Commit | Line | Data |
---|---|---|
876c9d3a MT |
1 | /** |
2 | * Functions implementing wlan scan IOCTL and firmware command APIs | |
3 | * | |
4 | * IOCTL handlers as well as command preperation and response routines | |
5 | * for sending scan commands to the firmware. | |
6 | */ | |
7 | #include <linux/ctype.h> | |
8 | #include <linux/if.h> | |
9 | #include <linux/netdevice.h> | |
10 | #include <linux/wireless.h> | |
fcdb53db | 11 | #include <linux/etherdevice.h> |
876c9d3a MT |
12 | |
13 | #include <net/ieee80211.h> | |
14 | #include <net/iw_handler.h> | |
15 | ||
ac630c2b VD |
16 | #include <asm/unaligned.h> |
17 | ||
876c9d3a MT |
18 | #include "host.h" |
19 | #include "decl.h" | |
20 | #include "dev.h" | |
21 | #include "scan.h" | |
8c512765 | 22 | #include "join.h" |
876c9d3a MT |
23 | |
24 | //! Approximate amount of data needed to pass a scan result back to iwlist | |
25 | #define MAX_SCAN_CELL_SIZE (IW_EV_ADDR_LEN \ | |
26 | + IW_ESSID_MAX_SIZE \ | |
27 | + IW_EV_UINT_LEN \ | |
28 | + IW_EV_FREQ_LEN \ | |
29 | + IW_EV_QUAL_LEN \ | |
30 | + IW_ESSID_MAX_SIZE \ | |
31 | + IW_EV_PARAM_LEN \ | |
32 | + 40) /* 40 for WPAIE */ | |
33 | ||
34 | //! Memory needed to store a max sized channel List TLV for a firmware scan | |
35 | #define CHAN_TLV_MAX_SIZE (sizeof(struct mrvlietypesheader) \ | |
36 | + (MRVDRV_MAX_CHANNELS_PER_SCAN \ | |
37 | * sizeof(struct chanscanparamset))) | |
38 | ||
39 | //! Memory needed to store a max number/size SSID TLV for a firmware scan | |
40 | #define SSID_TLV_MAX_SIZE (1 * sizeof(struct mrvlietypes_ssidparamset)) | |
41 | ||
10078321 HS |
42 | //! Maximum memory needed for a lbs_scan_cmd_config with all TLVs at max |
43 | #define MAX_SCAN_CFG_ALLOC (sizeof(struct lbs_scan_cmd_config) \ | |
876c9d3a MT |
44 | + CHAN_TLV_MAX_SIZE \ |
45 | + SSID_TLV_MAX_SIZE) | |
46 | ||
47 | //! The maximum number of channels the firmware can scan per command | |
48 | #define MRVDRV_MAX_CHANNELS_PER_SCAN 14 | |
49 | ||
50 | /** | |
51 | * @brief Number of channels to scan per firmware scan command issuance. | |
52 | * | |
53 | * Number restricted to prevent hitting the limit on the amount of scan data | |
54 | * returned in a single firmware scan command. | |
55 | */ | |
56 | #define MRVDRV_CHANNELS_PER_SCAN_CMD 4 | |
57 | ||
58 | //! Scan time specified in the channel TLV for each channel for passive scans | |
59 | #define MRVDRV_PASSIVE_SCAN_CHAN_TIME 100 | |
60 | ||
61 | //! Scan time specified in the channel TLV for each channel for active scans | |
62 | #define MRVDRV_ACTIVE_SCAN_CHAN_TIME 100 | |
63 | ||
123e0e04 DW |
64 | static const u8 zeromac[ETH_ALEN] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; |
65 | static const u8 bcastmac[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; | |
eb8f7330 | 66 | |
e56188ac HS |
67 | |
68 | ||
69 | ||
