sta_stop_rx_ba_session(sdata, sta->addr, tid,
1582 WLAN_BACK_INITIATOR, 0);
1583 else { /* WLAN_BACK_RECIPIENT */
1584 spin_lock_bh(&sta->lock);
1585 sta->ampdu_mlme.tid_state_tx[tid] =
1586 HT_AGG_STATE_OPERATIONAL;
1587 spin_unlock_bh(&sta->lock);
1588 ieee80211_stop_tx_ba_session(&local->hw, sta->addr, tid,
1589 WLAN_BACK_RECIPIENT);
1595 * After sending add Block Ack request we activated a timer until
1596 * add Block Ack response will arrive from the recipient.
1597 * If this timer expires sta_addba_resp_timer_expired will be executed.
1599 void sta_addba_resp_timer_expired(unsigned long data)
1601 /* not an elegant detour, but there is no choice as the timer passes
1602 * only one argument, and both sta_info and TID are needed, so init
1603 * flow in sta_info_create gives the TID as data, while the timer_to_id
1604 * array gives the sta through container_of */
1605 u16 tid = *(u8 *)data;
1606 struct sta_info *temp_sta = container_of((void *)data,
1607 struct sta_info, timer_to_tid[tid]);
1609 struct ieee80211_local *local = temp_sta->local;
1610 struct ieee80211_hw *hw = &local->hw;
1611 struct sta_info *sta;
1616 sta = sta_info_get(local, temp_sta->addr);
1622 state = &sta->ampdu_mlme.tid_state_tx[tid];
1623 /* check if the TID waits for addBA response */
1624 spin_lock_bh(&sta->lock);
1625 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
1626 spin_unlock_bh(&sta->lock);
1627 *state = HT_AGG_STATE_IDLE;
1628 #ifdef CONFIG_MAC80211_HT_DEBUG
1629 printk(KERN_DEBUG "timer expired on tid %d but we are not "
1630 "expecting addBA response there", tid);
1632 goto timer_expired_exit;
1635 #ifdef CONFIG_MAC80211_HT_DEBUG
1636 printk(KERN_DEBUG "addBA response timer expired on tid %d\n", tid);
1639 /* go through the state check in stop_BA_session */
1640 *state = HT_AGG_STATE_OPERATIONAL;
1641 spin_unlock_bh(&sta->lock);
1642 ieee80211_stop_tx_ba_session(hw, temp_sta->addr, tid,
1643 WLAN_BACK_INITIATOR);
1650 * After accepting the AddBA Request we activated a timer,
1651 * resetting it after each frame that arrives from the originator.
1652 * if this timer expires ieee80211_sta_stop_rx_ba_session will be executed.
1654 static void sta_rx_agg_session_timer_expired(unsigned long data)
1656 /* not an elegant detour, but there is no choice as the timer passes
1657 * only one argument, and various sta_info are needed here, so init
1658 * flow in sta_info_create gives the TID as data, while the timer_to_id
1659 * array gives the sta through container_of */
1660 u8 *ptid = (u8 *)data;
1661 u8 *timer_to_id = ptid - *ptid;
1662 struct sta_info *sta = container_of(timer_to_id, struct sta_info,
1665 #ifdef CONFIG_MAC80211_HT_DEBUG
1666 printk(KERN_DEBUG "rx session timer expired on tid %d\n", (u16)*ptid);
1668 ieee80211_sta_stop_rx_ba_session(sta->sdata, sta->addr,
1669 (u16)*ptid, WLAN_BACK_TIMER,
1670 WLAN_REASON_QSTA_TIMEOUT);
1673 void ieee80211_sta_tear_down_BA_sessions(struct ieee80211_sub_if_data *sdata, u8 *addr)
1675 struct ieee80211_local *local = sdata->local;
1678 for (i = 0; i < STA_TID_NUM; i++) {
1679 ieee80211_stop_tx_ba_session(&local->hw, addr, i,
1680 WLAN_BACK_INITIATOR);
1681 ieee80211_sta_stop_rx_ba_session(sdata, addr, i,
1682 WLAN_BACK_RECIPIENT,
1683 WLAN_REASON_QSTA_LEAVE_QBSS);
1687 static void ieee80211_send_refuse_measurement_request(struct ieee80211_sub_if_data *sdata,
1688 struct ieee80211_msrment_ie *request_ie,
1689 const u8 *da, const u8 *bssid,
1692 struct ieee80211_local *local = sdata->local;
1693 struct sk_buff *skb;
1694 struct ieee80211_mgmt *msr_report;
1696 skb = dev_alloc_skb(sizeof(*msr_report) + local->hw.extra_tx_headroom +
1697 sizeof(struct ieee80211_msrment_ie));
1700 printk(KERN_ERR "%s: failed to allocate buffer for "
1701 "measurement report frame\n", sdata->dev->name);
1705 skb_reserve(skb, local->hw.extra_tx_headroom);
1706 msr_report = (struct ieee80211_mgmt *)skb_put(skb, 24);
1707 memset(msr_report, 0, 24);
1708 memcpy(msr_report->da, da, ETH_ALEN);
1709 memcpy(msr_report->sa, sdata->dev->dev_addr, ETH_ALEN);
1710 memcpy(msr_report->bssid, bssid, ETH_ALEN);
1711 msr_report->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1712 IEEE80211_STYPE_ACTION);
1714 skb_put(skb, 1 + sizeof(msr_report->u.action.u.measurement));
1715 msr_report->u.action.category = WLAN_CATEGORY_SPECTRUM_MGMT;
1716 msr_report->u.action.u.measurement.action_code =
1717 WLAN_ACTION_SPCT_MSR_RPRT;
1718 msr_report->u.action.u.measurement.dialog_token = dialog_token;
1720 msr_report->u.action.u.measurement.element_id = WLAN_EID_MEASURE_REPORT;
1721 msr_report->u.action.u.measurement.length =
1722 sizeof(struct ieee80211_msrment_ie);
1724 memset(&msr_report->u.action.u.measurement.msr_elem, 0,
1725 sizeof(struct ieee80211_msrment_ie));
1726 msr_report->u.action.u.measurement.msr_elem.token = request_ie->token;
1727 msr_report->u.action.u.measurement.msr_elem.mode |=
1728 IEEE80211_SPCT_MSR_RPRT_MODE_REFUSED;
1729 msr_report->u.action.u.measurement.msr_elem.type = request_ie->type;
1731 ieee80211_sta_tx(sdata, skb, 0);
1734 static void ieee80211_sta_process_measurement_req(struct ieee80211_sub_if_data *sdata,
1735 struct ieee80211_mgmt *mgmt,
1739 * Ignoring measurement request is spec violation.
1740 * Mandatory measurements must be reported optional
1741 * measurements might be refused or reported incapable
1742 * For now just refuse
1743 * TODO: Answer basic measurement as unmeasured
1745 ieee80211_send_refuse_measurement_request(sdata,
1746 &mgmt->u.action.u.measurement.msr_elem,
1747 mgmt->sa, mgmt->bssid,
1748 mgmt->u.action.u.measurement.dialog_token);
1752 static void ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata,
1753 struct ieee80211_if_sta *ifsta,
1754 struct ieee80211_mgmt *mgmt,
1757 u16 auth_alg, auth_transaction, status_code;
1758 DECLARE_MAC_BUF(mac);
1760 if (ifsta->state != IEEE80211_STA_MLME_AUTHENTICATE &&
1761 sdata->vif.type != IEEE80211_IF_TYPE_IBSS)
1767 if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
1768 memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0)
1771 if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
1772 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0)
1775 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
1776 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
1777 status_code = le16_to_cpu(mgmt->u.auth.status_code);
1779 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS) {
1781 * IEEE 802.11 standard does not require authentication in IBSS
1782 * networks and most implementations do not seem to use it.
1783 * However, try to reply to authentication attempts if someone
1784 * has actually implemented this.
1786 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1)
1788 ieee80211_send_auth(sdata, ifsta, 2, NULL, 0, 0);
1791 if (auth_alg != ifsta->auth_alg ||
1792 auth_transaction != ifsta->auth_transaction)
1795 if (status_code != WLAN_STATUS_SUCCESS) {
1796 if (status_code == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) {
1798 const int num_algs = ARRAY_SIZE(algs);
1800 algs[0] = algs[1] = algs[2] = 0xff;
1801 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN)
1802 algs[0] = WLAN_AUTH_OPEN;
1803 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
1804 algs[1] = WLAN_AUTH_SHARED_KEY;
1805 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP)
1806 algs[2] = WLAN_AUTH_LEAP;
1807 if (ifsta->auth_alg == WLAN_AUTH_OPEN)
1809 else if (ifsta->auth_alg == WLAN_AUTH_SHARED_KEY)
1813 for (i = 0; i < num_algs; i++) {
1815 if (pos >= num_algs)
1817 if (algs[pos] == ifsta->auth_alg ||
1820 if (algs[pos] == WLAN_AUTH_SHARED_KEY &&
1821 !ieee80211_sta_wep_configured(sdata))
1823 ifsta->auth_alg = algs[pos];
1830 switch (ifsta->auth_alg) {
1831 case WLAN_AUTH_OPEN:
1832 case WLAN_AUTH_LEAP:
1833 ieee80211_auth_completed(sdata, ifsta);
1835 case WLAN_AUTH_SHARED_KEY:
1836 if (ifsta->auth_transaction == 4)
1837 ieee80211_auth_completed(sdata, ifsta);
1839 ieee80211_auth_challenge(sdata, ifsta, mgmt, len);
1845 static void ieee80211_rx_mgmt_deauth(struct ieee80211_sub_if_data *sdata,
1846 struct ieee80211_if_sta *ifsta,
1847 struct ieee80211_mgmt *mgmt,
1851 DECLARE_MAC_BUF(mac);
1856 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN))
1859 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code);
1861 if (ifsta->flags & IEEE80211_STA_AUTHENTICATED)
1862 printk(KERN_DEBUG "%s: deauthenticated\n", sdata->dev->name);
1864 if (ifsta->state == IEEE80211_STA_MLME_AUTHENTICATE ||
1865 ifsta->state == IEEE80211_STA_MLME_ASSOCIATE ||
1866 ifsta->state == IEEE80211_STA_MLME_ASSOCIATED) {
1867 ifsta->state = IEEE80211_STA_MLME_DIRECT_PROBE;
1868 mod_timer(&ifsta->timer, jiffies +
1869 IEEE80211_RETRY_AUTH_INTERVAL);
1872 ieee80211_set_disassoc(sdata, ifsta, true, false, 0);
1873 ifsta->flags &= ~IEEE80211_STA_AUTHENTICATED;
1877 static void ieee80211_rx_mgmt_disassoc(struct ieee80211_sub_if_data *sdata,
1878 struct ieee80211_if_sta *ifsta,
1879 struct ieee80211_mgmt *mgmt,
1883 DECLARE_MAC_BUF(mac);
1888 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN))
1891 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
1893 if (ifsta->flags & IEEE80211_STA_ASSOCIATED)
1894 printk(KERN_DEBUG "%s: disassociated\n", sdata->dev->name);
1896 if (ifsta->state == IEEE80211_STA_MLME_ASSOCIATED) {
1897 ifsta->state = IEEE80211_STA_MLME_ASSOCIATE;
1898 mod_timer(&ifsta->timer, jiffies +
1899 IEEE80211_RETRY_AUTH_INTERVAL);
1902 ieee80211_set_disassoc(sdata, ifsta, false, false, 0);
1906 static void ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata,
1907 struct ieee80211_if_sta *ifsta,
1908 struct ieee80211_mgmt *mgmt,
1912 struct ieee80211_local *local = sdata->local;
1913 struct ieee80211_supported_band *sband;
1914 struct sta_info *sta;
1915 u64 rates, basic_rates;
1916 u16 capab_info, status_code, aid;
1917 struct ieee802_11_elems elems;
1918 struct ieee80211_bss_conf *bss_conf = &sdata->bss_conf;
1921 DECLARE_MAC_BUF(mac);
1922 bool have_higher_than_11mbit = false;
1924 /* AssocResp and ReassocResp have identical structure, so process both
1925 * of them in this function. */
1927 if (ifsta->state != IEEE80211_STA_MLME_ASSOCIATE)
1933 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0)
1936 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
1937 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code);
1938 aid = le16_to_cpu(mgmt->u.assoc_resp.aid);
1940 printk(KERN_DEBUG "%s: RX %sssocResp from %s (capab=0x%x "
1941 "status=%d aid=%d)\n",
1942 sdata->dev->name, reassoc ? "Rea" : "A", print_mac(mac, mgmt->sa),
1943 capab_info, status_code, (u16)(aid & ~(BIT(15) | BIT(14))));
1945 if (status_code != WLAN_STATUS_SUCCESS) {
1946 printk(KERN_DEBUG "%s: AP denied association (code=%d)\n",
1947 sdata->dev->name, status_code);
1948 /* if this was a reassociation, ensure we try a "full"
1949 * association next time. This works around some broken APs
1950 * which do not correctly reject reassociation requests. */
1951 ifsta->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
1955 if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14)))
1956 printk(KERN_DEBUG "%s: invalid aid value %d; bits 15:14 not "
1957 "set\n", sdata->dev->name, aid);
1958 aid &= ~(BIT(15) | BIT(14));
1960 pos = mgmt->u.assoc_resp.variable;
1961 ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems);
1963 if (!elems.supp_rates) {
1964 printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n",
1969 printk(KERN_DEBUG "%s: associated\n", sdata->dev->name);
1971 ifsta->ap_capab = capab_info;
1973 kfree(ifsta->assocresp_ies);
1974 ifsta->assocresp_ies_len = len - (pos - (u8 *) mgmt);
1975 ifsta->assocresp_ies = kmalloc(ifsta->assocresp_ies_len, GFP_KERNEL);
1976 if (ifsta->assocresp_ies)
1977 memcpy(ifsta->assocresp_ies, pos, ifsta->assocresp_ies_len);
1981 /* Add STA entry for the AP */
1982 sta = sta_info_get(local, ifsta->bssid);
1984 struct ieee80211_sta_bss *bss;
1987 sta = sta_info_alloc(sdata, ifsta->bssid, GFP_ATOMIC);
1989 printk(KERN_DEBUG "%s: failed to alloc STA entry for"
1990 " the AP\n", sdata->dev->name);
1994 bss = ieee80211_rx_bss_get(local, ifsta->bssid,
1995 local->hw.conf.channel->center_freq,
1996 ifsta->ssid, ifsta->ssid_len);
1998 sta->last_signal = bss->signal;
1999 sta->last_qual = bss->qual;
2000 sta->last_noise = bss->noise;
2001 ieee80211_rx_bss_put(local, bss);
2004 err = sta_info_insert(sta);
2006 printk(KERN_DEBUG "%s: failed to insert STA entry for"
2007 " the AP (error %d)\n", sdata->dev->name, err);
2011 /* update new sta with its last rx activity */
2012 sta->last_rx = jiffies;
2016 * FIXME: Do we really need to update the sta_info's information here?
