projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
wext: Create IW_REQUEST_FLAG_COMPAT and set it as needed.
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / drivers / net / wireless / libertas / scan.c
CommitLineData
876c9d3a
MT		 1/**
2 * Functions implementing wlan scan IOCTL and firmware command APIs
3 *
4 * IOCTL handlers as well as command preperation and response routines
5 * for sending scan commands to the firmware.
6 */
fcdb53db 7#include <linux/etherdevice.h>
ac630c2b
VD		 8#include <asm/unaligned.h>
9
876c9d3a
MT		 10#include "host.h"
11#include "decl.h"
12#include "dev.h"
13#include "scan.h"
fa62f99c 14#include "cmd.h"
876c9d3a
MT		 15
16//! Approximate amount of data needed to pass a scan result back to iwlist
17#define MAX_SCAN_CELL_SIZE (IW_EV_ADDR_LEN \
18 + IW_ESSID_MAX_SIZE \
19 + IW_EV_UINT_LEN \
20 + IW_EV_FREQ_LEN \
21 + IW_EV_QUAL_LEN \
22 + IW_ESSID_MAX_SIZE \
23 + IW_EV_PARAM_LEN \
24 + 40) /* 40 for WPAIE */
25
26//! Memory needed to store a max sized channel List TLV for a firmware scan
27#define CHAN_TLV_MAX_SIZE (sizeof(struct mrvlietypesheader) \
28 + (MRVDRV_MAX_CHANNELS_PER_SCAN \
29 * sizeof(struct chanscanparamset)))
30
31//! Memory needed to store a max number/size SSID TLV for a firmware scan
32#define SSID_TLV_MAX_SIZE (1 * sizeof(struct mrvlietypes_ssidparamset))
33
fa62f99c
DW		 34//! Maximum memory needed for a cmd_ds_802_11_scan with all TLVs at max
35#define MAX_SCAN_CFG_ALLOC (sizeof(struct cmd_ds_802_11_scan) \
36 + CHAN_TLV_MAX_SIZE + SSID_TLV_MAX_SIZE)
876c9d3a
MT		 37
38//! The maximum number of channels the firmware can scan per command
39#define MRVDRV_MAX_CHANNELS_PER_SCAN 14
40
41/**
42 * @brief Number of channels to scan per firmware scan command issuance.
43 *
44 * Number restricted to prevent hitting the limit on the amount of scan data
45 * returned in a single firmware scan command.
46 */
47#define MRVDRV_CHANNELS_PER_SCAN_CMD 4
48
49//! Scan time specified in the channel TLV for each channel for passive scans
50#define MRVDRV_PASSIVE_SCAN_CHAN_TIME 100
51
52//! Scan time specified in the channel TLV for each channel for active scans
53#define MRVDRV_ACTIVE_SCAN_CHAN_TIME 100
54
fa62f99c
DW		 55static int lbs_ret_80211_scan(struct lbs_private *priv, unsigned long dummy,
56 struct cmd_header *resp);
e56188ac
HS		 57
58/*********************************************************************/
59/* */
60/* Misc helper functions */
61/* */
62/*********************************************************************/
63
23ff5036
HS		 64/**
65 * @brief Unsets the MSB on basic rates
66 *
67 * Scan through an array and unset the MSB for basic data rates.
68 *
69 * @param rates buffer of data rates
70 * @param len size of buffer
71 */
72static void lbs_unset_basic_rate_flags(u8 *rates, size_t len)
73{
74 int i;
75
76 for (i = 0; i < len; i++)
77 rates[i] &= 0x7f;
78}
79
80
f137e054 81static inline void clear_bss_descriptor(struct bss_descriptor *bss)
fcdb53db
DW		 82{
83 /* Don't blow away ->list, just BSS data */
84 memset(bss, 0, offsetof(struct bss_descriptor, list));
85}
86
ffd074fc
HS		 87/**
88 * @brief Compare two SSIDs
89 *
90 * @param ssid1 A pointer to ssid to compare
91 * @param ssid2 A pointer to ssid to compare
92 *
93 * @return 0: ssid is same, otherwise is different
94 */
f137e054
DW		 95int lbs_ssid_cmp(uint8_t *ssid1, uint8_t ssid1_len, uint8_t *ssid2,
96 uint8_t ssid2_len)
ffd074fc
HS		 97{
98 if (ssid1_len != ssid2_len)
99 return -1;
100
101 return memcmp(ssid1, ssid2, ssid1_len);
102}
103
ffd074fc
HS		 104static inline int is_same_network(struct bss_descriptor *src,
105 struct bss_descriptor *dst)
106{
107 /* A network is only a duplicate if the channel, BSSID, and ESSID
108 * all match. We treat all <hidden> with the same BSSID and channel
109 * as one network */
110 return ((src->ssid_len == dst->ssid_len) &&
111 (src->channel == dst->channel) &&
112 !compare_ether_addr(src->bssid, dst->bssid) &&
113 !memcmp(src->ssid, dst->ssid, src->ssid_len));
114}
115
876c9d3a 116
e56188ac
HS		 117
118
e56188ac
HS		 119/*********************************************************************/
120/* */
121/* Main scanning support */
122/* */
123/*********************************************************************/
124
876c9d3a
MT		 125/**
126 * @brief Create a channel list for the driver to scan based on region info
127 *
10078321 128 * Only used from lbs_scan_setup_scan_config()
e56188ac 129 *
876c9d3a
MT		 130 * Use the driver region/band information to construct a comprehensive list
131 * of channels to scan. This routine is used for any scan that is not
132 * provided a specific channel list to scan.