70 | /*********************************************************************/ | |
71 | /* */ | |
72 | /* Misc helper functions */ | |
73 | /* */ | |
74 | /*********************************************************************/ | |
75 | ||
23ff5036 HS |
76 | /** |
77 | * @brief Unsets the MSB on basic rates | |
78 | * | |
79 | * Scan through an array and unset the MSB for basic data rates. | |
80 | * | |
81 | * @param rates buffer of data rates | |
82 | * @param len size of buffer | |
83 | */ | |
84 | static void lbs_unset_basic_rate_flags(u8 *rates, size_t len) | |
85 | { | |
86 | int i; | |
87 | ||
88 | for (i = 0; i < len; i++) | |
89 | rates[i] &= 0x7f; | |
90 | } | |
91 | ||
92 | ||
fcdb53db DW |
93 | static inline void clear_bss_descriptor (struct bss_descriptor * bss) |
94 | { | |
95 | /* Don't blow away ->list, just BSS data */ | |
96 | memset(bss, 0, offsetof(struct bss_descriptor, list)); | |
97 | } | |
98 | ||
ffd074fc HS |
99 | /** |
100 | * @brief Compare two SSIDs | |
101 | * | |
102 | * @param ssid1 A pointer to ssid to compare | |
103 | * @param ssid2 A pointer to ssid to compare | |
104 | * | |
105 | * @return 0: ssid is same, otherwise is different | |
106 | */ | |
107 | int lbs_ssid_cmp(u8 *ssid1, u8 ssid1_len, u8 *ssid2, u8 ssid2_len) | |
108 | { | |
109 | if (ssid1_len != ssid2_len) | |
110 | return -1; | |
111 | ||
112 | return memcmp(ssid1, ssid2, ssid1_len); | |
113 | } | |
114 | ||
10078321 | 115 | static inline int match_bss_no_security(struct lbs_802_11_security *secinfo, |
fcdb53db DW |
116 | struct bss_descriptor * match_bss) |
117 | { | |
118 | if ( !secinfo->wep_enabled | |
119 | && !secinfo->WPAenabled | |
120 | && !secinfo->WPA2enabled | |
ab617971 DW |
121 | && match_bss->wpa_ie[0] != MFIE_TYPE_GENERIC |
122 | && match_bss->rsn_ie[0] != MFIE_TYPE_RSN | |
0c9ca690 | 123 | && !(match_bss->capability & WLAN_CAPABILITY_PRIVACY)) { |
fcdb53db DW |
124 | return 1; |
125 | } | |
126 | return 0; | |
127 | } | |
128 | ||
10078321 | 129 | static inline int match_bss_static_wep(struct lbs_802_11_security *secinfo, |
fcdb53db DW |
130 | struct bss_descriptor * match_bss) |
131 | { | |
132 | if ( secinfo->wep_enabled | |
133 | && !secinfo->WPAenabled | |
134 | && !secinfo->WPA2enabled | |
0c9ca690 | 135 | && (match_bss->capability & WLAN_CAPABILITY_PRIVACY)) { |
fcdb53db DW |
136 | return 1; |
137 | } | |
138 | return 0; | |
139 | } | |
140 | ||
10078321 | 141 | static inline int match_bss_wpa(struct lbs_802_11_security *secinfo, |
fcdb53db DW |
142 | struct bss_descriptor * match_bss) |
143 | { | |
144 | if ( !secinfo->wep_enabled | |
145 | && secinfo->WPAenabled | |
ab617971 | 146 | && (match_bss->wpa_ie[0] == MFIE_TYPE_GENERIC) |
fcdb53db | 147 | /* privacy bit may NOT be set in some APs like LinkSys WRT54G |
0c9ca690 DW |