2017 * We already know about the AP (we found it in our list) so it
2018 * should already be filled with the right info, no?
2019 * As is stands, all this is racy because typically we assume
2020 * the information that is filled in here (except flags) doesn't
2021 * change while a STA structure is alive. As such, it should move
2022 * to between the sta_info_alloc() and sta_info_insert() above.
2025 set_sta_flags(sta, WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_AP |
2026 WLAN_STA_AUTHORIZED);
2030 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2032 for (i = 0; i < elems.supp_rates_len; i++) {
2033 int rate = (elems.supp_rates[i] & 0x7f) * 5;
2036 have_higher_than_11mbit = true;
2038 for (j = 0; j < sband->n_bitrates; j++) {
2039 if (sband->bitrates[j].bitrate == rate)
2041 if (elems.supp_rates[i] & 0x80)
2042 basic_rates |= BIT(j);
2046 for (i = 0; i < elems.ext_supp_rates_len; i++) {
2047 int rate = (elems.ext_supp_rates[i] & 0x7f) * 5;
2050 have_higher_than_11mbit = true;
2052 for (j = 0; j < sband->n_bitrates; j++) {
2053 if (sband->bitrates[j].bitrate == rate)
2055 if (elems.ext_supp_rates[i] & 0x80)
2056 basic_rates |= BIT(j);
2060 sta->supp_rates[local->hw.conf.channel->band] = rates;
2061 sdata->basic_rates = basic_rates;
2063 /* cf. IEEE 802.11 9.2.12 */
2064 if (local->hw.conf.channel->band == IEEE80211_BAND_2GHZ &&
2065 have_higher_than_11mbit)
2066 sdata->flags |= IEEE80211_SDATA_OPERATING_GMODE;
2068 sdata->flags &= ~IEEE80211_SDATA_OPERATING_GMODE;
2070 if (elems.ht_cap_elem && elems.ht_info_elem && elems.wmm_param &&
2071 (ifsta->flags & IEEE80211_STA_WMM_ENABLED)) {
2072 struct ieee80211_ht_bss_info bss_info;
2073 ieee80211_ht_cap_ie_to_ht_info(
2074 (struct ieee80211_ht_cap *)
2075 elems.ht_cap_elem, &sta->ht_info);
2076 ieee80211_ht_addt_info_ie_to_ht_bss_info(
2077 (struct ieee80211_ht_addt_info *)
2078 elems.ht_info_elem, &bss_info);
2079 ieee80211_handle_ht(local, 1, &sta->ht_info, &bss_info);
2082 rate_control_rate_init(sta, local);
2084 if (elems.wmm_param) {
2085 set_sta_flags(sta, WLAN_STA_WME);
2087 ieee80211_sta_wmm_params(local, ifsta, elems.wmm_param,
2088 elems.wmm_param_len);
2092 /* set AID and assoc capability,
2093 * ieee80211_set_associated() will tell the driver */
2094 bss_conf->aid = aid;
2095 bss_conf->assoc_capability = capab_info;
2096 ieee80211_set_associated(sdata, ifsta);
2098 ieee80211_associated(sdata, ifsta);
2102 /* Caller must hold local->sta_bss_lock */
2103 static void __ieee80211_rx_bss_hash_add(struct ieee80211_local *local,
2104 struct ieee80211_sta_bss *bss)
2108 if (bss_mesh_cfg(bss))
2109 hash_idx = mesh_id_hash(bss_mesh_id(bss),
2110 bss_mesh_id_len(bss));
2112 hash_idx = STA_HASH(bss->bssid);
2114 bss->hnext = local->sta_bss_hash[hash_idx];
2115 local->sta_bss_hash[hash_idx] = bss;
2119 /* Caller must hold local->sta_bss_lock */
2120 static void __ieee80211_rx_bss_hash_del(struct ieee80211_local *local,
2121 struct ieee80211_sta_bss *bss)
2123 struct ieee80211_sta_bss *b, *prev = NULL;
2124 b = local->sta_bss_hash[STA_HASH(bss->bssid)];
2128 local->sta_bss_hash[STA_HASH(bss->bssid)] =
2131 prev->hnext = bss->hnext;
2140 static struct ieee80211_sta_bss *
2141 ieee80211_rx_bss_add(struct ieee80211_sub_if_data *sdata, u8 *bssid, int freq,
2142 u8 *ssid, u8 ssid_len)
2144 struct ieee80211_local *local = sdata->local;
2145 struct ieee80211_sta_bss *bss;
2147 bss = kzalloc(sizeof(*bss), GFP_ATOMIC);
2150 atomic_inc(&bss->users);
2151 atomic_inc(&bss->users);
2152 memcpy(bss->bssid, bssid, ETH_ALEN);
2154 if (ssid && ssid_len <= IEEE80211_MAX_SSID_LEN) {
2155 memcpy(bss->ssid, ssid, ssid_len);
2156 bss->ssid_len = ssid_len;
2159 spin_lock_bh(&local->sta_bss_lock);
2160 /* TODO: order by RSSI? */
2161 list_add_tail(&bss->list, &local->sta_bss_list);
2162 __ieee80211_rx_bss_hash_add(local, bss);
2163 spin_unlock_bh(&local->sta_bss_lock);
2167 static struct ieee80211_sta_bss *
2168 ieee80211_rx_bss_get(struct ieee80211_local *local, u8 *bssid, int freq,
2169 u8 *ssid, u8 ssid_len)
2171 struct ieee80211_sta_bss *bss;
2173 spin_lock_bh(&local->sta_bss_lock);
2174 bss = local->sta_bss_hash[STA_HASH(bssid)];
2176 if (!bss_mesh_cfg(bss) &&
2177 !memcmp(bss->bssid, bssid, ETH_ALEN) &&
2178 bss->freq == freq &&
2179 bss->ssid_len == ssid_len &&
2180 (ssid_len == 0 || !memcmp(bss->ssid, ssid, ssid_len))) {
2181 atomic_inc(&bss->users);
2186 spin_unlock_bh(&local->sta_bss_lock);
2190 #ifdef CONFIG_MAC80211_MESH
2191 static struct ieee80211_sta_bss *
2192 ieee80211_rx_mesh_bss_get(struct ieee80211_local *local, u8 *mesh_id, int mesh_id_len,
2193 u8 *mesh_cfg, int freq)
2195 struct ieee80211_sta_bss *bss;
2197 spin_lock_bh(&local->sta_bss_lock);
2198 bss = local->sta_bss_hash[mesh_id_hash(mesh_id, mesh_id_len)];
2200 if (bss_mesh_cfg(bss) &&
2201 !memcmp(bss_mesh_cfg(bss), mesh_cfg, MESH_CFG_CMP_LEN) &&
2202 bss->freq == freq &&
2203 mesh_id_len == bss->mesh_id_len &&
2204 (mesh_id_len == 0 || !memcmp(bss->mesh_id, mesh_id,
2206 atomic_inc(&bss->users);
2211 spin_unlock_bh(&local->sta_bss_lock);
2215 static struct ieee80211_sta_bss *
2216 ieee80211_rx_mesh_bss_add(struct ieee80211_local *local, u8 *mesh_id, int mesh_id_len,
2217 u8 *mesh_cfg, int mesh_config_len, int freq)
2219 struct ieee80211_sta_bss *bss;
2221 if (mesh_config_len != MESH_CFG_LEN)
2224 bss = kzalloc(sizeof(*bss), GFP_ATOMIC);
2228 bss->mesh_cfg = kmalloc(MESH_CFG_CMP_LEN, GFP_ATOMIC);
2229 if (!bss->mesh_cfg) {
2234 if (mesh_id_len && mesh_id_len <= IEEE80211_MAX_MESH_ID_LEN) {
2235 bss->mesh_id = kmalloc(mesh_id_len, GFP_ATOMIC);
2236 if (!bss->mesh_id) {
2237 kfree(bss->mesh_cfg);
2241 memcpy(bss->mesh_id, mesh_id, mesh_id_len);
2244 atomic_inc(&bss->users);
2245 atomic_inc(&bss->users);
2246 memcpy(bss->mesh_cfg, mesh_cfg, MESH_CFG_CMP_LEN);
2247 bss->mesh_id_len = mesh_id_len;
2249 spin_lock_bh(&local->sta_bss_lock);
2250 /* TODO: order by RSSI? */
2251 list_add_tail(&bss->list, &local->sta_bss_list);
2252 __ieee80211_rx_bss_hash_add(local, bss);
2253 spin_unlock_bh(&local->sta_bss_lock);
2258 static void ieee80211_rx_bss_free(struct ieee80211_sta_bss *bss)
2261 kfree(bss_mesh_id(bss));
2262 kfree(bss_mesh_cfg(bss));
2267 static void ieee80211_rx_bss_put(struct ieee80211_local *local,
2268 struct ieee80211_sta_bss *bss)
2271 if (!atomic_dec_and_lock(&bss->users, &local->sta_bss_lock)) {
2276 __ieee80211_rx_bss_hash_del(local, bss);
2277 list_del(&bss->list);
2278 spin_unlock_bh(&local->sta_bss_lock);
2279 ieee80211_rx_bss_free(bss);
2283 void ieee80211_rx_bss_list_init(struct ieee80211_local *local)
2285 spin_lock_init(&local->sta_bss_lock);
2286 INIT_LIST_HEAD(&local->sta_bss_list);
2290 void ieee80211_rx_bss_list_deinit(struct ieee80211_local *local)
2292 struct ieee80211_sta_bss *bss, *tmp;
2294 list_for_each_entry_safe(bss, tmp, &local->sta_bss_list, list)
2295 ieee80211_rx_bss_put(local, bss);
2299 static int ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
2300 struct ieee80211_if_sta *ifsta,
2301 struct ieee80211_sta_bss *bss)
2303 struct ieee80211_local *local = sdata->local;
2304 int res, rates, i, j;
2305 struct sk_buff *skb;
2306 struct ieee80211_mgmt *mgmt;
2308 struct ieee80211_supported_band *sband;
2309 union iwreq_data wrqu;
2311 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2313 /* Remove possible STA entries from other IBSS networks. */
2314 sta_info_flush_delayed(sdata);
2316 if (local->ops->reset_tsf) {
2317 /* Reset own TSF to allow time synchronization work. */
2318 local->ops->reset_tsf(local_to_hw(local));
2320 memcpy(ifsta->bssid, bss->bssid, ETH_ALEN);
2321 res = ieee80211_if_config(sdata, IEEE80211_IFCC_BSSID);
2325 local->hw.conf.beacon_int = bss->beacon_int >= 10 ? bss->beacon_int : 10;
2327 sdata->drop_unencrypted = bss->capability &
2328 WLAN_CAPABILITY_PRIVACY ? 1 : 0;
2330 res = ieee80211_set_freq(sdata, bss->freq);
2335 /* Build IBSS probe response */
2336 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400);
2338 skb_reserve(skb, local->hw.extra_tx_headroom);