133 *
69f9032d 134 * @param priv A pointer to struct lbs_private structure
876c9d3a 135 * @param scanchanlist Output parameter: resulting channel list to scan
876c9d3a
MT		 136 *
137 * @return void
138 */
ffd074fc 139static int lbs_scan_create_channel_list(struct lbs_private *priv,
52933d81 140 struct chanscanparamset *scanchanlist)
876c9d3a 141{
876c9d3a
MT		 142 struct region_channel *scanregion;
143 struct chan_freq_power *cfp;
144 int rgnidx;
145 int chanidx;
146 int nextchan;
f137e054 147 uint8_t scantype;
876c9d3a
MT		 148
149 chanidx = 0;
150
151 /* Set the default scan type to the user specified type, will later
152 * be changed to passive on a per channel basis if restricted by
153 * regulatory requirements (11d or 11h)
154 */
4f2fdaaf 155 scantype = CMD_SCAN_TYPE_ACTIVE;
876c9d3a 156
aa21c004 157 for (rgnidx = 0; rgnidx < ARRAY_SIZE(priv->region_channel); rgnidx++) {
f137e054
DW		 158 if (priv->enable11d && (priv->connect_status != LBS_CONNECTED)
159 && (priv->mesh_connect_status != LBS_CONNECTED)) {
876c9d3a 160 /* Scan all the supported chan for the first scan */
aa21c004 161 if (!priv->universal_channel[rgnidx].valid)
876c9d3a 162 continue;
aa21c004 163 scanregion = &priv->universal_channel[rgnidx];
876c9d3a
MT		 164
165 /* clear the parsed_region_chan for the first scan */
aa21c004
DW		 166 memset(&priv->parsed_region_chan, 0x00,
167 sizeof(priv->parsed_region_chan));
876c9d3a 168 } else {
aa21c004 169 if (!priv->region_channel[rgnidx].valid)
876c9d3a 170 continue;
aa21c004 171 scanregion = &priv->region_channel[rgnidx];
876c9d3a
MT		 172 }
173
f137e054
DW		 174 for (nextchan = 0; nextchan < scanregion->nrcfp; nextchan++, chanidx++) {
175 struct chanscanparamset *chan = &scanchanlist[chanidx];
876c9d3a
MT		 176
177 cfp = scanregion->CFP + nextchan;
178
f137e054
DW		 179 if (priv->enable11d)
180 scantype = lbs_get_scan_type_11d(cfp->channel,
181 &priv->parsed_region_chan);
876c9d3a 182
f137e054
DW		 183 if (scanregion->band == BAND_B || scanregion->band == BAND_G)
184 chan->radiotype = CMD_SCAN_RADIO_TYPE_BG;
876c9d3a 185
0aef64d7 186 if (scantype == CMD_SCAN_TYPE_PASSIVE) {
f137e054
DW		 187 chan->maxscantime = cpu_to_le16(MRVDRV_PASSIVE_SCAN_CHAN_TIME);
188 chan->chanscanmode.passivescan = 1;
876c9d3a 189 } else {
f137e054
DW		 190 chan->maxscantime = cpu_to_le16(MRVDRV_ACTIVE_SCAN_CHAN_TIME);
191 chan->chanscanmode.passivescan = 0;
876c9d3a
MT		 192 }
193
f137e054 194 chan->channumber = cfp->channel;
876c9d3a
MT		 195 }
196 }
ffd074fc 197 return chanidx;
876c9d3a
MT		 198}
199
ffd074fc
HS		 200/*
201 * Add SSID TLV of the form:
202 *
203 * TLV-ID SSID 00 00
204 * length 06 00
205 * ssid 4d 4e 54 45 53 54
206 */
52933d81 207static int lbs_scan_add_ssid_tlv(struct lbs_private *priv, u8 *tlv)
2afc0c5d 208{
f137e054
DW		 209 struct mrvlietypes_ssidparamset *ssid_tlv = (void *)tlv;
210
ffd074fc 211 ssid_tlv->header.type = cpu_to_le16(TLV_TYPE_SSID);
52933d81
HS		 212 ssid_tlv->header.len = cpu_to_le16(priv->scan_ssid_len);
213 memcpy(ssid_tlv->ssid, priv->scan_ssid, priv->scan_ssid_len);
214 return sizeof(ssid_tlv->header) + priv->scan_ssid_len;
2afc0c5d
DW		 215}
216
ffd074fc
HS		 217/*
218 * Add CHANLIST TLV of the form
876c9d3a 219 *
ffd074fc
HS		 220 * TLV-ID CHANLIST 01 01
221 * length 5b 00
222 * channel 1 00 01 00 00 00 64 00
223 * radio type 00
224 * channel 01
225 * scan type 00
226 * min scan time 00 00
227 * max scan time 64 00
228 * channel 2 00 02 00 00 00 64 00
229 * channel 3 00 03 00 00 00 64 00
230 * channel 4 00 04 00 00 00 64 00
231 * channel 5 00 05 00 00 00 64 00
232 * channel 6 00 06 00 00 00 64 00
233 * channel 7 00 07 00 00 00 64 00
234 * channel 8 00 08 00 00 00 64 00
235 * channel 9 00 09 00 00 00 64 00
236 * channel 10 00 0a 00 00 00 64 00
237 * channel 11 00 0b 00 00 00 64 00
238 * channel 12 00 0c 00 00 00 64 00
239 * channel 13 00 0d 00 00 00 64 00
876c9d3a 240 *
876c9d3a 241 */
f137e054
DW		 242static int lbs_scan_add_chanlist_tlv(uint8_t *tlv,
243 struct chanscanparamset *chan_list,
244 int chan_count)
876c9d3a 245{
f137e054
DW		 246 size_t size = sizeof(struct chanscanparamset) *chan_count;
247 struct mrvlietypes_chanlistparamset *chan_tlv = (void *)tlv;
ffd074fc
HS		 248
249 chan_tlv->header.type = cpu_to_le16(TLV_TYPE_CHANLIST);
250 memcpy(chan_tlv->chanscanparam, chan_list, size);
251 chan_tlv->header.len = cpu_to_le16(size);
252 return sizeof(chan_tlv->header) + size;
876c9d3a
MT		 253}
254
ffd074fc
HS		 255/*
256 * Add RATES TLV of the form
876c9d3a 257 *
ffd074fc
HS		 258 * TLV-ID RATES 01 00
259 * length 0e 00
260 * rates 82 84 8b 96 0c 12 18 24 30 48 60 6c
876c9d3a 261 *
ffd074fc
HS		 262 * The rates are in lbs_bg_rates[], but for the 802.11b
263 * rates the high bit isn't set.
876c9d3a 264 */
f137e054 265static int lbs_scan_add_rates_tlv(uint8_t *tlv)
876c9d3a 266{
ffd074fc 267 int i;
f137e054 268 struct mrvlietypes_ratesparamset *rate_tlv = (void *)tlv;
ffd074fc
HS		 269
270 rate_tlv->header.type = cpu_to_le16(TLV_TYPE_RATES);
271 tlv += sizeof(rate_tlv->header);
272 for (i = 0; i < MAX_RATES; i++) {
273 *tlv = lbs_bg_rates[i];
274 if (*tlv == 0)
275 break;
276 /* This code makes sure that the 802.11b rates (1 MBit/s, 2
277 MBit/s, 5.5 MBit/s and 11 MBit/s get's the high bit set.
278 Note that the values are MBit/s * 2, to mark them as
279 basic rates so that the firmware likes it better */
280 if (*tlv == 0x02 || *tlv == 0x04 ||
281 *tlv == 0x0b || *tlv == 0x16)
282 *tlv |= 0x80;
283 tlv++;
2afc0c5d 284 }
ffd074fc
HS		 285 rate_tlv->header.len = cpu_to_le16(i);
286 return sizeof(rate_tlv->header) + i;
876c9d3a
MT		 287}
288
e56188ac 289/*
ffd074fc
HS		 290 * Generate the CMD_802_11_SCAN command with the proper tlv
291 * for a bunch of channels.
292 */
fa62f99c 293static int lbs_do_scan(struct lbs_private *priv, uint8_t bsstype,
52933d81 294 struct chanscanparamset *chan_list, int chan_count)
eb8f7330 295{
ffd074fc 296 int ret = -ENOMEM;
fa62f99c
DW		 297 struct cmd_ds_802_11_scan *scan_cmd;
298 uint8_t *tlv; /* pointer into our current, growing TLV storage area */
eb8f7330 299
fa62f99c 300 lbs_deb_enter_args(LBS_DEB_SCAN, "bsstype %d, chanlist[].chan %d, chan_count %d",
c0d43990
HS		 301 bsstype, chan_list ? chan_list[0].channumber : -1,
302 chan_count);
e56188ac 303
ffd074fc
HS		 304 /* create the fixed part for scan command */
305 scan_cmd = kzalloc(MAX_SCAN_CFG_ALLOC, GFP_KERNEL);
306 if (scan_cmd == NULL)
e56188ac 307 goto out;
fa62f99c 308
ffd074fc 309 tlv = scan_cmd->tlvbuffer;
52933d81
HS		 310 /* TODO: do we need to scan for a specific BSSID?