148 | && (match_bss->capability & WLAN_CAPABILITY_PRIVACY)) { |
149 | */ | |
fcdb53db DW |
150 | ) { |
151 | return 1; | |
152 | } | |
153 | return 0; | |
154 | } | |
155 | ||
10078321 | 156 | static inline int match_bss_wpa2(struct lbs_802_11_security *secinfo, |
fcdb53db DW |
157 | struct bss_descriptor * match_bss) |
158 | { | |
159 | if ( !secinfo->wep_enabled | |
fcdb53db | 160 | && secinfo->WPA2enabled |
ab617971 | 161 | && (match_bss->rsn_ie[0] == MFIE_TYPE_RSN) |
fcdb53db | 162 | /* privacy bit may NOT be set in some APs like LinkSys WRT54G |
0c9ca690 DW |
163 | && (match_bss->capability & WLAN_CAPABILITY_PRIVACY)) { |
164 | */ | |
fcdb53db DW |
165 | ) { |
166 | return 1; | |
167 | } | |
168 | return 0; | |
169 | } | |
170 | ||
10078321 | 171 | static inline int match_bss_dynamic_wep(struct lbs_802_11_security *secinfo, |
fcdb53db DW |
172 | struct bss_descriptor * match_bss) |
173 | { | |
174 | if ( !secinfo->wep_enabled | |
175 | && !secinfo->WPAenabled | |
176 | && !secinfo->WPA2enabled | |
ab617971 DW |
177 | && (match_bss->wpa_ie[0] != MFIE_TYPE_GENERIC) |
178 | && (match_bss->rsn_ie[0] != MFIE_TYPE_RSN) | |
0c9ca690 | 179 | && (match_bss->capability & WLAN_CAPABILITY_PRIVACY)) { |
fcdb53db DW |
180 | return 1; |
181 | } | |
182 | return 0; | |
183 | } | |
876c9d3a | 184 | |
ffd074fc HS |
185 | static inline int is_same_network(struct bss_descriptor *src, |
186 | struct bss_descriptor *dst) | |
187 | { | |
188 | /* A network is only a duplicate if the channel, BSSID, and ESSID | |
189 | * all match. We treat all <hidden> with the same BSSID and channel | |
190 | * as one network */ | |
191 | return ((src->ssid_len == dst->ssid_len) && | |
192 | (src->channel == dst->channel) && | |
193 | !compare_ether_addr(src->bssid, dst->bssid) && | |
194 | !memcmp(src->ssid, dst->ssid, src->ssid_len)); | |
195 | } | |
196 | ||
876c9d3a MT |
197 | /** |
198 | * @brief Check if a scanned network compatible with the driver settings | |
199 | * | |
200 | * WEP WPA WPA2 ad-hoc encrypt Network | |
201 | * enabled enabled enabled AES mode privacy WPA WPA2 Compatible | |
202 | * 0 0 0 0 NONE 0 0 0 yes No security | |
203 | * 1 0 0 0 NONE 1 0 0 yes Static WEP | |
204 | * 0 1 0 0 x 1x 1 x yes WPA | |
205 | * 0 0 1 0 x 1x x 1 yes WPA2 | |
206 | * 0 0 0 1 NONE 1 0 0 yes Ad-hoc AES | |
207 | * 0 0 0 0 !=NONE 1 0 0 yes Dynamic WEP | |
208 | * | |
209 | * | |
aa21c004 | 210 | * @param priv A pointer to struct lbs_private |
876c9d3a MT |
211 | * @param index Index in scantable to check against current driver settings |
212 | * @param mode Network mode: Infrastructure or IBSS | |
213 | * | |
214 | * @return Index in scantable, or error code if negative | |
215 | */ | |
aa21c004 | 216 | static int is_network_compatible(struct lbs_private *priv, |
fcdb53db | 217 | struct bss_descriptor * bss, u8 mode) |
876c9d3a | 218 | { |