2340 mgmt = (struct ieee80211_mgmt *)
2341 skb_put(skb, 24 + sizeof(mgmt->u.beacon));
2342 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon));
2343 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
2344 IEEE80211_STYPE_PROBE_RESP);
2345 memset(mgmt->da, 0xff, ETH_ALEN);
2346 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
2347 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
2348 mgmt->u.beacon.beacon_int =
2349 cpu_to_le16(local->hw.conf.beacon_int);
2350 mgmt->u.beacon.timestamp = cpu_to_le64(bss->timestamp);
2351 mgmt->u.beacon.capab_info = cpu_to_le16(bss->capability);
2353 pos = skb_put(skb, 2 + ifsta->ssid_len);
2354 *pos++ = WLAN_EID_SSID;
2355 *pos++ = ifsta->ssid_len;
2356 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
2358 rates = bss->supp_rates_len;
2361 pos = skb_put(skb, 2 + rates);
2362 *pos++ = WLAN_EID_SUPP_RATES;
2364 memcpy(pos, bss->supp_rates, rates);
2366 if (bss->band == IEEE80211_BAND_2GHZ) {
2367 pos = skb_put(skb, 2 + 1);
2368 *pos++ = WLAN_EID_DS_PARAMS;
2370 *pos++ = ieee80211_frequency_to_channel(bss->freq);
2373 pos = skb_put(skb, 2 + 2);
2374 *pos++ = WLAN_EID_IBSS_PARAMS;
2376 /* FIX: set ATIM window based on scan results */
2380 if (bss->supp_rates_len > 8) {
2381 rates = bss->supp_rates_len - 8;
2382 pos = skb_put(skb, 2 + rates);
2383 *pos++ = WLAN_EID_EXT_SUPP_RATES;
2385 memcpy(pos, &bss->supp_rates[8], rates);
2388 ifsta->probe_resp = skb;
2390 ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON);
2394 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2395 for (i = 0; i < bss->supp_rates_len; i++) {
2396 int bitrate = (bss->supp_rates[i] & 0x7f) * 5;
2397 for (j = 0; j < sband->n_bitrates; j++)
2398 if (sband->bitrates[j].bitrate == bitrate)
2401 ifsta->supp_rates_bits[local->hw.conf.channel->band] = rates;
2403 ieee80211_sta_def_wmm_params(sdata, bss, 1);
2405 ifsta->state = IEEE80211_STA_MLME_IBSS_JOINED;
2406 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
2408 memset(&wrqu, 0, sizeof(wrqu));
2409 memcpy(wrqu.ap_addr.sa_data, bss->bssid, ETH_ALEN);
2410 wireless_send_event(sdata->dev, SIOCGIWAP, &wrqu, NULL);
2415 u64 ieee80211_sta_get_rates(struct ieee80211_local *local,
2416 struct ieee802_11_elems *elems,
2417 enum ieee80211_band band)
2419 struct ieee80211_supported_band *sband;
2420 struct ieee80211_rate *bitrates;
2424 sband = local->hw.wiphy->bands[band];
2428 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2431 bitrates = sband->bitrates;
2432 num_rates = sband->n_bitrates;
2434 for (i = 0; i < elems->supp_rates_len +
2435 elems->ext_supp_rates_len; i++) {
2438 if (i < elems->supp_rates_len)
2439 rate = elems->supp_rates[i];
2440 else if (elems->ext_supp_rates)
2441 rate = elems->ext_supp_rates
2442 [i - elems->supp_rates_len];
2443 own_rate = 5 * (rate & 0x7f);
2444 for (j = 0; j < num_rates; j++)
2445 if (bitrates[j].bitrate == own_rate)
2446 supp_rates |= BIT(j);
2451 static u64 ieee80211_sta_get_mandatory_rates(struct ieee80211_local *local,
2452 enum ieee80211_band band)
2454 struct ieee80211_supported_band *sband;
2455 struct ieee80211_rate *bitrates;
2456 u64 mandatory_rates;
2457 enum ieee80211_rate_flags mandatory_flag;
2460 sband = local->hw.wiphy->bands[band];
2463 sband = local->hw.wiphy->bands[local->hw.conf.channel->band];
2466 if (band == IEEE80211_BAND_2GHZ)
2467 mandatory_flag = IEEE80211_RATE_MANDATORY_B;
2469 mandatory_flag = IEEE80211_RATE_MANDATORY_A;
2471 bitrates = sband->bitrates;
2472 mandatory_rates = 0;
2473 for (i = 0; i < sband->n_bitrates; i++)
2474 if (bitrates[i].flags & mandatory_flag)
2475 mandatory_rates |= BIT(i);
2476 return mandatory_rates;
2479 static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
2480 struct ieee80211_mgmt *mgmt,
2482 struct ieee80211_rx_status *rx_status,
2483 struct ieee802_11_elems *elems)
2485 struct ieee80211_local *local = sdata->local;
2487 struct ieee80211_sta_bss *bss;
2488 struct sta_info *sta;
2489 struct ieee80211_channel *channel;
2490 u64 beacon_timestamp, rx_timestamp;
2492 bool beacon = ieee80211_is_beacon(mgmt->frame_control);
2493 enum ieee80211_band band = rx_status->band;
2494 DECLARE_MAC_BUF(mac);
2495 DECLARE_MAC_BUF(mac2);
2497 if (elems->ds_params && elems->ds_params_len == 1)
2498 freq = ieee80211_channel_to_frequency(elems->ds_params[0]);
2500 freq = rx_status->freq;
2502 channel = ieee80211_get_channel(local->hw.wiphy, freq);
2504 if (!channel || channel->flags & IEEE80211_CHAN_DISABLED)
2507 if (ieee80211_vif_is_mesh(&sdata->vif) && elems->mesh_id &&
2508 elems->mesh_config && mesh_matches_local(elems, sdata)) {
2509 supp_rates = ieee80211_sta_get_rates(local, elems, band);
2511 mesh_neighbour_update(mgmt->sa, supp_rates, sdata,
2512 mesh_peer_accepts_plinks(elems));
2515 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS && elems->supp_rates &&
2516 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0) {
2517 supp_rates = ieee80211_sta_get_rates(local, elems, band);
2521 sta = sta_info_get(local, mgmt->sa);
2525 prev_rates = sta->supp_rates[band];
2526 /* make sure mandatory rates are always added */
2527 sta->supp_rates[band] = supp_rates |
2528 ieee80211_sta_get_mandatory_rates(local, band);
2530 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2531 if (sta->supp_rates[band] != prev_rates)
2532 printk(KERN_DEBUG "%s: updated supp_rates set "
2533 "for %s based on beacon info (0x%llx | "
2534 "0x%llx -> 0x%llx)\n",
2535 sdata->dev->name, print_mac(mac, sta->addr),
2536 (unsigned long long) prev_rates,
2537 (unsigned long long) supp_rates,
2538 (unsigned long long) sta->supp_rates[band]);
2541 ieee80211_ibss_add_sta(sdata, NULL, mgmt->bssid,
2542 mgmt->sa, supp_rates);
2548 #ifdef CONFIG_MAC80211_MESH
2549 if (elems->mesh_config)
2550 bss = ieee80211_rx_mesh_bss_get(local, elems->mesh_id,
2551 elems->mesh_id_len, elems->mesh_config, freq);
2554 bss = ieee80211_rx_bss_get(local, mgmt->bssid, freq,
2555 elems->ssid, elems->ssid_len);
2557 #ifdef CONFIG_MAC80211_MESH
2558 if (elems->mesh_config)
2559 bss = ieee80211_rx_mesh_bss_add(local, elems->mesh_id,
2560 elems->mesh_id_len, elems->mesh_config,
2561 elems->mesh_config_len, freq);
2564 bss = ieee80211_rx_bss_add(sdata, mgmt->bssid, freq,
2565 elems->ssid, elems->ssid_len);
2570 /* TODO: order by RSSI? */
2571 spin_lock_bh(&local->sta_bss_lock);
2572 list_move_tail(&bss->list, &local->sta_bss_list);
2573 spin_unlock_bh(&local->sta_bss_lock);
2577 /* save the ERP value so that it is available at association time */
2578 if (elems->erp_info && elems->erp_info_len >= 1) {
2579 bss->erp_value = elems->erp_info[0];
2580 bss->has_erp_value = 1;
2583 bss->beacon_int = le16_to_cpu(mgmt->u.beacon.beacon_int);
2584 bss->capability = le16_to_cpu(mgmt->u.beacon.capab_info);
2587 struct ieee80211_tim_ie *tim_ie =
2588 (struct ieee80211_tim_ie *)elems->tim;
2589 bss->dtim_period = tim_ie->dtim_period;
2592 /* set default value for buggy APs */
2593 if (!elems->tim || bss->dtim_period == 0)
2594 bss->dtim_period = 1;
2596 bss->supp_rates_len = 0;
2597 if (elems->supp_rates) {
2598 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len;
2599 if (clen > elems->supp_rates_len)
2600 clen = elems->supp_rates_len;
2601 memcpy(&bss->supp_rates[bss->supp_rates_len], elems->supp_rates,
2603 bss->supp_rates_len += clen;
2605 if (elems->ext_supp_rates) {
2606 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len;
2607 if (clen > elems->ext_supp_rates_len)
2608 clen = elems->ext_supp_rates_len;
2609 memcpy(&bss->supp_rates[bss->supp_rates_len],
2610 elems->ext_supp_rates, clen);
2611 bss->supp_rates_len += clen;
2616 beacon_timestamp = le64_to_cpu(mgmt->u.beacon.timestamp);
2618 bss->timestamp = beacon_timestamp;
2619 bss->last_update = jiffies;
2620 bss->signal = rx_status->signal;
2621 bss->noise = rx_status->noise;
2622 bss->qual = rx_status->qual;
2624 bss->last_probe_resp = jiffies;
2626 * In STA mode, the remaining parameters should not be overridden
2627 * by beacons because they're not necessarily accurate there.