311 memcpy(scan_cmd->bssid, priv->scan_bssid, ETH_ALEN); */
ffd074fc
HS		 312 scan_cmd->bsstype = bsstype;
313
314 /* add TLVs */
52933d81
HS		 315 if (priv->scan_ssid_len)
316 tlv += lbs_scan_add_ssid_tlv(priv, tlv);
ffd074fc
HS		 317 if (chan_list && chan_count)
318 tlv += lbs_scan_add_chanlist_tlv(tlv, chan_list, chan_count);
319 tlv += lbs_scan_add_rates_tlv(tlv);
320
321 /* This is the final data we are about to send */
fa62f99c
DW		 322 scan_cmd->hdr.size = cpu_to_le16(tlv - (uint8_t *)scan_cmd);
323 lbs_deb_hex(LBS_DEB_SCAN, "SCAN_CMD", (void *)scan_cmd,
324 sizeof(*scan_cmd));
ffd074fc 325 lbs_deb_hex(LBS_DEB_SCAN, "SCAN_TLV", scan_cmd->tlvbuffer,
fa62f99c
DW		 326 tlv - scan_cmd->tlvbuffer);
327
328 ret = __lbs_cmd(priv, CMD_802_11_SCAN, &scan_cmd->hdr,
329 le16_to_cpu(scan_cmd->hdr.size),
330 lbs_ret_80211_scan, 0);
ffd074fc 331
e56188ac 332out:
ffd074fc
HS		 333 kfree(scan_cmd);
334 lbs_deb_leave_args(LBS_DEB_SCAN, "ret %d", ret);
335 return ret;
eb8f7330
DW		 336}
337
876c9d3a
MT		 338/**
339 * @brief Internal function used to start a scan based on an input config
340 *
341 * Use the input user scan configuration information when provided in
342 * order to send the appropriate scan commands to firmware to populate or
343 * update the internal driver scan table
344 *
69f9032d 345 * @param priv A pointer to struct lbs_private structure
52933d81 346 * @param full_scan Do a full-scan (blocking)
876c9d3a
MT		 347 *
348 * @return 0 or < 0 if error
349 */
245bf20f 350int lbs_scan_networks(struct lbs_private *priv, int full_scan)
876c9d3a 351{
ffd074fc
HS		 352 int ret = -ENOMEM;
353 struct chanscanparamset *chan_list;
354 struct chanscanparamset *curr_chans;
355 int chan_count;
f137e054 356 uint8_t bsstype = CMD_BSS_TYPE_ANY;
ffd074fc 357 int numchannels = MRVDRV_CHANNELS_PER_SCAN_CMD;
ffd074fc 358 union iwreq_data wrqu;
f8f55108 359#ifdef CONFIG_LIBERTAS_DEBUG
ffd074fc 360 struct bss_descriptor *iter;
f8f55108 361 int i = 0;
0795af57 362 DECLARE_MAC_BUF(mac);
f8f55108 363#endif
876c9d3a 364
f137e054 365 lbs_deb_enter_args(LBS_DEB_SCAN, "full_scan %d", full_scan);
2afc0c5d
DW		 366
367 /* Cancel any partial outstanding partial scans if this scan
368 * is a full scan.
369 */
370 if (full_scan && delayed_work_pending(&priv->scan_work))
371 cancel_delayed_work(&priv->scan_work);
876c9d3a 372
52933d81
HS		 373 /* User-specified bsstype or channel list
374 TODO: this can be implemented if some user-space application
375 need the feature. Formerly, it was accessible from debugfs,
376 but then nowhere used.
ffd074fc
HS		 377 if (user_cfg) {
378 if (user_cfg->bsstype)
52933d81
HS		 379 bsstype = user_cfg->bsstype;
380 } */
381
382 lbs_deb_scan("numchannels %d, bsstype %d\n", numchannels, bsstype);
876c9d3a 383
ffd074fc
HS		 384 /* Create list of channels to scan */
385 chan_list = kzalloc(sizeof(struct chanscanparamset) *
f137e054 386 LBS_IOCTL_USER_SCAN_CHAN_MAX, GFP_KERNEL);
ffd074fc
HS		 387 if (!chan_list) {
388 lbs_pr_alert("SCAN: chan_list empty\n");
876c9d3a
MT		 389 goto out;
390 }
391
ffd074fc 392 /* We want to scan all channels */
52933d81 393 chan_count = lbs_scan_create_channel_list(priv, chan_list);
876c9d3a 394
ffd074fc
HS		 395 netif_stop_queue(priv->dev);
396 netif_carrier_off(priv->dev);
397 if (priv->mesh_dev) {
a27b9f96
DW		 398 netif_stop_queue(priv->mesh_dev);
399 netif_carrier_off(priv->mesh_dev);
876c9d3a
MT		 400 }
401
ffd074fc 402 /* Prepare to continue an interrupted scan */
8816edce
HS		 403 lbs_deb_scan("chan_count %d, scan_channel %d\n",
404 chan_count, priv->scan_channel);
ffd074fc
HS		 405 curr_chans = chan_list;
406 /* advance channel list by already-scanned-channels */
8816edce
HS		 407 if (priv->scan_channel > 0) {
408 curr_chans += priv->scan_channel;
409 chan_count -= priv->scan_channel;
ffd074fc
HS		 410 }
411
412 /* Send scan command(s)
413 * numchannels contains the number of channels we should maximally scan
414 * chan_count is the total number of channels to scan
415 */
416
417 while (chan_count) {
418 int to_scan = min(numchannels, chan_count);
419 lbs_deb_scan("scanning %d of %d channels\n",
f137e054 420 to_scan, chan_count);
ffd074fc 421 ret = lbs_do_scan(priv, bsstype, curr_chans,
52933d81 422 to_scan);
ffd074fc
HS		 423 if (ret) {
424 lbs_pr_err("SCAN_CMD failed\n");
425 goto out2;
426 }
427 curr_chans += to_scan;
428 chan_count -= to_scan;
429
430 /* somehow schedule the next part of the scan */
f137e054 431 if (chan_count && !full_scan &&
aa21c004 432 !priv->surpriseremoved) {
ffd074fc 433 /* -1 marks just that we're currently scanning */
8816edce
HS		 434 if (priv->scan_channel < 0)
435 priv->scan_channel = to_scan;
ffd074fc 436 else
8816edce 437 priv->scan_channel += to_scan;
ffd074fc
HS		 438 cancel_delayed_work(&priv->scan_work);
439 queue_delayed_work(priv->work_thread, &priv->scan_work,
f137e054 440 msecs_to_jiffies(300));
ffd074fc
HS		 441 /* skip over GIWSCAN event */
442 goto out;
443 }
444
445 }
446 memset(&wrqu, 0, sizeof(union iwreq_data));
447 wireless_send_event(priv->dev, SIOCGIWSCAN, &wrqu, NULL);
876c9d3a 448
f8f55108
DW		 449#ifdef CONFIG_LIBERTAS_DEBUG
450 /* Dump the scan table */
aa21c004 451 mutex_lock(&priv->lock);
ffd074fc 452 lbs_deb_scan("scan table:\n");
aa21c004 453 list_for_each_entry(iter, &priv->network_list, list)
ffd074fc 454 lbs_deb_scan("%02d: BSSID %s, RSSI %d, SSID '%s'\n",
ff829ae0 455 i++, print_mac(mac, iter->bssid), iter->rssi,
f137e054 456 escape_essid(iter->ssid, iter->ssid_len));
aa21c004 457 mutex_unlock(&priv->lock);
f8f55108 458#endif
876c9d3a 459
ffd074fc 460out2:
8816edce 461 priv->scan_channel = 0;
ffd074fc
HS		 462
463out:
aa21c004 464 if (priv->connect_status == LBS_CONNECTED) {
634b8f49 465 netif_carrier_on(priv->dev);
a27b9f96
DW		 466 if (!priv->tx_pending_len)
467 netif_wake_queue(priv->dev);
01d77d8d 468 }
aa21c004 469 if (priv->mesh_dev && (priv->mesh_connect_status == LBS_CONNECTED)) {
01d77d8d 470 netif_carrier_on(priv->mesh_dev);
a27b9f96
DW		 471 if (!priv->tx_pending_len)
472 netif_wake_queue(priv->mesh_dev);
876c9d3a 473 }
ffd074fc 474 kfree(chan_list);
876c9d3a 475
9012b28a 476 lbs_deb_leave_args(LBS_DEB_SCAN, "ret %d", ret);
876c9d3a
MT		 477 return ret;
478}
479
52933d81
HS		 480void lbs_scan_worker(struct work_struct *work)
481{
482 struct lbs_private *priv =
483 container_of(work, struct lbs_private, scan_work.work);
484
485 lbs_deb_enter(LBS_DEB_SCAN);
486 lbs_scan_networks(priv, 0);
487 lbs_deb_leave(LBS_DEB_SCAN);
488}
489
490
ffd074fc
HS		 491/*********************************************************************/
492/* */
493/* Result interpretation */
494/* */
495/*********************************************************************/
496
876c9d3a
MT		 497/**
498 * @brief Interpret a BSS scan response returned from the firmware
499 *
500 * Parse the various fixed fields and IEs passed back for a a BSS probe
ffd074fc
HS		 501 * response or beacon from the scan command. Record information as needed
502 * in the scan table struct bss_descriptor for that entry.