fcdb53db DW |
219 | int matched = 0; |
220 | ||
e56188ac | 221 | lbs_deb_enter(LBS_DEB_SCAN); |
876c9d3a | 222 | |
fcdb53db DW |
223 | if (bss->mode != mode) |
224 | goto done; | |
876c9d3a | 225 | |
aa21c004 | 226 | if ((matched = match_bss_no_security(&priv->secinfo, bss))) { |
fcdb53db | 227 | goto done; |
aa21c004 | 228 | } else if ((matched = match_bss_static_wep(&priv->secinfo, bss))) { |
fcdb53db | 229 | goto done; |
aa21c004 | 230 | } else if ((matched = match_bss_wpa(&priv->secinfo, bss))) { |
fcdb53db | 231 | lbs_deb_scan( |
ffd074fc HS |
232 | "is_network_compatible() WPA: wpa_ie 0x%x " |
233 | "wpa2_ie 0x%x WEP %s WPA %s WPA2 %s " | |
234 | "privacy 0x%x\n", bss->wpa_ie[0], bss->rsn_ie[0], | |
aa21c004 DW |
235 | priv->secinfo.wep_enabled ? "e" : "d", |
236 | priv->secinfo.WPAenabled ? "e" : "d", | |
237 | priv->secinfo.WPA2enabled ? "e" : "d", | |
0c9ca690 | 238 | (bss->capability & WLAN_CAPABILITY_PRIVACY)); |
fcdb53db | 239 | goto done; |
aa21c004 | 240 | } else if ((matched = match_bss_wpa2(&priv->secinfo, bss))) { |
fcdb53db | 241 | lbs_deb_scan( |
ffd074fc HS |
242 | "is_network_compatible() WPA2: wpa_ie 0x%x " |
243 | "wpa2_ie 0x%x WEP %s WPA %s WPA2 %s " | |
244 | "privacy 0x%x\n", bss->wpa_ie[0], bss->rsn_ie[0], | |
aa21c004 DW |
245 | priv->secinfo.wep_enabled ? "e" : "d", |
246 | priv->secinfo.WPAenabled ? "e" : "d", | |
247 | priv->secinfo.WPA2enabled ? "e" : "d", | |
0c9ca690 | 248 | (bss->capability & WLAN_CAPABILITY_PRIVACY)); |
fcdb53db | 249 | goto done; |
aa21c004 | 250 | } else if ((matched = match_bss_dynamic_wep(&priv->secinfo, bss))) { |
fcdb53db DW |
251 | lbs_deb_scan( |
252 | "is_network_compatible() dynamic WEP: " | |
ffd074fc | 253 | "wpa_ie 0x%x wpa2_ie 0x%x privacy 0x%x\n", |
0c9ca690 DW |
254 | bss->wpa_ie[0], bss->rsn_ie[0], |
255 | (bss->capability & WLAN_CAPABILITY_PRIVACY)); | |
9012b28a | 256 | goto done; |
876c9d3a MT |
257 | } |
258 | ||
fcdb53db DW |
259 | /* bss security settings don't match those configured on card */ |
260 | lbs_deb_scan( | |
ffd074fc HS |
261 | "is_network_compatible() FAILED: wpa_ie 0x%x " |
262 | "wpa2_ie 0x%x WEP %s WPA %s WPA2 %s privacy 0x%x\n", | |
fcdb53db | 263 | bss->wpa_ie[0], bss->rsn_ie[0], |
aa21c004 DW |
264 | priv->secinfo.wep_enabled ? "e" : "d", |
265 | priv->secinfo.WPAenabled ? "e" : "d", | |
266 | priv->secinfo.WPA2enabled ? "e" : "d", | |
0c9ca690 | 267 | (bss->capability & WLAN_CAPABILITY_PRIVACY)); |
9012b28a HS |
268 | |
269 | done: | |
e56188ac | 270 | lbs_deb_leave_args(LBS_DEB_SCAN, "matched: %d", matched); |
fcdb53db | 271 | return matched; |
876c9d3a MT |
272 | } |
273 | ||
e56188ac HS |
274 | |
275 | ||
276 | ||
277 | /*********************************************************************/ | |
278 | /* */ | |
279 | /* Main scanning support */ | |
280 | /* */ | |