2629 if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
2630 bss->last_probe_resp && beacon) {
2631 ieee80211_rx_bss_put(local, bss);
2635 if (bss->ies == NULL || bss->ies_len < elems->total_len) {
2637 bss->ies = kmalloc(elems->total_len, GFP_ATOMIC);
2640 memcpy(bss->ies, elems->ie_start, elems->total_len);
2641 bss->ies_len = elems->total_len;
2645 bss->wmm_used = elems->wmm_param || elems->wmm_info;
2647 /* check if we need to merge IBSS */
2648 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS && beacon &&
2649 !local->sta_sw_scanning && !local->sta_hw_scanning &&
2650 bss->capability & WLAN_CAPABILITY_IBSS &&
2651 bss->freq == local->oper_channel->center_freq &&
2652 elems->ssid_len == sdata->u.sta.ssid_len &&
2653 memcmp(elems->ssid, sdata->u.sta.ssid,
2654 sdata->u.sta.ssid_len) == 0) {
2655 if (rx_status->flag & RX_FLAG_TSFT) {
2656 /* in order for correct IBSS merging we need mactime
2658 * since mactime is defined as the time the first data
2659 * symbol of the frame hits the PHY, and the timestamp
2660 * of the beacon is defined as "the time that the data
2661 * symbol containing the first bit of the timestamp is
2662 * transmitted to the PHY plus the transmitting STA’s
2663 * delays through its local PHY from the MAC-PHY
2664 * interface to its interface with the WM"
2665 * (802.11 11.1.2) - equals the time this bit arrives at
2666 * the receiver - we have to take into account the
2667 * offset between the two.
2668 * e.g: at 1 MBit that means mactime is 192 usec earlier
2669 * (=24 bytes * 8 usecs/byte) than the beacon timestamp.
2671 int rate = local->hw.wiphy->bands[band]->
2672 bitrates[rx_status->rate_idx].bitrate;
2673 rx_timestamp = rx_status->mactime + (24 * 8 * 10 / rate);
2674 } else if (local && local->ops && local->ops->get_tsf)
2675 /* second best option: get current TSF */
2676 rx_timestamp = local->ops->get_tsf(local_to_hw(local));
2678 /* can't merge without knowing the TSF */
2679 rx_timestamp = -1LLU;
2680 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2681 printk(KERN_DEBUG "RX beacon SA=%s BSSID="
2682 "%s TSF=0x%llx BCN=0x%llx diff=%lld @%lu\n",
2683 print_mac(mac, mgmt->sa),
2684 print_mac(mac2, mgmt->bssid),
2685 (unsigned long long)rx_timestamp,
2686 (unsigned long long)beacon_timestamp,
2687 (unsigned long long)(rx_timestamp - beacon_timestamp),
2689 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
2690 if (beacon_timestamp > rx_timestamp) {
2691 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2692 printk(KERN_DEBUG "%s: beacon TSF higher than "
2693 "local TSF - IBSS merge with BSSID %s\n",
2694 sdata->dev->name, print_mac(mac, mgmt->bssid));
2696 ieee80211_sta_join_ibss(sdata, &sdata->u.sta, bss);
2697 ieee80211_ibss_add_sta(sdata, NULL,
2698 mgmt->bssid, mgmt->sa,
2703 ieee80211_rx_bss_put(local, bss);
2707 static void ieee80211_rx_mgmt_probe_resp(struct ieee80211_sub_if_data *sdata,
2708 struct ieee80211_mgmt *mgmt,
2710 struct ieee80211_rx_status *rx_status)
2713 struct ieee802_11_elems elems;
2714 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2716 if (memcmp(mgmt->da, sdata->dev->dev_addr, ETH_ALEN))
2717 return; /* ignore ProbeResp to foreign address */
2719 baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt;
2723 ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen,
2726 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems);
2728 /* direct probe may be part of the association flow */
2729 if (test_and_clear_bit(IEEE80211_STA_REQ_DIRECT_PROBE,
2731 printk(KERN_DEBUG "%s direct probe responded\n",
2733 ieee80211_authenticate(sdata, ifsta);
2738 static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
2739 struct ieee80211_mgmt *mgmt,
2741 struct ieee80211_rx_status *rx_status)
2743 struct ieee80211_if_sta *ifsta;
2745 struct ieee802_11_elems elems;
2746 struct ieee80211_local *local = sdata->local;
2747 struct ieee80211_conf *conf = &local->hw.conf;
2750 /* Process beacon from the current BSS */
2751 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
2755 ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems);
2757 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems);
2759 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
2761 ifsta = &sdata->u.sta;
2763 if (!(ifsta->flags & IEEE80211_STA_ASSOCIATED) ||
2764 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0)
2767 /* Do not send changes to driver if we are scanning. This removes
2768 * requirement that a driver's bss_info_changed/conf_tx functions
2769 * need to be atomic.
2770 * This is really ugly code, we should rewrite scanning and make
2771 * all this more understandable for humans.
2773 if (local->sta_sw_scanning || local->sta_hw_scanning)
2776 ieee80211_sta_wmm_params(local, ifsta, elems.wmm_param,
2777 elems.wmm_param_len);
2779 if (elems.erp_info && elems.erp_info_len >= 1)
2780 changed |= ieee80211_handle_erp_ie(sdata, elems.erp_info[0]);
2782 u16 capab = le16_to_cpu(mgmt->u.beacon.capab_info);
2783 changed |= ieee80211_handle_protect_preamb(sdata, false,
2784 (capab & WLAN_CAPABILITY_SHORT_PREAMBLE) != 0);
2787 if (elems.ht_cap_elem && elems.ht_info_elem &&
2788 elems.wmm_param && conf->flags & IEEE80211_CONF_SUPPORT_HT_MODE) {
2789 struct ieee80211_ht_bss_info bss_info;
2791 ieee80211_ht_addt_info_ie_to_ht_bss_info(
2792 (struct ieee80211_ht_addt_info *)
2793 elems.ht_info_elem, &bss_info);
2794 changed |= ieee80211_handle_ht(local, 1, &conf->ht_conf,
2798 ieee80211_bss_info_change_notify(sdata, changed);
2802 static void ieee80211_rx_mgmt_probe_req(struct ieee80211_sub_if_data *sdata,
2803 struct ieee80211_if_sta *ifsta,
2804 struct ieee80211_mgmt *mgmt,
2806 struct ieee80211_rx_status *rx_status)
2808 struct ieee80211_local *local = sdata->local;
2810 struct sk_buff *skb;
2811 struct ieee80211_mgmt *resp;
2813 DECLARE_MAC_BUF(mac);
2814 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2815 DECLARE_MAC_BUF(mac2);
2816 DECLARE_MAC_BUF(mac3);
2819 if (sdata->vif.type != IEEE80211_IF_TYPE_IBSS ||
2820 ifsta->state != IEEE80211_STA_MLME_IBSS_JOINED ||
2821 len < 24 + 2 || !ifsta->probe_resp)
2824 if (local->ops->tx_last_beacon)
2825 tx_last_beacon = local->ops->tx_last_beacon(local_to_hw(local));
2829 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2830 printk(KERN_DEBUG "%s: RX ProbeReq SA=%s DA=%s BSSID="
2831 "%s (tx_last_beacon=%d)\n",
2832 sdata->dev->name, print_mac(mac, mgmt->sa), print_mac(mac2, mgmt->da),
2833 print_mac(mac3, mgmt->bssid), tx_last_beacon);
2834 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
2836 if (!tx_last_beacon)
2839 if (memcmp(mgmt->bssid, ifsta->bssid, ETH_ALEN) != 0 &&
2840 memcmp(mgmt->bssid, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0)
2843 end = ((u8 *) mgmt) + len;
2844 pos = mgmt->u.probe_req.variable;
2845 if (pos[0] != WLAN_EID_SSID ||
2846 pos + 2 + pos[1] > end) {
2847 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2848 printk(KERN_DEBUG "%s: Invalid SSID IE in ProbeReq "
2850 sdata->dev->name, print_mac(mac, mgmt->sa));
2855 (pos[1] != ifsta->ssid_len ||
2856 memcmp(pos + 2, ifsta->ssid, ifsta->ssid_len) != 0)) {
2857 /* Ignore ProbeReq for foreign SSID */
2861 /* Reply with ProbeResp */
2862 skb = skb_copy(ifsta->probe_resp, GFP_KERNEL);
2866 resp = (struct ieee80211_mgmt *) skb->data;
2867 memcpy(resp->da, mgmt->sa, ETH_ALEN);
2868 #ifdef CONFIG_MAC80211_IBSS_DEBUG
2869 printk(KERN_DEBUG "%s: Sending ProbeResp to %s\n",
2870 sdata->dev->name, print_mac(mac, resp->da));
2871 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
2872 ieee80211_sta_tx(sdata, skb, 0);
2875 static void ieee80211_rx_mgmt_action(struct ieee80211_sub_if_data *sdata,
2876 struct ieee80211_if_sta *ifsta,
2877 struct ieee80211_mgmt *mgmt,
2879 struct ieee80211_rx_status *rx_status)
2881 struct ieee80211_local *local = sdata->local;
2883 /* all categories we currently handle have action_code */
2884 if (len < IEEE80211_MIN_ACTION_SIZE + 1)
2887 switch (mgmt->u.action.category) {
2888 case WLAN_CATEGORY_SPECTRUM_MGMT:
2889 if (local->hw.conf.channel->band != IEEE80211_BAND_5GHZ)
2891 switch (mgmt->u.action.u.measurement.action_code) {
2892 case WLAN_ACTION_SPCT_MSR_REQ:
2893 if (len < (IEEE80211_MIN_ACTION_SIZE +
2894 sizeof(mgmt->u.action.u.measurement)))
2896 ieee80211_sta_process_measurement_req(sdata, mgmt, len);
2900 case WLAN_CATEGORY_BACK:
2901 switch (mgmt->u.action.u.addba_req.action_code) {
2902 case WLAN_ACTION_ADDBA_REQ:
2903 if (len < (IEEE80211_MIN_ACTION_SIZE +
2904 sizeof(mgmt->u.action.u.addba_req)))
2906 ieee80211_sta_process_addba_request(local, mgmt, len);
2908 case WLAN_ACTION_ADDBA_RESP:
2909 if (len < (IEEE80211_MIN_ACTION_SIZE +
2910 sizeof(mgmt->u.action.u.addba_resp)))
2912 ieee80211_sta_process_addba_resp(local, mgmt, len);
2914 case WLAN_ACTION_DELBA:
2915 if (len < (IEEE80211_MIN_ACTION_SIZE +
2916 sizeof(mgmt->u.action.u.delba)))
2918 ieee80211_sta_process_delba(sdata, mgmt, len);
2922 case PLINK_CATEGORY:
2923 if (ieee80211_vif_is_mesh(&sdata->vif))
2924 mesh_rx_plink_frame(sdata, mgmt, len, rx_status);
2926 case MESH_PATH_SEL_CATEGORY:
2927 if (ieee80211_vif_is_mesh(&sdata->vif))
2928 mesh_rx_path_sel_frame(sdata, mgmt, len);
2933 void ieee80211_sta_rx_mgmt(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
2934 struct ieee80211_rx_status *rx_status)
2936 struct ieee80211_local *local = sdata->local;
2937 struct ieee80211_if_sta *ifsta;