876c9d3a 503 *
fcdb53db 504 * @param bss Output parameter: Pointer to the BSS Entry
876c9d3a
MT		 505 *
506 * @return 0 or -1
507 */
10078321 508static int lbs_process_bss(struct bss_descriptor *bss,
f137e054 509 uint8_t **pbeaconinfo, int *bytesleft)
876c9d3a 510{
876c9d3a
MT		 511 struct ieeetypes_fhparamset *pFH;
512 struct ieeetypes_dsparamset *pDS;
513 struct ieeetypes_cfparamset *pCF;
514 struct ieeetypes_ibssparamset *pibss;
0795af57 515 DECLARE_MAC_BUF(mac);
876c9d3a 516 struct ieeetypes_countryinfoset *pcountryinfo;
f137e054
DW		 517 uint8_t *pos, *end, *p;
518 uint8_t n_ex_rates = 0, got_basic_rates = 0, n_basic_rates = 0;
519 uint16_t beaconsize = 0;
8c512765 520 int ret;
876c9d3a 521
e56188ac 522 lbs_deb_enter(LBS_DEB_SCAN);
876c9d3a 523
876c9d3a
MT		 524 if (*bytesleft >= sizeof(beaconsize)) {
525 /* Extract & convert beacon size from the command buffer */
533dd1b0 526 beaconsize = get_unaligned_le16(*pbeaconinfo);
876c9d3a
MT		 527 *bytesleft -= sizeof(beaconsize);
528 *pbeaconinfo += sizeof(beaconsize);
529 }
530
531 if (beaconsize == 0 || beaconsize > *bytesleft) {
876c9d3a
MT		 532 *pbeaconinfo += *bytesleft;
533 *bytesleft = 0;
e56188ac
HS		 534 ret = -1;
535 goto done;
876c9d3a
MT		 536 }
537
538 /* Initialize the current working beacon pointer for this BSS iteration */
ab617971
DW		 539 pos = *pbeaconinfo;
540 end = pos + beaconsize;
876c9d3a
MT		 541
542 /* Advance the return beacon pointer past the current beacon */
543 *pbeaconinfo += beaconsize;
544 *bytesleft -= beaconsize;
545
ab617971 546 memcpy(bss->bssid, pos, ETH_ALEN);
ffd074fc 547 lbs_deb_scan("process_bss: BSSID %s\n", print_mac(mac, bss->bssid));
ab617971 548 pos += ETH_ALEN;
876c9d3a 549
ab617971 550 if ((end - pos) < 12) {
fcdb53db 551 lbs_deb_scan("process_bss: Not enough bytes left\n");
e56188ac
HS		 552 ret = -1;
553 goto done;
876c9d3a
MT		 554 }
555
556 /*
557 * next 4 fields are RSSI, time stamp, beacon interval,
558 * and capability information
559 */
560
561 /* RSSI is 1 byte long */
ab617971 562 bss->rssi = *pos;
ffd074fc 563 lbs_deb_scan("process_bss: RSSI %d\n", *pos);
ab617971 564 pos++;
876c9d3a
MT		 565
566 /* time stamp is 8 bytes long */
ab617971 567 pos += 8;
876c9d3a
MT		 568
569 /* beacon interval is 2 bytes long */
ab617971
DW		 570 bss->beaconperiod = le16_to_cpup((void *) pos);
571 pos += 2;
876c9d3a
MT		 572
573 /* capability information is 2 bytes long */
ab617971 574 bss->capability = le16_to_cpup((void *) pos);
ffd074fc 575 lbs_deb_scan("process_bss: capabilities 0x%04x\n", bss->capability);
ab617971 576 pos += 2;
876c9d3a 577
0c9ca690 578 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
ffd074fc 579 lbs_deb_scan("process_bss: WEP enabled\n");
0c9ca690
DW		 580 if (bss->capability & WLAN_CAPABILITY_IBSS)
581 bss->mode = IW_MODE_ADHOC;
582 else
583 bss->mode = IW_MODE_INFRA;
584
876c9d3a 585 /* rest of the current buffer are IE's */
ffd074fc 586 lbs_deb_scan("process_bss: IE len %zd\n", end - pos);
ece56191 587 lbs_deb_hex(LBS_DEB_SCAN, "process_bss: IE info", pos, end - pos);
876c9d3a 588
876c9d3a 589 /* process variable IE */
ab617971 590 while (pos <= end - 2) {
f137e054 591 struct ieee80211_info_element * elem = (void *)pos;
876c9d3a 592
ab617971 593 if (pos + elem->len > end) {
fcdb53db 594 lbs_deb_scan("process_bss: error in processing IE, "
f137e054 595 "bytes left < IE length\n");
ab617971 596 break;
876c9d3a
MT		 597 }
598
ab617971
DW		 599 switch (elem->id) {
600 case MFIE_TYPE_SSID:
601 bss->ssid_len = elem->len;
602 memcpy(bss->ssid, elem->data, elem->len);
ffd074fc 603 lbs_deb_scan("got SSID IE: '%s', len %u\n",
d8efea25
DW		 604 escape_essid(bss->ssid, bss->ssid_len),
605 bss->ssid_len);
876c9d3a
MT		 606 break;
607
ab617971 608 case MFIE_TYPE_RATES:
f137e054 609 n_basic_rates = min_t(uint8_t, MAX_RATES, elem->len);
8c512765
DW		 610 memcpy(bss->rates, elem->data, n_basic_rates);
611 got_basic_rates = 1;
ffd074fc 612 lbs_deb_scan("got RATES IE\n");
876c9d3a
MT		 613 break;
614
ab617971
DW		 615 case MFIE_TYPE_FH_SET:
616 pFH = (struct ieeetypes_fhparamset *) pos;
fcdb53db 617 memmove(&bss->phyparamset.fhparamset, pFH,
876c9d3a 618 sizeof(struct ieeetypes_fhparamset));
ffd074fc 619 lbs_deb_scan("got FH IE\n");
876c9d3a
MT		 620 break;
621
ab617971
DW		 622 case MFIE_TYPE_DS_SET:
623 pDS = (struct ieeetypes_dsparamset *) pos;
fcdb53db
DW		 624 bss->channel = pDS->currentchan;
625 memcpy(&bss->phyparamset.dsparamset, pDS,
876c9d3a 626 sizeof(struct ieeetypes_dsparamset));
ffd074fc 627 lbs_deb_scan("got DS IE, channel %d\n", bss->channel);
876c9d3a
MT		 628 break;
629
ab617971
DW		 630 case MFIE_TYPE_CF_SET:
631 pCF = (struct ieeetypes_cfparamset *) pos;
fcdb53db 632 memcpy(&bss->ssparamset.cfparamset, pCF,
876c9d3a 633 sizeof(struct ieeetypes_cfparamset));
ffd074fc 634 lbs_deb_scan("got CF IE\n");
876c9d3a
MT		 635 break;
636
ab617971
DW		 637 case MFIE_TYPE_IBSS_SET:
638 pibss = (struct ieeetypes_ibssparamset *) pos;
e7240aca 639 bss->atimwindow = le16_to_cpu(pibss->atimwindow);