281 | /*********************************************************************/ | |
282 | ||
ffd074fc HS |
283 | void lbs_scan_worker(struct work_struct *work) |
284 | { | |
285 | struct lbs_private *priv = | |
286 | container_of(work, struct lbs_private, scan_work.work); | |
287 | ||
288 | lbs_deb_enter(LBS_DEB_SCAN); | |
289 | lbs_scan_networks(priv, NULL, 0); | |
290 | lbs_deb_leave(LBS_DEB_SCAN); | |
291 | } | |
292 | ||
e56188ac | 293 | |
876c9d3a MT |
294 | /** |
295 | * @brief Create a channel list for the driver to scan based on region info | |
296 | * | |
10078321 | 297 | * Only used from lbs_scan_setup_scan_config() |
e56188ac | 298 | * |
876c9d3a MT |
299 | * Use the driver region/band information to construct a comprehensive list |
300 | * of channels to scan. This routine is used for any scan that is not | |
301 | * provided a specific channel list to scan. | |
302 | * | |
69f9032d | 303 | * @param priv A pointer to struct lbs_private structure |
876c9d3a MT |
304 | * @param scanchanlist Output parameter: resulting channel list to scan |
305 | * @param filteredscan Flag indicating whether or not a BSSID or SSID filter | |
306 | * is being sent in the command to firmware. Used to | |
307 | * increase the number of channels sent in a scan | |
308 | * command and to disable the firmware channel scan | |
309 | * filter. | |
310 | * | |
311 | * @return void | |
312 | */ | |
ffd074fc | 313 | static int lbs_scan_create_channel_list(struct lbs_private *priv, |
876c9d3a MT |
314 | struct chanscanparamset * scanchanlist, |
315 | u8 filteredscan) | |
316 | { | |
317 | ||
876c9d3a MT |
318 | struct region_channel *scanregion; |
319 | struct chan_freq_power *cfp; | |
320 | int rgnidx; | |
321 | int chanidx; | |
322 | int nextchan; | |
323 | u8 scantype; | |
324 | ||
325 | chanidx = 0; | |
326 | ||
327 | /* Set the default scan type to the user specified type, will later | |
328 | * be changed to passive on a per channel basis if restricted by | |
329 | * regulatory requirements (11d or 11h) | |
330 | */ | |
4f2fdaaf | 331 | scantype = CMD_SCAN_TYPE_ACTIVE; |
876c9d3a | 332 | |
aa21c004 DW |
333 | for (rgnidx = 0; rgnidx < ARRAY_SIZE(priv->region_channel); rgnidx++) { |
334 | if (priv->enable11d && | |
335 | (priv->connect_status != LBS_CONNECTED) && | |
336 | (priv->mesh_connect_status != LBS_CONNECTED)) { | |
876c9d3a | 337 | /* Scan all the supported chan for the first scan */ |
aa21c004 | 338 | if (!priv->universal_channel[rgnidx].valid) |
876c9d3a | 339 | continue; |
aa21c004 | 340 | scanregion = &priv->universal_channel[rgnidx]; |
876c9d3a MT |
341 | |
342 | /* clear the parsed_region_chan for the first scan */ | |
aa21c004 DW |
343 | memset(&priv->parsed_region_chan, 0x00, |
344 | sizeof(priv->parsed_region_chan)); | |
876c9d3a | 345 | } else { |