2938 struct ieee80211_mgmt *mgmt;
2944 ifsta = &sdata->u.sta;
2946 mgmt = (struct ieee80211_mgmt *) skb->data;
2947 fc = le16_to_cpu(mgmt->frame_control);
2949 switch (fc & IEEE80211_FCTL_STYPE) {
2950 case IEEE80211_STYPE_PROBE_REQ:
2951 case IEEE80211_STYPE_PROBE_RESP:
2952 case IEEE80211_STYPE_BEACON:
2953 case IEEE80211_STYPE_ACTION:
2954 memcpy(skb->cb, rx_status, sizeof(*rx_status));
2955 case IEEE80211_STYPE_AUTH:
2956 case IEEE80211_STYPE_ASSOC_RESP:
2957 case IEEE80211_STYPE_REASSOC_RESP:
2958 case IEEE80211_STYPE_DEAUTH:
2959 case IEEE80211_STYPE_DISASSOC:
2960 skb_queue_tail(&ifsta->skb_queue, skb);
2961 queue_work(local->hw.workqueue, &ifsta->work);
2969 static void ieee80211_sta_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
2970 struct sk_buff *skb)
2972 struct ieee80211_rx_status *rx_status;
2973 struct ieee80211_if_sta *ifsta;
2974 struct ieee80211_mgmt *mgmt;
2977 ifsta = &sdata->u.sta;
2979 rx_status = (struct ieee80211_rx_status *) skb->cb;
2980 mgmt = (struct ieee80211_mgmt *) skb->data;
2981 fc = le16_to_cpu(mgmt->frame_control);
2983 switch (fc & IEEE80211_FCTL_STYPE) {
2984 case IEEE80211_STYPE_PROBE_REQ:
2985 ieee80211_rx_mgmt_probe_req(sdata, ifsta, mgmt, skb->len,
2988 case IEEE80211_STYPE_PROBE_RESP:
2989 ieee80211_rx_mgmt_probe_resp(sdata, mgmt, skb->len, rx_status);
2991 case IEEE80211_STYPE_BEACON:
2992 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len, rx_status);
2994 case IEEE80211_STYPE_AUTH:
2995 ieee80211_rx_mgmt_auth(sdata, ifsta, mgmt, skb->len);
2997 case IEEE80211_STYPE_ASSOC_RESP:
2998 ieee80211_rx_mgmt_assoc_resp(sdata, ifsta, mgmt, skb->len, 0);
3000 case IEEE80211_STYPE_REASSOC_RESP:
3001 ieee80211_rx_mgmt_assoc_resp(sdata, ifsta, mgmt, skb->len, 1);
3003 case IEEE80211_STYPE_DEAUTH:
3004 ieee80211_rx_mgmt_deauth(sdata, ifsta, mgmt, skb->len);
3006 case IEEE80211_STYPE_DISASSOC:
3007 ieee80211_rx_mgmt_disassoc(sdata, ifsta, mgmt, skb->len);
3009 case IEEE80211_STYPE_ACTION:
3010 ieee80211_rx_mgmt_action(sdata, ifsta, mgmt, skb->len, rx_status);
3019 ieee80211_sta_rx_scan(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb,
3020 struct ieee80211_rx_status *rx_status)
3022 struct ieee80211_mgmt *mgmt;
3026 return RX_DROP_UNUSABLE;
3028 mgmt = (struct ieee80211_mgmt *) skb->data;
3029 fc = mgmt->frame_control;
3031 if (ieee80211_is_ctl(fc))
3035 return RX_DROP_MONITOR;
3037 if (ieee80211_is_probe_resp(fc)) {
3038 ieee80211_rx_mgmt_probe_resp(sdata, mgmt, skb->len, rx_status);
3043 if (ieee80211_is_beacon(fc)) {
3044 ieee80211_rx_mgmt_beacon(sdata, mgmt, skb->len, rx_status);
3053 static int ieee80211_sta_active_ibss(struct ieee80211_sub_if_data *sdata)
3055 struct ieee80211_local *local = sdata->local;
3057 struct sta_info *sta;
3061 list_for_each_entry_rcu(sta, &local->sta_list, list) {
3062 if (sta->sdata == sdata &&
3063 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL,
3076 static void ieee80211_sta_expire(struct ieee80211_sub_if_data *sdata, unsigned long exp_time)
3078 struct ieee80211_local *local = sdata->local;
3079 struct sta_info *sta, *tmp;
3080 LIST_HEAD(tmp_list);
3081 DECLARE_MAC_BUF(mac);
3082 unsigned long flags;
3084 spin_lock_irqsave(&local->sta_lock, flags);
3085 list_for_each_entry_safe(sta, tmp, &local->sta_list, list)
3086 if (time_after(jiffies, sta->last_rx + exp_time)) {
3087 #ifdef CONFIG_MAC80211_IBSS_DEBUG
3088 printk(KERN_DEBUG "%s: expiring inactive STA %s\n",
3089 sdata->dev->name, print_mac(mac, sta->addr));
3091 __sta_info_unlink(&sta);
3093 list_add(&sta->list, &tmp_list);
3095 spin_unlock_irqrestore(&local->sta_lock, flags);
3097 list_for_each_entry_safe(sta, tmp, &tmp_list, list)
3098 sta_info_destroy(sta);
3102 static void ieee80211_sta_merge_ibss(struct ieee80211_sub_if_data *sdata,
3103 struct ieee80211_if_sta *ifsta)
3105 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
3107 ieee80211_sta_expire(sdata, IEEE80211_IBSS_INACTIVITY_LIMIT);
3108 if (ieee80211_sta_active_ibss(sdata))
3111 printk(KERN_DEBUG "%s: No active IBSS STAs - trying to scan for other "
3112 "IBSS networks with same SSID (merge)\n", sdata->dev->name);
3113 ieee80211_sta_req_scan(sdata, ifsta->ssid, ifsta->ssid_len);
3117 #ifdef CONFIG_MAC80211_MESH
3118 static void ieee80211_mesh_housekeeping(struct ieee80211_sub_if_data *sdata,
3119 struct ieee80211_if_sta *ifsta)
3123 ieee80211_sta_expire(sdata, IEEE80211_MESH_PEER_INACTIVITY_LIMIT);
3124 mesh_path_expire(sdata);
3126 free_plinks = mesh_plink_availables(sdata);
3127 if (free_plinks != sdata->u.sta.accepting_plinks)
3128 ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON);
3130 mod_timer(&ifsta->timer, jiffies +
3131 IEEE80211_MESH_HOUSEKEEPING_INTERVAL);
3135 void ieee80211_start_mesh(struct ieee80211_sub_if_data *sdata)
3137 struct ieee80211_if_sta *ifsta;
3138 ifsta = &sdata->u.sta;
3139 ifsta->state = IEEE80211_STA_MLME_MESH_UP;
3140 ieee80211_sta_timer((unsigned long)sdata);
3141 ieee80211_if_config(sdata, IEEE80211_IFCC_BEACON);
3146 void ieee80211_sta_timer(unsigned long data)
3148 struct ieee80211_sub_if_data *sdata =
3149 (struct ieee80211_sub_if_data *) data;
3150 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3151 struct ieee80211_local *local = sdata->local;
3153 set_bit(IEEE80211_STA_REQ_RUN, &ifsta->request);
3154 queue_work(local->hw.workqueue, &ifsta->work);
3157 void ieee80211_sta_work(struct work_struct *work)
3159 struct ieee80211_sub_if_data *sdata =
3160 container_of(work, struct ieee80211_sub_if_data, u.sta.work);
3161 struct ieee80211_local *local = sdata->local;
3162 struct ieee80211_if_sta *ifsta;
3163 struct sk_buff *skb;
3165 if (!netif_running(sdata->dev))
3168 if (local->sta_sw_scanning || local->sta_hw_scanning)
3171 if (WARN_ON(sdata->vif.type != IEEE80211_IF_TYPE_STA &&
3172 sdata->vif.type != IEEE80211_IF_TYPE_IBSS &&
3173 sdata->vif.type != IEEE80211_IF_TYPE_MESH_POINT))
3175 ifsta = &sdata->u.sta;
3177 while ((skb = skb_dequeue(&ifsta->skb_queue)))
3178 ieee80211_sta_rx_queued_mgmt(sdata, skb);
3180 #ifdef CONFIG_MAC80211_MESH
3181 if (ifsta->preq_queue_len &&
3183 ifsta->last_preq + msecs_to_jiffies(ifsta->mshcfg.dot11MeshHWMPpreqMinInterval)))
3184 mesh_path_start_discovery(sdata);
3187 if (ifsta->state != IEEE80211_STA_MLME_DIRECT_PROBE &&
3188 ifsta->state != IEEE80211_STA_MLME_AUTHENTICATE &&
3189 ifsta->state != IEEE80211_STA_MLME_ASSOCIATE &&
3190 test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request)) {
3191 if (ifsta->scan_ssid_len)
3192 ieee80211_sta_start_scan(sdata, ifsta->scan_ssid, ifsta->scan_ssid_len);
3194 ieee80211_sta_start_scan(sdata, NULL, 0);
3198 if (test_and_clear_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request)) {
3199 if (ieee80211_sta_config_auth(sdata, ifsta))
3201 clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request);
3202 } else if (!test_and_clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request))
3205 switch (ifsta->state) {
3206 case IEEE80211_STA_MLME_DISABLED:
3208 case IEEE80211_STA_MLME_DIRECT_PROBE:
3209 ieee80211_direct_probe(sdata, ifsta);
3211 case IEEE80211_STA_MLME_AUTHENTICATE:
3212 ieee80211_authenticate(sdata, ifsta);
3214 case IEEE80211_STA_MLME_ASSOCIATE:
3215 ieee80211_associate(sdata, ifsta);
3217 case IEEE80211_STA_MLME_ASSOCIATED:
3218 ieee80211_associated(sdata, ifsta);
3220 case IEEE80211_STA_MLME_IBSS_SEARCH:
3221 ieee80211_sta_find_ibss(sdata, ifsta);
3223 case IEEE80211_STA_MLME_IBSS_JOINED:
3224 ieee80211_sta_merge_ibss(sdata, ifsta);
3226 #ifdef CONFIG_MAC80211_MESH
3227 case IEEE80211_STA_MLME_MESH_UP:
3228 ieee80211_mesh_housekeeping(sdata, ifsta);
3236 if (ieee80211_privacy_mismatch(sdata, ifsta)) {
3237 printk(KERN_DEBUG "%s: privacy configuration mismatch and "
3238 "mixed-cell disabled - disassociate\n", sdata->dev->name);
3240 ieee80211_set_disassoc(sdata, ifsta, false, true,
3241 WLAN_REASON_UNSPECIFIED);
3246 static void ieee80211_sta_reset_auth(struct ieee80211_sub_if_data *sdata,
3247 struct ieee80211_if_sta *ifsta)
3249 struct ieee80211_local *local = sdata->local;
3251 if (local->ops->reset_tsf) {
3252 /* Reset own TSF to allow time synchronization work. */
3253 local->ops->reset_tsf(local_to_hw(local));
3256 ifsta->wmm_last_param_set = -1; /* allow any WMM update */
3259 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN)
3260 ifsta->auth_alg = WLAN_AUTH_OPEN;
3261 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
3262 ifsta->auth_alg = WLAN_AUTH_SHARED_KEY;
3263 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP)
3264 ifsta->auth_alg = WLAN_AUTH_LEAP;
3266 ifsta->auth_alg = WLAN_AUTH_OPEN;
3267 ifsta->auth_transaction = -1;
3268 ifsta->flags &= ~IEEE80211_STA_ASSOCIATED;
3269 ifsta->assoc_scan_tries = 0;
3270 ifsta->direct_probe_tries = 0;
3271 ifsta->auth_tries = 0;
3272 ifsta->assoc_tries = 0;
3273 netif_tx_stop_all_queues(sdata->dev);
3274 netif_carrier_off(sdata->dev);
3278 void ieee80211_sta_req_auth(struct ieee80211_sub_if_data *sdata,
3279 struct ieee80211_if_sta *ifsta)
3281 struct ieee80211_local *local = sdata->local;
3283 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
3286 if ((ifsta->flags & (IEEE80211_STA_BSSID_SET |
3287 IEEE80211_STA_AUTO_BSSID_SEL)) &&
3288 (ifsta->flags & (IEEE80211_STA_SSID_SET |
3289 IEEE80211_STA_AUTO_SSID_SEL))) {
3291 if (ifsta->state == IEEE80211_STA_MLME_ASSOCIATED)
3292 ieee80211_set_disassoc(sdata, ifsta, true, true,
3293 WLAN_REASON_DEAUTH_LEAVING);