fcdb53db 640 memmove(&bss->ssparamset.ibssparamset, pibss,
876c9d3a 641 sizeof(struct ieeetypes_ibssparamset));
ffd074fc 642 lbs_deb_scan("got IBSS IE\n");
876c9d3a
MT		 643 break;
644
ab617971
DW		 645 case MFIE_TYPE_COUNTRY:
646 pcountryinfo = (struct ieeetypes_countryinfoset *) pos;
ffd074fc 647 lbs_deb_scan("got COUNTRY IE\n");
fcdb53db 648 if (pcountryinfo->len < sizeof(pcountryinfo->countrycode)
876c9d3a 649 || pcountryinfo->len > 254) {
f137e054
DW		 650 lbs_deb_scan("process_bss: 11D- Err CountryInfo len %d, min %zd, max 254\n",
651 pcountryinfo->len, sizeof(pcountryinfo->countrycode));
9012b28a
HS		 652 ret = -1;
653 goto done;
876c9d3a
MT		 654 }
655
f137e054 656 memcpy(&bss->countryinfo, pcountryinfo, pcountryinfo->len + 2);
ece56191 657 lbs_deb_hex(LBS_DEB_SCAN, "process_bss: 11d countryinfo",
f137e054
DW		 658 (uint8_t *) pcountryinfo,
659 (int) (pcountryinfo->len + 2));
876c9d3a
MT		 660 break;
661
ab617971
DW		 662 case MFIE_TYPE_RATES_EX:
663 /* only process extended supported rate if data rate is
664 * already found. Data rate IE should come before
876c9d3a
MT		 665 * extended supported rate IE
666 */
ffd074fc
HS		 667 lbs_deb_scan("got RATESEX IE\n");
668 if (!got_basic_rates) {
669 lbs_deb_scan("... but ignoring it\n");
ab617971 670 break;
ffd074fc 671 }
876c9d3a 672
8c512765
DW		 673 n_ex_rates = elem->len;
674 if (n_basic_rates + n_ex_rates > MAX_RATES)
675 n_ex_rates = MAX_RATES - n_basic_rates;
876c9d3a 676
8c512765
DW		 677 p = bss->rates + n_basic_rates;
678 memcpy(p, elem->data, n_ex_rates);
876c9d3a 679 break;
ab617971
DW		 680
681 case MFIE_TYPE_GENERIC:
682 if (elem->len >= 4 &&
f137e054
DW		 683 elem->data[0] == 0x00 && elem->data[1] == 0x50 &&
684 elem->data[2] == 0xf2 && elem->data[3] == 0x01) {
685 bss->wpa_ie_len = min(elem->len + 2, MAX_WPA_IE_LEN);
ab617971 686 memcpy(bss->wpa_ie, elem, bss->wpa_ie_len);
ffd074fc 687 lbs_deb_scan("got WPA IE\n");
f137e054 688 lbs_deb_hex(LBS_DEB_SCAN, "WPA IE", bss->wpa_ie, elem->len);
1e838bf3 689 } else if (elem->len >= MARVELL_MESH_IE_LENGTH &&
f137e054
DW		 690 elem->data[0] == 0x00 && elem->data[1] == 0x50 &&
691 elem->data[2] == 0x43 && elem->data[3] == 0x04) {
ffd074fc 692 lbs_deb_scan("got mesh IE\n");
1e838bf3 693 bss->mesh = 1;
ffd074fc 694 } else {
f137e054 695 lbs_deb_scan("got generic IE: %02x:%02x:%02x:%02x, len %d\n",
ffd074fc
HS		 696 elem->data[0], elem->data[1],
697 elem->data[2], elem->data[3],
698 elem->len);
ab617971 699 }
876c9d3a 700 break;
ab617971
DW		 701
702 case MFIE_TYPE_RSN:
ffd074fc 703 lbs_deb_scan("got RSN IE\n");
ab617971
DW		 704 bss->rsn_ie_len = min(elem->len + 2, MAX_WPA_IE_LEN);
705 memcpy(bss->rsn_ie, elem, bss->rsn_ie_len);
ffd074fc 706 lbs_deb_hex(LBS_DEB_SCAN, "process_bss: RSN_IE",
f137e054 707 bss->rsn_ie, elem->len);
876c9d3a
MT		 708 break;
709
ab617971 710 default:
ffd074fc 711 lbs_deb_scan("got IE 0x%04x, len %d\n",
f137e054 712 elem->id, elem->len);
876c9d3a
MT		 713 break;
714 }
715
ab617971
DW		 716 pos += elem->len + 2;
717 }
fcdb53db
DW		 718
719 /* Timestamp */
720 bss->last_scanned = jiffies;
10078321 721 lbs_unset_basic_rate_flags(bss->rates, sizeof(bss->rates));
fcdb53db 722
9012b28a 723 ret = 0;
876c9d3a 724
9012b28a
HS		 725done:
726 lbs_deb_leave_args(LBS_DEB_SCAN, "ret %d", ret);
727 return ret;
876c9d3a
MT		 728}
729
876c9d3a
MT		 730/**
731 * @brief Send a scan command for all available channels filtered on a spec
732 *
e56188ac
HS		 733 * Used in association code and from debugfs
734 *
69f9032d 735 * @param priv A pointer to struct lbs_private structure
e56188ac
HS		 736 * @param ssid A pointer to the SSID to scan for
737 * @param ssid_len Length of the SSID
876c9d3a
MT		 738 *
739 * @return 0-success, otherwise fail
740 */
f137e054 741int lbs_send_specific_ssid_scan(struct lbs_private *priv, uint8_t *ssid,
52933d81 742 uint8_t ssid_len)
876c9d3a 743{
eb8f7330 744 int ret = 0;
876c9d3a 745
52933d81
HS		 746 lbs_deb_enter_args(LBS_DEB_SCAN, "SSID '%s'\n",
747 escape_essid(ssid, ssid_len));
876c9d3a 748
d8efea25 749 if (!ssid_len)
eb8f7330 750 goto out;
876c9d3a 751
52933d81
HS		 752 memcpy(priv->scan_ssid, ssid, ssid_len);
753 priv->scan_ssid_len = ssid_len;
876c9d3a 754
52933d81 755 lbs_scan_networks(priv, 1);
aa21c004 756 if (priv->surpriseremoved) {
e56188ac
HS		 757 ret = -1;
758 goto out;
759 }
876c9d3a 760
eb8f7330 761out:
e56188ac 762 lbs_deb_leave_args(LBS_DEB_SCAN, "ret %d", ret);
eb8f7330 763 return ret;
876c9d3a
MT		 764}
765
e56188ac
HS		 766
767
768
769/*********************************************************************/
770/* */
771/* Support for Wireless Extensions */
772/* */
773/*********************************************************************/
774
ffd074fc 775
00af0157
DW		 776#define MAX_CUSTOM_LEN 64
777
69f9032d 778static inline char *lbs_translate_scan(struct lbs_private *priv,
f137e054
DW		 779 char *start, char *stop,
780 struct bss_descriptor *bss)
876c9d3a 781{
876c9d3a 782 struct chan_freq_power *cfp;
876c9d3a