aa21c004 | 346 | if (!priv->region_channel[rgnidx].valid) |
876c9d3a | 347 | continue; |
aa21c004 | 348 | scanregion = &priv->region_channel[rgnidx]; |
876c9d3a MT |
349 | } |
350 | ||
351 | for (nextchan = 0; | |
352 | nextchan < scanregion->nrcfp; nextchan++, chanidx++) { | |
353 | ||
354 | cfp = scanregion->CFP + nextchan; | |
355 | ||
aa21c004 | 356 | if (priv->enable11d) { |
876c9d3a | 357 | scantype = |
10078321 | 358 | lbs_get_scan_type_11d(cfp->channel, |
aa21c004 | 359 | &priv-> |
876c9d3a MT |
360 | parsed_region_chan); |
361 | } | |
362 | ||
363 | switch (scanregion->band) { | |
364 | case BAND_B: | |
365 | case BAND_G: | |
366 | default: | |
367 | scanchanlist[chanidx].radiotype = | |
0aef64d7 | 368 | CMD_SCAN_RADIO_TYPE_BG; |
876c9d3a MT |
369 | break; |
370 | } | |
371 | ||
0aef64d7 | 372 | if (scantype == CMD_SCAN_TYPE_PASSIVE) { |
876c9d3a | 373 | scanchanlist[chanidx].maxscantime = |
981f187b | 374 | cpu_to_le16(MRVDRV_PASSIVE_SCAN_CHAN_TIME); |
876c9d3a MT |
375 | scanchanlist[chanidx].chanscanmode.passivescan = |
376 | 1; | |
377 | } else { | |
378 | scanchanlist[chanidx].maxscantime = | |
981f187b | 379 | cpu_to_le16(MRVDRV_ACTIVE_SCAN_CHAN_TIME); |
876c9d3a MT |
380 | scanchanlist[chanidx].chanscanmode.passivescan = |
381 | 0; | |
382 | } | |
383 | ||
384 | scanchanlist[chanidx].channumber = cfp->channel; | |
385 | ||
386 | if (filteredscan) { | |
387 | scanchanlist[chanidx].chanscanmode. | |
388 | disablechanfilt = 1; | |
389 | } | |
390 | } | |
391 | } | |
ffd074fc | 392 | return chanidx; |
876c9d3a MT |
393 | } |
394 | ||
2afc0c5d | 395 | |
ffd074fc HS |
396 | /* |
397 | * Add SSID TLV of the form: | |
398 | * | |
399 | * TLV-ID SSID 00 00 | |
400 | * length 06 00 | |
401 | * ssid 4d 4e 54 45 53 54 | |
402 | */ | |
403 | static int lbs_scan_add_ssid_tlv(u8 *tlv, | |
404 | const struct lbs_ioctl_user_scan_cfg *user_cfg) | |
2afc0c5d | 405 | { |
ffd074fc HS |
406 | struct mrvlietypes_ssidparamset *ssid_tlv = |
407 | (struct mrvlietypes_ssidparamset *)tlv; | |
408 | ssid_tlv->header.type = cpu_to_le16(TLV_TYPE_SSID); | |
409 | ssid_tlv->header.len = cpu_to_le16(user_cfg->ssid_len); | |
410 | memcpy(ssid_tlv->ssid, user_cfg->ssid, user_cfg->ssid_len); | |
411 | return sizeof(ssid_tlv->header) + user_cfg->ssid_len; | |
2afc0c5d DW |
412 | } |
413 | ||
414 | ||
ffd074fc HS |
415 | /* |
416 | * Add CHANLIST TLV of the form | |
876c9d3a | 417 | * |
ffd074fc HS |
418 | * TLV-ID CHANLIST 01 01 |
419 | * length 5b 00 | |
420 | * channel 1 00 01 00 00 00 64 00 | |
421 | * radio type 00 | |
422 | * channel 01 | |
423 | * scan type 00 | |
424 | * min scan time 00 00 | |
425 | * max scan time 64 00 | |
426 | * channel 2 00 02 00 00 00 64 00 | |
427 | * channel 3 00 03 00 00 00 64 00 | |
428 | * channel 4 00 04 00 00 00 64 00 | |
429 | * channel 5 00 05 00 00 00 64 00 | |