3295 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request);
3296 queue_work(local->hw.workqueue, &ifsta->work);
3300 static int ieee80211_sta_match_ssid(struct ieee80211_if_sta *ifsta,
3301 const char *ssid, int ssid_len)
3303 int tmp, hidden_ssid;
3305 if (ssid_len == ifsta->ssid_len &&
3306 !memcmp(ifsta->ssid, ssid, ssid_len))
3309 if (ifsta->flags & IEEE80211_STA_AUTO_BSSID_SEL)
3315 if (ssid[tmp] != '\0') {
3321 if (hidden_ssid && ifsta->ssid_len == ssid_len)
3324 if (ssid_len == 1 && ssid[0] == ' ')
3330 static int ieee80211_sta_config_auth(struct ieee80211_sub_if_data *sdata,
3331 struct ieee80211_if_sta *ifsta)
3333 struct ieee80211_local *local = sdata->local;
3334 struct ieee80211_sta_bss *bss, *selected = NULL;
3335 int top_rssi = 0, freq;
3337 spin_lock_bh(&local->sta_bss_lock);
3338 freq = local->oper_channel->center_freq;
3339 list_for_each_entry(bss, &local->sta_bss_list, list) {
3340 if (!(bss->capability & WLAN_CAPABILITY_ESS))
3343 if ((ifsta->flags & (IEEE80211_STA_AUTO_SSID_SEL |
3344 IEEE80211_STA_AUTO_BSSID_SEL |
3345 IEEE80211_STA_AUTO_CHANNEL_SEL)) &&
3346 (!!(bss->capability & WLAN_CAPABILITY_PRIVACY) ^
3347 !!sdata->default_key))
3350 if (!(ifsta->flags & IEEE80211_STA_AUTO_CHANNEL_SEL) &&
3354 if (!(ifsta->flags & IEEE80211_STA_AUTO_BSSID_SEL) &&
3355 memcmp(bss->bssid, ifsta->bssid, ETH_ALEN))
3358 if (!(ifsta->flags & IEEE80211_STA_AUTO_SSID_SEL) &&
3359 !ieee80211_sta_match_ssid(ifsta, bss->ssid, bss->ssid_len))
3362 if (!selected || top_rssi < bss->signal) {
3364 top_rssi = bss->signal;
3368 atomic_inc(&selected->users);
3369 spin_unlock_bh(&local->sta_bss_lock);
3372 ieee80211_set_freq(sdata, selected->freq);
3373 if (!(ifsta->flags & IEEE80211_STA_SSID_SET))
3374 ieee80211_sta_set_ssid(sdata, selected->ssid,
3375 selected->ssid_len);
3376 ieee80211_sta_set_bssid(sdata, selected->bssid);
3377 ieee80211_sta_def_wmm_params(sdata, selected, 0);
3379 /* Send out direct probe if no probe resp was received or
3380 * the one we have is outdated
3382 if (!selected->last_probe_resp ||
3383 time_after(jiffies, selected->last_probe_resp
3384 + IEEE80211_SCAN_RESULT_EXPIRE))
3385 ifsta->state = IEEE80211_STA_MLME_DIRECT_PROBE;
3387 ifsta->state = IEEE80211_STA_MLME_AUTHENTICATE;
3389 ieee80211_rx_bss_put(local, selected);
3390 ieee80211_sta_reset_auth(sdata, ifsta);
3393 if (ifsta->assoc_scan_tries < IEEE80211_ASSOC_SCANS_MAX_TRIES) {
3394 ifsta->assoc_scan_tries++;
3395 if (ifsta->flags & IEEE80211_STA_AUTO_SSID_SEL)
3396 ieee80211_sta_start_scan(sdata, NULL, 0);
3398 ieee80211_sta_start_scan(sdata, ifsta->ssid,
3400 ifsta->state = IEEE80211_STA_MLME_AUTHENTICATE;
3401 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request);
3403 ifsta->state = IEEE80211_STA_MLME_DISABLED;
3409 static int ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata,
3410 struct ieee80211_if_sta *ifsta)
3412 struct ieee80211_local *local = sdata->local;
3413 struct ieee80211_sta_bss *bss;
3414 struct ieee80211_supported_band *sband;
3415 u8 bssid[ETH_ALEN], *pos;
3418 DECLARE_MAC_BUF(mac);
3421 /* Easier testing, use fixed BSSID. */
3422 memset(bssid, 0xfe, ETH_ALEN);
3424 /* Generate random, not broadcast, locally administered BSSID. Mix in
3425 * own MAC address to make sure that devices that do not have proper
3426 * random number generator get different BSSID. */
3427 get_random_bytes(bssid, ETH_ALEN);
3428 for (i = 0; i < ETH_ALEN; i++)
3429 bssid[i] ^= sdata->dev->dev_addr[i];
3434 printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID %s\n",
3435 sdata->dev->name, print_mac(mac, bssid));
3437 bss = ieee80211_rx_bss_add(sdata, bssid,
3438 local->hw.conf.channel->center_freq,
3439 sdata->u.sta.ssid, sdata->u.sta.ssid_len);
3443 bss->band = local->hw.conf.channel->band;
3444 sband = local->hw.wiphy->bands[bss->band];
3446 if (local->hw.conf.beacon_int == 0)
3447 local->hw.conf.beacon_int = 100;
3448 bss->beacon_int = local->hw.conf.beacon_int;
3449 bss->last_update = jiffies;
3450 bss->capability = WLAN_CAPABILITY_IBSS;
3452 if (sdata->default_key)
3453 bss->capability |= WLAN_CAPABILITY_PRIVACY;
3455 sdata->drop_unencrypted = 0;
3457 bss->supp_rates_len = sband->n_bitrates;
3458 pos = bss->supp_rates;
3459 for (i = 0; i < sband->n_bitrates; i++) {
3460 int rate = sband->bitrates[i].bitrate;
3461 *pos++ = (u8) (rate / 5);
3464 ret = ieee80211_sta_join_ibss(sdata, ifsta, bss);
3465 ieee80211_rx_bss_put(local, bss);
3470 static int ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata,
3471 struct ieee80211_if_sta *ifsta)
3473 struct ieee80211_local *local = sdata->local;
3474 struct ieee80211_sta_bss *bss;
3478 DECLARE_MAC_BUF(mac);
3479 DECLARE_MAC_BUF(mac2);
3481 if (ifsta->ssid_len == 0)
3484 active_ibss = ieee80211_sta_active_ibss(sdata);
3485 #ifdef CONFIG_MAC80211_IBSS_DEBUG
3486 printk(KERN_DEBUG "%s: sta_find_ibss (active_ibss=%d)\n",
3487 sdata->dev->name, active_ibss);
3488 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
3489 spin_lock_bh(&local->sta_bss_lock);
3490 list_for_each_entry(bss, &local->sta_bss_list, list) {
3491 if (ifsta->ssid_len != bss->ssid_len ||
3492 memcmp(ifsta->ssid, bss->ssid, bss->ssid_len) != 0
3493 || !(bss->capability & WLAN_CAPABILITY_IBSS))
3495 #ifdef CONFIG_MAC80211_IBSS_DEBUG
3496 printk(KERN_DEBUG " bssid=%s found\n",
3497 print_mac(mac, bss->bssid));
3498 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
3499 memcpy(bssid, bss->bssid, ETH_ALEN);
3501 if (active_ibss || memcmp(bssid, ifsta->bssid, ETH_ALEN) != 0)
3504 spin_unlock_bh(&local->sta_bss_lock);
3506 #ifdef CONFIG_MAC80211_IBSS_DEBUG
3508 printk(KERN_DEBUG " sta_find_ibss: selected %s current "
3509 "%s\n", print_mac(mac, bssid),
3510 print_mac(mac2, ifsta->bssid));
3511 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
3513 if (found && memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0) {
3517 if (ifsta->flags & IEEE80211_STA_AUTO_CHANNEL_SEL)
3518 search_freq = bss->freq;
3520 search_freq = local->hw.conf.channel->center_freq;
3522 bss = ieee80211_rx_bss_get(local, bssid, search_freq,
3523 ifsta->ssid, ifsta->ssid_len);
3527 printk(KERN_DEBUG "%s: Selected IBSS BSSID %s"
3528 " based on configured SSID\n",
3529 sdata->dev->name, print_mac(mac, bssid));
3530 ret = ieee80211_sta_join_ibss(sdata, ifsta, bss);
3531 ieee80211_rx_bss_put(local, bss);
3536 #ifdef CONFIG_MAC80211_IBSS_DEBUG
3537 printk(KERN_DEBUG " did not try to join ibss\n");
3538 #endif /* CONFIG_MAC80211_IBSS_DEBUG */
3540 /* Selected IBSS not found in current scan results - try to scan */
3541 if (ifsta->state == IEEE80211_STA_MLME_IBSS_JOINED &&
3542 !ieee80211_sta_active_ibss(sdata)) {
3543 mod_timer(&ifsta->timer, jiffies +
3544 IEEE80211_IBSS_MERGE_INTERVAL);
3545 } else if (time_after(jiffies, local->last_scan_completed +
3546 IEEE80211_SCAN_INTERVAL)) {
3547 printk(KERN_DEBUG "%s: Trigger new scan to find an IBSS to "
3548 "join\n", sdata->dev->name);
3549 return ieee80211_sta_req_scan(sdata, ifsta->ssid,
3551 } else if (ifsta->state != IEEE80211_STA_MLME_IBSS_JOINED) {
3552 int interval = IEEE80211_SCAN_INTERVAL;
3554 if (time_after(jiffies, ifsta->ibss_join_req +
3555 IEEE80211_IBSS_JOIN_TIMEOUT)) {
3556 if ((ifsta->flags & IEEE80211_STA_CREATE_IBSS) &&
3557 (!(local->oper_channel->flags &
3558 IEEE80211_CHAN_NO_IBSS)))
3559 return ieee80211_sta_create_ibss(sdata, ifsta);
3560 if (ifsta->flags & IEEE80211_STA_CREATE_IBSS) {
3561 printk(KERN_DEBUG "%s: IBSS not allowed on"
3562 " %d MHz\n", sdata->dev->name,
3563 local->hw.conf.channel->center_freq);
3566 /* No IBSS found - decrease scan interval and continue
3568 interval = IEEE80211_SCAN_INTERVAL_SLOW;
3571 ifsta->state = IEEE80211_STA_MLME_IBSS_SEARCH;
3572 mod_timer(&ifsta->timer, jiffies + interval);
3580 int ieee80211_sta_set_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t len)
3582 struct ieee80211_if_sta *ifsta;
3585 if (len > IEEE80211_MAX_SSID_LEN)
3588 ifsta = &sdata->u.sta;
3590 if (ifsta->ssid_len != len || memcmp(ifsta->ssid, ssid, len) != 0) {
3591 memset(ifsta->ssid, 0, sizeof(ifsta->ssid));
3592 memcpy(ifsta->ssid, ssid, len);
3593 ifsta->ssid_len = len;
3594 ifsta->flags &= ~IEEE80211_STA_PREV_BSSID_SET;
3598 * Hack! MLME code needs to be cleaned up to have different
3599 * entry points for configuration and internal selection change
3601 if (netif_running(sdata->dev))
3602 res = ieee80211_if_config(sdata, IEEE80211_IFCC_SSID);
3604 printk(KERN_DEBUG "%s: Failed to config new SSID to "
3605 "the low-level driver\n", sdata->dev->name);
3611 ifsta->flags |= IEEE80211_STA_SSID_SET;
3613 ifsta->flags &= ~IEEE80211_STA_SSID_SET;
3615 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS &&
3616 !(ifsta->flags & IEEE80211_STA_BSSID_SET)) {
3617 ifsta->ibss_join_req = jiffies;
3618 ifsta->state = IEEE80211_STA_MLME_IBSS_SEARCH;
3619 return ieee80211_sta_find_ibss(sdata, ifsta);
3626 int ieee80211_sta_get_ssid(struct ieee80211_sub_if_data *sdata, char *ssid, size_t *len)
3628 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3629 memcpy(ssid, ifsta->ssid, ifsta->ssid_len);
3630 *len = ifsta->ssid_len;
3635 int ieee80211_sta_set_bssid(struct ieee80211_sub_if_data *sdata, u8 *bssid)
3637 struct ieee80211_if_sta *ifsta;
3640 ifsta = &sdata->u.sta;
3642 if (memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0) {
3643 memcpy(ifsta->bssid, bssid, ETH_ALEN);
3646 * Hack! See also ieee80211_sta_set_ssid.