MT		 783 char *current_val; /* For rates */
784 struct iw_event iwe; /* Temporary buffer */
876c9d3a 785 int j;
f137e054
DW		 786#define PERFECT_RSSI ((uint8_t)50)
787#define WORST_RSSI ((uint8_t)0)
788#define RSSI_DIFF ((uint8_t)(PERFECT_RSSI - WORST_RSSI))
789 uint8_t rssi;
876c9d3a 790
e56188ac
HS		 791 lbs_deb_enter(LBS_DEB_SCAN);
792
aa21c004 793 cfp = lbs_find_cfp_by_band_and_channel(priv, 0, bss->channel);
fcdb53db
DW		 794 if (!cfp) {
795 lbs_deb_scan("Invalid channel number %d\n", bss->channel);
e56188ac
HS		 796 start = NULL;
797 goto out;
2be92196 798 }
876c9d3a 799
ffd074fc 800 /* First entry *MUST* be the BSSID */
fcdb53db
DW		 801 iwe.cmd = SIOCGIWAP;
802 iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
803 memcpy(iwe.u.ap_addr.sa_data, &bss->bssid, ETH_ALEN);
804 start = iwe_stream_add_event(start, stop, &iwe, IW_EV_ADDR_LEN);
805
806 /* SSID */
807 iwe.cmd = SIOCGIWESSID;
808 iwe.u.data.flags = 1;
f137e054 809 iwe.u.data.length = min((uint32_t) bss->ssid_len, (uint32_t) IW_ESSID_MAX_SIZE);
d8efea25 810 start = iwe_stream_add_point(start, stop, &iwe, bss->ssid);
fcdb53db
DW		 811
812 /* Mode */
813 iwe.cmd = SIOCGIWMODE;
814 iwe.u.mode = bss->mode;
815 start = iwe_stream_add_event(start, stop, &iwe, IW_EV_UINT_LEN);
816
817 /* Frequency */
818 iwe.cmd = SIOCGIWFREQ;
819 iwe.u.freq.m = (long)cfp->freq * 100000;
820 iwe.u.freq.e = 1;
821 start = iwe_stream_add_event(start, stop, &iwe, IW_EV_FREQ_LEN);
822
823 /* Add quality statistics */
824 iwe.cmd = IWEVQUAL;
825 iwe.u.qual.updated = IW_QUAL_ALL_UPDATED;
826 iwe.u.qual.level = SCAN_RSSI(bss->rssi);
827
828 rssi = iwe.u.qual.level - MRVDRV_NF_DEFAULT_SCAN_VALUE;
829 iwe.u.qual.qual =
f137e054
DW		 830 (100 * RSSI_DIFF * RSSI_DIFF - (PERFECT_RSSI - rssi) *
831 (15 * (RSSI_DIFF) + 62 * (PERFECT_RSSI - rssi))) /
832 (RSSI_DIFF * RSSI_DIFF);
fcdb53db
DW		 833 if (iwe.u.qual.qual > 100)
834 iwe.u.qual.qual = 100;
835
aa21c004 836 if (priv->NF[TYPE_BEACON][TYPE_NOAVG] == 0) {
fcdb53db
DW		 837 iwe.u.qual.noise = MRVDRV_NF_DEFAULT_SCAN_VALUE;
838 } else {
f137e054 839 iwe.u.qual.noise = CAL_NF(priv->NF[TYPE_BEACON][TYPE_NOAVG]);
fcdb53db 840 }
80e78ef7
DW		 841
842 /* Locally created ad-hoc BSSs won't have beacons if this is the
843 * only station in the adhoc network; so get signal strength
844 * from receive statistics.
845 */
f137e054 846 if ((priv->mode == IW_MODE_ADHOC) && priv->adhoccreate
aa21c004 847 && !lbs_ssid_cmp(priv->curbssparams.ssid,
f137e054
DW		 848 priv->curbssparams.ssid_len,
849 bss->ssid, bss->ssid_len)) {
80e78ef7 850 int snr, nf;
aa21c004
DW		 851 snr = priv->SNR[TYPE_RXPD][TYPE_AVG] / AVG_SCALE;
852 nf = priv->NF[TYPE_RXPD][TYPE_AVG] / AVG_SCALE;
80e78ef7 853 iwe.u.qual.level = CAL_RSSI(snr, nf);
fcdb53db
DW		 854 }
855 start = iwe_stream_add_event(start, stop, &iwe, IW_EV_QUAL_LEN);
876c9d3a 856
fcdb53db
DW		 857 /* Add encryption capability */
858 iwe.cmd = SIOCGIWENCODE;
0c9ca690 859 if (bss->capability & WLAN_CAPABILITY_PRIVACY) {
fcdb53db
DW		 860 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
861 } else {
862 iwe.u.data.flags = IW_ENCODE_DISABLED;
863 }
864 iwe.u.data.length = 0;
d8efea25 865 start = iwe_stream_add_point(start, stop, &iwe, bss->ssid);
876c9d3a 866
fcdb53db 867 current_val = start + IW_EV_LCP_LEN;
876c9d3a 868
fcdb53db
DW		 869 iwe.cmd = SIOCGIWRATE;
870 iwe.u.bitrate.fixed = 0;
871 iwe.u.bitrate.disabled = 0;
872 iwe.u.bitrate.value = 0;
876c9d3a 873
8c512765
DW		 874 for (j = 0; bss->rates[j] && (j < sizeof(bss->rates)); j++) {
875 /* Bit rate given in 500 kb/s units */
876 iwe.u.bitrate.value = bss->rates[j] * 500000;
fcdb53db
DW		 877 current_val = iwe_stream_add_value(start, current_val,
878 stop, &iwe, IW_EV_PARAM_LEN);
879 }
f137e054 880 if ((bss->mode == IW_MODE_ADHOC) && priv->adhoccreate
aa21c004 881 && !lbs_ssid_cmp(priv->curbssparams.ssid,
f137e054
DW		 882 priv->curbssparams.ssid_len,
883 bss->ssid, bss->ssid_len)) {
fcdb53db
DW		 884 iwe.u.bitrate.value = 22 * 500000;
885 current_val = iwe_stream_add_value(start, current_val,
f137e054 886 stop, &iwe, IW_EV_PARAM_LEN);
fcdb53db
DW		 887 }
888 /* Check if we added any event */
889 if((current_val - start) > IW_EV_LCP_LEN)
890 start = current_val;
891
892 memset(&iwe, 0, sizeof(iwe));
893 if (bss->wpa_ie_len) {
894 char buf[MAX_WPA_IE_LEN];
895 memcpy(buf, bss->wpa_ie, bss->wpa_ie_len);
896 iwe.cmd = IWEVGENIE;
897 iwe.u.data.length = bss->wpa_ie_len;
898 start = iwe_stream_add_point(start, stop, &iwe, buf);
899 }
876c9d3a 900
fcdb53db
DW		 901 memset(&iwe, 0, sizeof(iwe));
902 if (bss->rsn_ie_len) {
903 char buf[MAX_WPA_IE_LEN];
904 memcpy(buf, bss->rsn_ie, bss->rsn_ie_len);
905 iwe.cmd = IWEVGENIE;
906 iwe.u.data.length = bss->rsn_ie_len;
907 start = iwe_stream_add_point(start, stop, &iwe, buf);
908 }
876c9d3a 909
00af0157
DW		 910 if (bss->mesh) {
911 char custom[MAX_CUSTOM_LEN];
912 char *p = custom;
913
914 iwe.cmd = IWEVCUSTOM;
f137e054 915 p += snprintf(p, MAX_CUSTOM_LEN, "mesh-type: olpc");
00af0157
DW		 916 iwe.u.data.length = p - custom;