430 | * channel 6 00 06 00 00 00 64 00 | |
431 | * channel 7 00 07 00 00 00 64 00 | |
432 | * channel 8 00 08 00 00 00 64 00 | |
433 | * channel 9 00 09 00 00 00 64 00 | |
434 | * channel 10 00 0a 00 00 00 64 00 | |
435 | * channel 11 00 0b 00 00 00 64 00 | |
436 | * channel 12 00 0c 00 00 00 64 00 | |
437 | * channel 13 00 0d 00 00 00 64 00 | |
876c9d3a | 438 | * |
876c9d3a | 439 | */ |
ffd074fc HS |
440 | static int lbs_scan_add_chanlist_tlv(u8 *tlv, |
441 | struct chanscanparamset *chan_list, | |
442 | int chan_count) | |
876c9d3a | 443 | { |
ffd074fc HS |
444 | size_t size = sizeof(struct chanscanparamset) * chan_count; |
445 | struct mrvlietypes_chanlistparamset *chan_tlv = | |
446 | (struct mrvlietypes_chanlistparamset *) tlv; | |
447 | ||
448 | chan_tlv->header.type = cpu_to_le16(TLV_TYPE_CHANLIST); | |
449 | memcpy(chan_tlv->chanscanparam, chan_list, size); | |
450 | chan_tlv->header.len = cpu_to_le16(size); | |
451 | return sizeof(chan_tlv->header) + size; | |
876c9d3a MT |
452 | } |
453 | ||
ffd074fc HS |
454 | |
455 | /* | |
456 | * Add RATES TLV of the form | |
876c9d3a | 457 | * |
ffd074fc HS |
458 | * TLV-ID RATES 01 00 |
459 | * length 0e 00 | |
460 | * rates 82 84 8b 96 0c 12 18 24 30 48 60 6c | |
876c9d3a | 461 | * |
ffd074fc HS |
462 | * The rates are in lbs_bg_rates[], but for the 802.11b |
463 | * rates the high bit isn't set. | |
876c9d3a | 464 | */ |
ffd074fc | 465 | static int lbs_scan_add_rates_tlv(u8 *tlv) |
876c9d3a | 466 | { |
ffd074fc HS |
467 | int i; |
468 | struct mrvlietypes_ratesparamset *rate_tlv = | |
469 | (struct mrvlietypes_ratesparamset *) tlv; | |
470 | ||
471 | rate_tlv->header.type = cpu_to_le16(TLV_TYPE_RATES); | |
472 | tlv += sizeof(rate_tlv->header); | |
473 | for (i = 0; i < MAX_RATES; i++) { | |
474 | *tlv = lbs_bg_rates[i]; | |
475 | if (*tlv == 0) | |
476 | break; | |
477 | /* This code makes sure that the 802.11b rates (1 MBit/s, 2 | |
478 | MBit/s, 5.5 MBit/s and 11 MBit/s get's the high bit set. | |
479 | Note that the values are MBit/s * 2, to mark them as | |
480 | basic rates so that the firmware likes it better */ | |
481 | if (*tlv == 0x02 || *tlv == 0x04 || | |
482 | *tlv == 0x0b || *tlv == 0x16) | |
483 | *tlv |= 0x80; | |
484 | tlv++; | |
2afc0c5d | 485 | } |
ffd074fc HS |
486 | rate_tlv->header.len = cpu_to_le16(i); |
487 | return sizeof(rate_tlv->header) + i; | |
876c9d3a MT |
488 | } |
489 | ||
ffd074fc | 490 | |
e56188ac | 491 | /* |
ffd074fc HS |
492 | * Generate the CMD_802_11_SCAN command with the proper tlv |
493 | * for a bunch of channels. | |
494 | */ | |
495 | static int lbs_do_scan(struct lbs_private *priv, | |
496 | u8 bsstype, | |
497 | struct chanscanparamset *chan_list, | |
498 | int chan_count, | |
499 | const struct lbs_ioctl_user_scan_cfg *user_cfg) | |
eb8f7330 | 500 | { |
ffd074fc HS |
501 | int ret = -ENOMEM; |