3648 if (netif_running(sdata->dev))
3649 res = ieee80211_if_config(sdata, IEEE80211_IFCC_BSSID);
3651 printk(KERN_DEBUG "%s: Failed to config new BSSID to "
3652 "the low-level driver\n", sdata->dev->name);
3657 if (is_valid_ether_addr(bssid))
3658 ifsta->flags |= IEEE80211_STA_BSSID_SET;
3660 ifsta->flags &= ~IEEE80211_STA_BSSID_SET;
3666 static void ieee80211_send_nullfunc(struct ieee80211_local *local,
3667 struct ieee80211_sub_if_data *sdata,
3670 struct sk_buff *skb;
3671 struct ieee80211_hdr *nullfunc;
3674 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 24);
3676 printk(KERN_DEBUG "%s: failed to allocate buffer for nullfunc "
3677 "frame\n", sdata->dev->name);
3680 skb_reserve(skb, local->hw.extra_tx_headroom);
3682 nullfunc = (struct ieee80211_hdr *) skb_put(skb, 24);
3683 memset(nullfunc, 0, 24);
3684 fc = cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC |
3685 IEEE80211_FCTL_TODS);
3687 fc |= cpu_to_le16(IEEE80211_FCTL_PM);
3688 nullfunc->frame_control = fc;
3689 memcpy(nullfunc->addr1, sdata->u.sta.bssid, ETH_ALEN);
3690 memcpy(nullfunc->addr2, sdata->dev->dev_addr, ETH_ALEN);
3691 memcpy(nullfunc->addr3, sdata->u.sta.bssid, ETH_ALEN);
3693 ieee80211_sta_tx(sdata, skb, 0);
3697 static void ieee80211_restart_sta_timer(struct ieee80211_sub_if_data *sdata)
3699 if (sdata->vif.type == IEEE80211_IF_TYPE_STA ||
3700 ieee80211_vif_is_mesh(&sdata->vif))
3701 ieee80211_sta_timer((unsigned long)sdata);
3704 void ieee80211_scan_completed(struct ieee80211_hw *hw)
3706 struct ieee80211_local *local = hw_to_local(hw);
3707 struct net_device *dev = local->scan_dev;
3708 struct ieee80211_sub_if_data *sdata;
3709 union iwreq_data wrqu;
3711 local->last_scan_completed = jiffies;
3712 memset(&wrqu, 0, sizeof(wrqu));
3713 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL);
3715 if (local->sta_hw_scanning) {
3716 local->sta_hw_scanning = 0;
3717 if (ieee80211_hw_config(local))
3718 printk(KERN_DEBUG "%s: failed to restore operational "
3719 "channel after scan\n", dev->name);
3720 /* Restart STA timer for HW scan case */
3722 list_for_each_entry_rcu(sdata, &local->interfaces, list)
3723 ieee80211_restart_sta_timer(sdata);
3729 local->sta_sw_scanning = 0;
3730 if (ieee80211_hw_config(local))
3731 printk(KERN_DEBUG "%s: failed to restore operational "
3732 "channel after scan\n", dev->name);
3735 netif_tx_lock_bh(local->mdev);
3736 netif_addr_lock(local->mdev);
3737 local->filter_flags &= ~FIF_BCN_PRBRESP_PROMISC;
3738 local->ops->configure_filter(local_to_hw(local),
3739 FIF_BCN_PRBRESP_PROMISC,
3740 &local->filter_flags,
3741 local->mdev->mc_count,
3742 local->mdev->mc_list);
3744 netif_addr_unlock(local->mdev);
3745 netif_tx_unlock_bh(local->mdev);
3748 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
3749 /* Tell AP we're back */
3750 if (sdata->vif.type == IEEE80211_IF_TYPE_STA) {
3751 if (sdata->u.sta.flags & IEEE80211_STA_ASSOCIATED) {
3752 ieee80211_send_nullfunc(local, sdata, 0);
3753 netif_tx_wake_all_queues(sdata->dev);
3756 netif_tx_wake_all_queues(sdata->dev);
3758 ieee80211_restart_sta_timer(sdata);
3763 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3764 if (sdata->vif.type == IEEE80211_IF_TYPE_IBSS) {
3765 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3766 if (!(ifsta->flags & IEEE80211_STA_BSSID_SET) ||
3767 (!(ifsta->state == IEEE80211_STA_MLME_IBSS_JOINED) &&
3768 !ieee80211_sta_active_ibss(sdata)))
3769 ieee80211_sta_find_ibss(sdata, ifsta);
3772 EXPORT_SYMBOL(ieee80211_scan_completed);
3774 void ieee80211_sta_scan_work(struct work_struct *work)
3776 struct ieee80211_local *local =
3777 container_of(work, struct ieee80211_local, scan_work.work);
3778 struct net_device *dev = local->scan_dev;
3779 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3780 struct ieee80211_supported_band *sband;
3781 struct ieee80211_channel *chan;
3783 unsigned long next_delay = 0;
3785 if (!local->sta_sw_scanning)
3788 switch (local->scan_state) {
3789 case SCAN_SET_CHANNEL:
3791 * Get current scan band. scan_band may be IEEE80211_NUM_BANDS
3792 * after we successfully scanned the last channel of the last
3793 * band (and the last band is supported by the hw)
3795 if (local->scan_band < IEEE80211_NUM_BANDS)
3796 sband = local->hw.wiphy->bands[local->scan_band];
3801 * If we are at an unsupported band and have more bands
3802 * left to scan, advance to the next supported one.
3804 while (!sband && local->scan_band < IEEE80211_NUM_BANDS - 1) {
3806 sband = local->hw.wiphy->bands[local->scan_band];
3807 local->scan_channel_idx = 0;
3810 /* if no more bands/channels left, complete scan */
3811 if (!sband || local->scan_channel_idx >= sband->n_channels) {
3812 ieee80211_scan_completed(local_to_hw(local));
3816 chan = &sband->channels[local->scan_channel_idx];
3818 if (chan->flags & IEEE80211_CHAN_DISABLED ||
3819 (sdata->vif.type == IEEE80211_IF_TYPE_IBSS &&
3820 chan->flags & IEEE80211_CHAN_NO_IBSS))
3824 local->scan_channel = chan;
3825 if (ieee80211_hw_config(local)) {
3826 printk(KERN_DEBUG "%s: failed to set freq to "
3827 "%d MHz for scan\n", dev->name,
3833 /* advance state machine to next channel/band */
3834 local->scan_channel_idx++;
3835 if (local->scan_channel_idx >= sband->n_channels) {
3837 * scan_band may end up == IEEE80211_NUM_BANDS, but
3838 * we'll catch that case above and complete the scan
3839 * if that is the case.
3842 local->scan_channel_idx = 0;
3848 next_delay = IEEE80211_PROBE_DELAY +
3849 usecs_to_jiffies(local->hw.channel_change_time);
3850 local->scan_state = SCAN_SEND_PROBE;
3852 case SCAN_SEND_PROBE:
3853 next_delay = IEEE80211_PASSIVE_CHANNEL_TIME;
3854 local->scan_state = SCAN_SET_CHANNEL;
3856 if (local->scan_channel->flags & IEEE80211_CHAN_PASSIVE_SCAN)
3858 ieee80211_send_probe_req(sdata, NULL, local->scan_ssid,
3859 local->scan_ssid_len);
3860 next_delay = IEEE80211_CHANNEL_TIME;
3864 if (local->sta_sw_scanning)
3865 queue_delayed_work(local->hw.workqueue, &local->scan_work,
3870 static int ieee80211_sta_start_scan(struct ieee80211_sub_if_data *scan_sdata,
3871 u8 *ssid, size_t ssid_len)
3873 struct ieee80211_local *local = scan_sdata->local;
3874 struct ieee80211_sub_if_data *sdata;
3876 if (ssid_len > IEEE80211_MAX_SSID_LEN)
3879 /* MLME-SCAN.request (page 118) page 144 (11.1.3.1)
3880 * BSSType: INFRASTRUCTURE, INDEPENDENT, ANY_BSS
3883 * ScanType: ACTIVE, PASSIVE
3884 * ProbeDelay: delay (in microseconds) to be used prior to transmitting
3885 * a Probe frame during active scanning
3887 * MinChannelTime (>= ProbeDelay), in TU
3888 * MaxChannelTime: (>= MinChannelTime), in TU
3891 /* MLME-SCAN.confirm
3893 * ResultCode: SUCCESS, INVALID_PARAMETERS
3896 if (local->sta_sw_scanning || local->sta_hw_scanning) {
3897 if (local->scan_dev == scan_sdata->dev)
3902 if (local->ops->hw_scan) {
3903 int rc = local->ops->hw_scan(local_to_hw(local),
3906 local->sta_hw_scanning = 1;
3907 local->scan_dev = scan_sdata->dev;
3912 local->sta_sw_scanning = 1;
3915 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
3916 if (sdata->vif.type == IEEE80211_IF_TYPE_STA) {
3917 if (sdata->u.sta.flags & IEEE80211_STA_ASSOCIATED) {
3918 netif_tx_stop_all_queues(sdata->dev);
3919 ieee80211_send_nullfunc(local, sdata, 1);
3922 netif_tx_stop_all_queues(sdata->dev);
3927 local->scan_ssid_len = ssid_len;
3928 memcpy(local->scan_ssid, ssid, ssid_len);
3930 local->scan_ssid_len = 0;
3931 local->scan_state = SCAN_SET_CHANNEL;
3932 local->scan_channel_idx = 0;
3933 local->scan_band = IEEE80211_BAND_2GHZ;
3934 local->scan_dev = scan_sdata->dev;
3936 netif_addr_lock_bh(local->mdev);
3937 local->filter_flags |= FIF_BCN_PRBRESP_PROMISC;
3938 local->ops->configure_filter(local_to_hw(local),
3939 FIF_BCN_PRBRESP_PROMISC,
3940 &local->filter_flags,
3941 local->mdev->mc_count,
3942 local->mdev->mc_list);
3943 netif_addr_unlock_bh(local->mdev);
3945 /* TODO: start scan as soon as all nullfunc frames are ACKed */
3946 queue_delayed_work(local->hw.workqueue, &local->scan_work,
3947 IEEE80211_CHANNEL_TIME);
3953 int ieee80211_sta_req_scan(struct ieee80211_sub_if_data *sdata, u8 *ssid, size_t ssid_len)
3955 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3956 struct ieee80211_local *local = sdata->local;
3958 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
3959 return ieee80211_sta_start_scan(sdata, ssid, ssid_len);
3961 if (local->sta_sw_scanning || local->sta_hw_scanning) {
3962 if (local->scan_dev == sdata->dev)
3967 ifsta->scan_ssid_len = ssid_len;
3969 memcpy(ifsta->scan_ssid, ssid, ssid_len);
3970 set_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request);
3971 queue_work(local->hw.workqueue, &ifsta->work);
3976 static void ieee80211_sta_add_scan_ies(struct iw_request_info *info,
3977 struct ieee80211_sta_bss *bss,
3978 char **current_ev, char *end_buf)
3980 u8 *pos, *end, *next;
3981 struct iw_event iwe;
3983 if (bss == NULL || bss->ies == NULL)
3987 * If needed, fragment the IEs buffer (at IE boundaries) into short
3988 * enough fragments to fit into IW_GENERIC_IE_MAX octet messages.