917 if (iwe.u.data.length)
918 start = iwe_stream_add_point(start, stop, &iwe, custom);
919 }
920
e56188ac
HS		 921out:
922 lbs_deb_leave_args(LBS_DEB_SCAN, "start %p", start);
fcdb53db
DW		 923 return start;
924}
876c9d3a 925
ffd074fc
HS		 926
927/**
928 * @brief Handle Scan Network ioctl
929 *
930 * @param dev A pointer to net_device structure
931 * @param info A pointer to iw_request_info structure
932 * @param vwrq A pointer to iw_param structure
933 * @param extra A pointer to extra data buf
934 *
935 * @return 0 --success, otherwise fail
936 */
937int lbs_set_scan(struct net_device *dev, struct iw_request_info *info,
52933d81 938 union iwreq_data *wrqu, char *extra)
ffd074fc
HS		 939{
940 struct lbs_private *priv = dev->priv;
52933d81 941 int ret = 0;
ffd074fc 942
52933d81 943 lbs_deb_enter(LBS_DEB_WEXT);
ffd074fc 944
52933d81
HS		 945 if (!netif_running(dev)) {
946 ret = -ENETDOWN;
947 goto out;
948 }
ffd074fc
HS		 949
950 /* mac80211 does this:
951 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
52933d81
HS		 952 if (sdata->type != IEEE80211_IF_TYPE_xxx) {
953 ret = -EOPNOTSUPP;
954 goto out;
955 }
956 */
ffd074fc
HS		 957
958 if (wrqu->data.length == sizeof(struct iw_scan_req) &&
959 wrqu->data.flags & IW_SCAN_THIS_ESSID) {
52933d81
HS		 960 struct iw_scan_req *req = (struct iw_scan_req *)extra;
961 priv->scan_ssid_len = req->essid_len;
962 memcpy(priv->scan_ssid, req->essid, priv->scan_ssid_len);
963 lbs_deb_wext("set_scan, essid '%s'\n",
964 escape_essid(priv->scan_ssid, priv->scan_ssid_len));
965 } else {
966 priv->scan_ssid_len = 0;
ffd074fc 967 }
ffd074fc
HS		 968
969 if (!delayed_work_pending(&priv->scan_work))
970 queue_delayed_work(priv->work_thread, &priv->scan_work,
f137e054 971 msecs_to_jiffies(50));
ffd074fc 972 /* set marker that currently a scan is taking place */
8816edce 973 priv->scan_channel = -1;
ffd074fc 974
aa21c004 975 if (priv->surpriseremoved)
52933d81 976 ret = -EIO;
ffd074fc 977
52933d81
HS		 978out:
979 lbs_deb_leave_args(LBS_DEB_WEXT, "ret %d", ret);
980 return ret;
ffd074fc
HS		 981}
982
983
fcdb53db 984/**
e56188ac 985 * @brief Handle Retrieve scan table ioctl
fcdb53db
DW		 986 *
987 * @param dev A pointer to net_device structure
988 * @param info A pointer to iw_request_info structure
989 * @param dwrq A pointer to iw_point structure
990 * @param extra A pointer to extra data buf
991 *
992 * @return 0 --success, otherwise fail
993 */
10078321 994int lbs_get_scan(struct net_device *dev, struct iw_request_info *info,
f137e054 995 struct iw_point *dwrq, char *extra)
fcdb53db
DW		 996{
997#define SCAN_ITEM_SIZE 128
69f9032d 998 struct lbs_private *priv = dev->priv;
fcdb53db
DW		 999 int err = 0;
1000 char *ev = extra;
1001 char *stop = ev + dwrq->length;
f137e054
DW		 1002 struct bss_descriptor *iter_bss;
1003 struct bss_descriptor *safe;
876c9d3a 1004
52933d81 1005 lbs_deb_enter(LBS_DEB_WEXT);
876c9d3a 1006
ffd074fc 1007 /* iwlist should wait until the current scan is finished */
8816edce 1008 if (priv->scan_channel)
ffd074fc
HS		 1009 return -EAGAIN;
1010
80e78ef7 1011 /* Update RSSI if current BSS is a locally created ad-hoc BSS */
f137e054 1012 if ((priv->mode == IW_MODE_ADHOC) && priv->adhoccreate)
10078321 1013 lbs_prepare_and_send_command(priv, CMD_802_11_RSSI, 0,
f137e054 1014 CMD_OPTION_WAITFORRSP, 0, NULL);
80e78ef7 1015
aa21c004
DW		 1016 mutex_lock(&priv->lock);
1017 list_for_each_entry_safe (iter_bss, safe, &priv->network_list, list) {
f137e054 1018 char *next_ev;
fcdb53db 1019 unsigned long stale_time;
876c9d3a 1020
fcdb53db
DW		 1021 if (stop - ev < SCAN_ITEM_SIZE) {
1022 err = -E2BIG;
1023 break;
876c9d3a 1024 }
876c9d3a 1025
1e838bf3
LCC		 1026 /* For mesh device, list only mesh networks */
1027 if (dev == priv->mesh_dev && !iter_bss->mesh)
1028 continue;
1029
fcdb53db
DW		 1030 /* Prune old an old scan result */
1031 stale_time = iter_bss->last_scanned + DEFAULT_MAX_SCAN_AGE;
1032 if (time_after(jiffies, stale_time)) {
f137e054 1033 list_move_tail(&iter_bss->list, &priv->network_free_list);
fcdb53db
DW		 1034 clear_bss_descriptor(iter_bss);
1035 continue;
876c9d3a
MT		 1036 }
1037
fcdb53db 1038 /* Translate to WE format this entry */
10078321 1039 next_ev = lbs_translate_scan(priv, ev, stop, iter_bss);
fcdb53db
DW		 1040 if (next_ev == NULL)
1041 continue;
1042 ev = next_ev;
876c9d3a 1043 }
aa21c004 1044 mutex_unlock(&priv->lock);
876c9d3a 1045
fcdb53db 1046 dwrq->length = (ev - extra);
876c9d3a
MT		 1047 dwrq->flags = 0;
1048
52933d81 1049 lbs_deb_leave_args(LBS_DEB_WEXT, "ret %d", err);
fcdb53db 1050 return err;
876c9d3a
MT		 1051}
1052
e56188ac
HS		 1053
1054
1055
1056/*********************************************************************/
1057/* */
1058/* Command execution */
1059/* */
1060/*********************************************************************/
1061
1062
876c9d3a
MT		 1063/**
1064 * @brief This function handles the command response of scan
1065 *
e56188ac
HS		 1066 * Called from handle_cmd_response() in cmdrespc.
1067 *
876c9d3a
MT		 1068 * The response buffer for the scan command has the following
1069 * memory layout:
1070 *
1071 * .-----------------------------------------------------------.
1072 * | header (4 * sizeof(u16)): Standard command response hdr |
1073 * .-----------------------------------------------------------.
1074 * | bufsize (u16) : sizeof the BSS Description data |
1075 * .-----------------------------------------------------------.
1076 * | NumOfSet (u8) : Number of BSS Descs returned |
1077 * .-----------------------------------------------------------.
1078 * | BSSDescription data (variable, size given in bufsize) |
1079 * .-----------------------------------------------------------.
1080 * | TLV data (variable, size calculated using header->size, |
1081 * | bufsize and sizeof the fixed fields above) |
1082 * .-----------------------------------------------------------.
1083 *
69f9032d 1084 * @param priv A pointer to struct lbs_private structure
876c9d3a
MT		 1085 * @param resp A pointer to cmd_ds_command
1086 *
1087 * @return 0 or -1
1088 */
fa62f99c
DW		 1089static int lbs_ret_80211_scan(struct lbs_private *priv, unsigned long dummy,
1090 struct cmd_header *resp)
876c9d3a 1091{
fa62f99c 1092 struct cmd_ds_802_11_scan_rsp *scanresp = (void *)resp;
f137e054
DW		 1093 struct bss_descriptor *iter_bss;
1094 struct bss_descriptor *safe;
fa62f99c
DW		 1095 uint8_t *bssinfo;
1096 uint16_t scanrespsize;
876c9d3a 1097 int bytesleft;
876c9d3a
MT		 1098 int idx;
1099 int tlvbufsize;
9012b28a 1100 int ret;
876c9d3a 1101
e56188ac 1102 lbs_deb_enter(LBS_DEB_SCAN);
876c9d3a 1103
fcdb53db 1104 /* Prune old entries from scan table */
aa21c004 1105 list_for_each_entry_safe (iter_bss, safe, &priv->network_list, list) {
fcdb53db
DW		 1106 unsigned long stale_time = iter_bss->last_scanned + DEFAULT_MAX_SCAN_AGE;
1107 if (time_before(jiffies, stale_time))
1108 continue;
aa21c004 1109 list_move_tail (&iter_bss->list, &priv->network_free_list);
fcdb53db
DW		 1110 clear_bss_descriptor(iter_bss);
1111 }
1112
fa62f99c
DW		 1113 if (scanresp->nr_sets > MAX_NETWORK_COUNT) {
1114 lbs_deb_scan("SCAN_RESP: too many scan results (%d, max %d)\n",
1115 scanresp->nr_sets, MAX_NETWORK_COUNT);
9012b28a
HS		 1116 ret = -1;
1117 goto done;
876c9d3a
MT		 1118 }
1119
fa62f99c 1120 bytesleft = le16_to_cpu(scanresp->bssdescriptsize);
9012b28a 1121 lbs_deb_scan("SCAN_RESP: bssdescriptsize %d\n", bytesleft);
876c9d3a 1122
e7240aca 1123 scanrespsize = le16_to_cpu(resp->size);
fa62f99c 1124 lbs_deb_scan("SCAN_RESP: scan results %d\n", scanresp->nr_sets);
876c9d3a 1125
fa62f99c 1126 bssinfo = scanresp->bssdesc_and_tlvbuffer;
876c9d3a
MT		 1127
1128 /* The size of the TLV buffer is equal to the entire command response
1129 * size (scanrespsize) minus the fixed fields (sizeof()'s), the
1130 * BSS Descriptions (bssdescriptsize as bytesLef) and the command
1131 * response header (S_DS_GEN)
1132 */
fa62f99c
DW		 1133 tlvbufsize = scanrespsize - (bytesleft + sizeof(scanresp->bssdescriptsize)
1134 + sizeof(scanresp->nr_sets)
876c9d3a
MT		 1135 + S_DS_GEN);
1136
876c9d3a 1137 /*
fa62f99c 1138 * Process each scan response returned (scanresp->nr_sets). Save
876c9d3a
MT		 1139 * the information in the newbssentry and then insert into the
1140 * driver scan table either as an update to an existing entry
1141 * or as an addition at the end of the table
1142 */
fa62f99c 1143 for (idx = 0; idx < scanresp->nr_sets && bytesleft; idx++) {
fcdb53db 1144 struct bss_descriptor new;
fa62f99c
DW		 1145 struct bss_descriptor *found = NULL;
1146 struct bss_descriptor *oldest = NULL;
0795af57 1147 DECLARE_MAC_BUF(mac);
876c9d3a
MT		 1148
1149 /* Process the data fields and IEs returned for this BSS */
fcdb53db 1150 memset(&new, 0, sizeof (struct bss_descriptor));
fa62f99c 1151 if (lbs_process_bss(&new, &bssinfo, &bytesleft) != 0) {
fcdb53db
DW		 1152 /* error parsing the scan response, skipped */
1153 lbs_deb_scan("SCAN_RESP: process_bss returned ERROR\n");
1154 continue;
1155 }
876c9d3a 1156
fcdb53db 1157 /* Try to find this bss in the scan table */
aa21c004 1158 list_for_each_entry (iter_bss, &priv->network_list, list) {
fcdb53db
DW		 1159 if (is_same_network(iter_bss, &new)) {
1160 found = iter_bss;
1161 break;
876c9d3a
MT		 1162 }
1163
fcdb53db
DW		 1164 if ((oldest == NULL) ||
1165 (iter_bss->last_scanned < oldest->last_scanned))
1166 oldest = iter_bss;
1167 }
876c9d3a 1168
fcdb53db
DW		 1169 if (found) {
1170 /* found, clear it */
1171 clear_bss_descriptor(found);
aa21c004 1172 } else if (!list_empty(&priv->network_free_list)) {
fcdb53db 1173 /* Pull one from the free list */
aa21c004 1174 found = list_entry(priv->network_free_list.next,
fcdb53db 1175 struct bss_descriptor, list);
aa21c004 1176 list_move_tail(&found->list, &priv->network_list);
fcdb53db
DW		 1177 } else if (oldest) {
1178 /* If there are no more slots, expire the oldest */
1179 found = oldest;
1180 clear_bss_descriptor(found);
aa21c004 1181 list_move_tail(&found->list, &priv->network_list);
876c9d3a 1182 } else {
fcdb53db
DW		 1183 continue;
1184 }
876c9d3a 1185
fa62f99c 1186 lbs_deb_scan("SCAN_RESP: BSSID %s\n", print_mac(mac, new.bssid));
fcdb53db 1187
fcdb53db
DW		 1188 /* Copy the locally created newbssentry to the scan table */
1189 memcpy(found, &new, offsetof(struct bss_descriptor, list));
1190 }
876c9d3a 1191
9012b28a 1192 ret = 0;
876c9d3a 1193
9012b28a
HS		 1194done:
1195 lbs_deb_leave_args(LBS_DEB_SCAN, "ret %d", ret);
1196 return ret;
876c9d3a 1197}
kernel source for telekom puls (alcatel/mediatek)