3991 end = pos + bss->ies_len;
3993 while (end - pos > IW_GENERIC_IE_MAX) {
3994 next = pos + 2 + pos[1];
3995 while (next + 2 + next[1] - pos < IW_GENERIC_IE_MAX)
3996 next = next + 2 + next[1];
3998 memset(&iwe, 0, sizeof(iwe));
3999 iwe.cmd = IWEVGENIE;
4000 iwe.u.data.length = next - pos;
4001 *current_ev = iwe_stream_add_point(info, *current_ev,
4002 end_buf, &iwe, pos);
4008 memset(&iwe, 0, sizeof(iwe));
4009 iwe.cmd = IWEVGENIE;
4010 iwe.u.data.length = end - pos;
4011 *current_ev = iwe_stream_add_point(info, *current_ev,
4012 end_buf, &iwe, pos);
4018 ieee80211_sta_scan_result(struct ieee80211_local *local,
4019 struct iw_request_info *info,
4020 struct ieee80211_sta_bss *bss,
4021 char *current_ev, char *end_buf)
4023 struct iw_event iwe;
4025 if (time_after(jiffies,
4026 bss->last_update + IEEE80211_SCAN_RESULT_EXPIRE))
4029 memset(&iwe, 0, sizeof(iwe));
4030 iwe.cmd = SIOCGIWAP;
4031 iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
4032 memcpy(iwe.u.ap_addr.sa_data, bss->bssid, ETH_ALEN);
4033 current_ev = iwe_stream_add_event(info, current_ev, end_buf, &iwe,
4036 memset(&iwe, 0, sizeof(iwe));
4037 iwe.cmd = SIOCGIWESSID;
4038 if (bss_mesh_cfg(bss)) {
4039 iwe.u.data.length = bss_mesh_id_len(bss);
4040 iwe.u.data.flags = 1;
4041 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
4042 &iwe, bss_mesh_id(bss));
4044 iwe.u.data.length = bss->ssid_len;
4045 iwe.u.data.flags = 1;
4046 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
4050 if (bss->capability & (WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_IBSS)
4051 || bss_mesh_cfg(bss)) {
4052 memset(&iwe, 0, sizeof(iwe));
4053 iwe.cmd = SIOCGIWMODE;
4054 if (bss_mesh_cfg(bss))
4055 iwe.u.mode = IW_MODE_MESH;
4056 else if (bss->capability & WLAN_CAPABILITY_ESS)
4057 iwe.u.mode = IW_MODE_MASTER;
4059 iwe.u.mode = IW_MODE_ADHOC;
4060 current_ev = iwe_stream_add_event(info, current_ev, end_buf,
4061 &iwe, IW_EV_UINT_LEN);
4064 memset(&iwe, 0, sizeof(iwe));
4065 iwe.cmd = SIOCGIWFREQ;
4066 iwe.u.freq.m = ieee80211_frequency_to_channel(bss->freq);
4068 current_ev = iwe_stream_add_event(info, current_ev, end_buf, &iwe,
4071 memset(&iwe, 0, sizeof(iwe));
4072 iwe.cmd = SIOCGIWFREQ;
4073 iwe.u.freq.m = bss->freq;
4075 current_ev = iwe_stream_add_event(info, current_ev, end_buf, &iwe,
4077 memset(&iwe, 0, sizeof(iwe));
4079 iwe.u.qual.qual = bss->qual;
4080 iwe.u.qual.level = bss->signal;
4081 iwe.u.qual.noise = bss->noise;
4082 iwe.u.qual.updated = local->wstats_flags;
4083 current_ev = iwe_stream_add_event(info, current_ev, end_buf, &iwe,
4086 memset(&iwe, 0, sizeof(iwe));
4087 iwe.cmd = SIOCGIWENCODE;
4088 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
4089 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
4091 iwe.u.data.flags = IW_ENCODE_DISABLED;
4092 iwe.u.data.length = 0;
4093 current_ev = iwe_stream_add_point(info, current_ev, end_buf,
4096 ieee80211_sta_add_scan_ies(info, bss, ¤t_ev, end_buf);
4098 if (bss && bss->supp_rates_len > 0) {
4099 /* display all supported rates in readable format */
4100 char *p = current_ev + iwe_stream_lcp_len(info);
4103 memset(&iwe, 0, sizeof(iwe));
4104 iwe.cmd = SIOCGIWRATE;
4105 /* Those two flags are ignored... */
4106 iwe.u.bitrate.fixed = iwe.u.bitrate.disabled = 0;
4108 for (i = 0; i < bss->supp_rates_len; i++) {
4109 iwe.u.bitrate.value = ((bss->supp_rates[i] &
4111 p = iwe_stream_add_value(info, current_ev, p,
4112 end_buf, &iwe, IW_EV_PARAM_LEN);
4119 buf = kmalloc(30, GFP_ATOMIC);
4121 memset(&iwe, 0, sizeof(iwe));
4122 iwe.cmd = IWEVCUSTOM;
4123 sprintf(buf, "tsf=%016llx", (unsigned long long)(bss->timestamp));
4124 iwe.u.data.length = strlen(buf);
4125 current_ev = iwe_stream_add_point(info, current_ev,
4128 memset(&iwe, 0, sizeof(iwe));
4129 iwe.cmd = IWEVCUSTOM;
4130 sprintf(buf, " Last beacon: %dms ago",
4131 jiffies_to_msecs(jiffies - bss->last_update));
4132 iwe.u.data.length = strlen(buf);
4133 current_ev = iwe_stream_add_point(info, current_ev,
4134 end_buf, &iwe, buf);
4139 if (bss_mesh_cfg(bss)) {
4141 u8 *cfg = bss_mesh_cfg(bss);
4142 buf = kmalloc(50, GFP_ATOMIC);
4144 memset(&iwe, 0, sizeof(iwe));
4145 iwe.cmd = IWEVCUSTOM;
4146 sprintf(buf, "Mesh network (version %d)", cfg[0]);
4147 iwe.u.data.length = strlen(buf);
4148 current_ev = iwe_stream_add_point(info, current_ev,
4151 sprintf(buf, "Path Selection Protocol ID: "
4152 "0x%02X%02X%02X%02X", cfg[1], cfg[2], cfg[3],
4154 iwe.u.data.length = strlen(buf);
4155 current_ev = iwe_stream_add_point(info, current_ev,
4158 sprintf(buf, "Path Selection Metric ID: "
4159 "0x%02X%02X%02X%02X", cfg[5], cfg[6], cfg[7],
4161 iwe.u.data.length = strlen(buf);
4162 current_ev = iwe_stream_add_point(info, current_ev,
4165 sprintf(buf, "Congestion Control Mode ID: "
4166 "0x%02X%02X%02X%02X", cfg[9], cfg[10],
4168 iwe.u.data.length = strlen(buf);
4169 current_ev = iwe_stream_add_point(info, current_ev,
4172 sprintf(buf, "Channel Precedence: "
4173 "0x%02X%02X%02X%02X", cfg[13], cfg[14],
4175 iwe.u.data.length = strlen(buf);
4176 current_ev = iwe_stream_add_point(info, current_ev,
4187 int ieee80211_sta_scan_results(struct ieee80211_local *local,
4188 struct iw_request_info *info,
4189 char *buf, size_t len)
4191 char *current_ev = buf;
4192 char *end_buf = buf + len;
4193 struct ieee80211_sta_bss *bss;
4195 spin_lock_bh(&local->sta_bss_lock);
4196 list_for_each_entry(bss, &local->sta_bss_list, list) {
4197 if (buf + len - current_ev <= IW_EV_ADDR_LEN) {
4198 spin_unlock_bh(&local->sta_bss_lock);
4201 current_ev = ieee80211_sta_scan_result(local, info, bss,
4202 current_ev, end_buf);
4204 spin_unlock_bh(&local->sta_bss_lock);
4205 return current_ev - buf;
4209 int ieee80211_sta_set_extra_ie(struct ieee80211_sub_if_data *sdata, char *ie, size_t len)
4211 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
4213 kfree(ifsta->extra_ie);
4215 ifsta->extra_ie = NULL;
4216 ifsta->extra_ie_len = 0;
4219 ifsta->extra_ie = kmalloc(len, GFP_KERNEL);
4220 if (!ifsta->extra_ie) {
4221 ifsta->extra_ie_len = 0;
4224 memcpy(ifsta->extra_ie, ie, len);
4225 ifsta->extra_ie_len = len;
4230 struct sta_info *ieee80211_ibss_add_sta(struct ieee80211_sub_if_data *sdata,
4231 struct sk_buff *skb, u8 *bssid,
4232 u8 *addr, u64 supp_rates)
4234 struct ieee80211_local *local = sdata->local;
4235 struct sta_info *sta;
4236 DECLARE_MAC_BUF(mac);
4237 int band = local->hw.conf.channel->band;
4239 /* TODO: Could consider removing the least recently used entry and
4240 * allow new one to be added. */
4241 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
4242 if (net_ratelimit()) {
4243 printk(KERN_DEBUG "%s: No room for a new IBSS STA "
4244 "entry %s\n", sdata->dev->name, print_mac(mac, addr));
4249 if (compare_ether_addr(bssid, sdata->u.sta.bssid))
4252 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
4253 printk(KERN_DEBUG "%s: Adding new IBSS station %s (dev=%s)\n",
4254 wiphy_name(local->hw.wiphy), print_mac(mac, addr), sdata->dev->name);
4257 sta = sta_info_alloc(sdata, addr, GFP_ATOMIC);
4261 set_sta_flags(sta, WLAN_STA_AUTHORIZED);
4263 /* make sure mandatory rates are always added */
4264 sta->supp_rates[band] = supp_rates |
4265 ieee80211_sta_get_mandatory_rates(local, band);
4267 rate_control_rate_init(sta, local);
4269 if (sta_info_insert(sta))
4276 int ieee80211_sta_deauthenticate(struct ieee80211_sub_if_data *sdata, u16 reason)
4278 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
4280 printk(KERN_DEBUG "%s: deauthenticating by local choice (reason=%d)\n",
4281 sdata->dev->name, reason);
4283 if (sdata->vif.type != IEEE80211_IF_TYPE_STA &&
4284 sdata->vif.type != IEEE80211_IF_TYPE_IBSS)
4287 ieee80211_set_disassoc(sdata, ifsta, true, true, reason);
4292 int ieee80211_sta_disassociate(struct ieee80211_sub_if_data *sdata, u16 reason)
4294 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
4296 printk(KERN_DEBUG "%s: disassociating by local choice (reason=%d)\n",
4297 sdata->dev->name, reason);
4299 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
4302 if (!(ifsta->flags & IEEE80211_STA_ASSOCIATED))
4305 ieee80211_set_disassoc(sdata, ifsta, false, true, reason);
4309 void ieee80211_notify_mac(struct ieee80211_hw *hw,
4310 enum ieee80211_notification_types notif_type)
4312 struct ieee80211_local *local = hw_to_local(hw);
4313 struct ieee80211_sub_if_data *sdata;
4315 switch (notif_type) {
4316 case IEEE80211_NOTIFY_RE_ASSOC:
4318 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
4319 if (sdata->vif.type != IEEE80211_IF_TYPE_STA)
4322 ieee80211_sta_req_auth(sdata, &sdata->u.sta);
4328 EXPORT_SYMBOL(ieee80211_notify_mac);
projects / ~andy / linux / blob