502 | struct lbs_scan_cmd_config *scan_cmd; | |
503 | u8 *tlv; /* pointer into our current, growing TLV storage area */ | |
eb8f7330 | 504 | |
ffd074fc HS |
505 | lbs_deb_enter_args(LBS_DEB_SCAN, "bsstype %d, chanlist[].chan %d, " |
506 | "chan_count %d", | |
507 | bsstype, chan_list[0].channumber, chan_count); | |
e56188ac | 508 | |
ffd074fc HS |
509 | /* create the fixed part for scan command */ |
510 | scan_cmd = kzalloc(MAX_SCAN_CFG_ALLOC, GFP_KERNEL); | |
511 | if (scan_cmd == NULL) | |
e56188ac | 512 | goto out; |
ffd074fc HS |
513 | tlv = scan_cmd->tlvbuffer; |
514 | if (user_cfg) | |
515 | memcpy(scan_cmd->bssid, user_cfg->bssid, ETH_ALEN); | |
516 | scan_cmd->bsstype = bsstype; | |
517 | ||
518 | /* add TLVs */ | |
519 | if (user_cfg && user_cfg->ssid_len) | |
520 | tlv += lbs_scan_add_ssid_tlv(tlv, user_cfg); | |
521 | if (chan_list && chan_count) | |
522 | tlv += lbs_scan_add_chanlist_tlv(tlv, chan_list, chan_count); | |
523 | tlv += lbs_scan_add_rates_tlv(tlv); | |
524 | ||
525 | /* This is the final data we are about to send */ | |
526 | scan_cmd->tlvbufferlen = tlv - scan_cmd->tlvbuffer; | |
527 | lbs_deb_hex(LBS_DEB_SCAN, "SCAN_CMD", (void *)scan_cmd, 1+6); | |
528 | lbs_deb_hex(LBS_DEB_SCAN, "SCAN_TLV", scan_cmd->tlvbuffer, | |
529 | scan_cmd->tlvbufferlen); | |
530 | ||
531 | ret = lbs_prepare_and_send_command(priv, CMD_802_11_SCAN, 0, | |
532 | CMD_OPTION_WAITFORRSP, 0, scan_cmd); | |
e56188ac | 533 | out: |
ffd074fc HS |
534 | kfree(scan_cmd); |
535 | lbs_deb_leave_args(LBS_DEB_SCAN, "ret %d", ret); | |
536 | return ret; | |
eb8f7330 DW |
537 | } |
538 | ||
539 | ||
876c9d3a MT |
540 | /** |
541 | * @brief Internal function used to start a scan based on an input config | |
542 | * | |
e56188ac HS |
543 | * Also used from debugfs |
544 | * | |
876c9d3a MT |
545 | * Use the input user scan configuration information when provided in |
546 | * order to send the appropriate scan commands to firmware to populate or | |
547 | * update the internal driver scan table | |
548 | * | |
69f9032d | 549 | * @param priv A pointer to struct lbs_private structure |
876c9d3a MT |
550 | * @param puserscanin Pointer to the input configuration for the requested |
551 | * scan. | |
552 | * | |
553 | * @return 0 or < 0 if error | |
554 | */ | |
69f9032d | 555 | int lbs_scan_networks(struct lbs_private *priv, |
ffd074fc | 556 | const struct lbs_ioctl_user_scan_cfg *user_cfg, |
2afc0c5d | 557 | int full_scan) |
876c9d3a | 558 | { |
ffd074fc HS |
559 | int ret = -ENOMEM; |
560 | struct chanscanparamset *chan_list; | |
561 | struct chanscanparamset *curr_chans; | |
562 | int chan_count; | |
563 | u8 bsstype = CMD_BSS_TYPE_ANY; | |
564 | int numchannels = MRVDRV_CHANNELS_PER_SCAN_CMD; | |
565 | int filteredscan = 0; | |
566 | union iwreq_data wrqu; | |
f8f55108 | 567 | #ifdef CONFIG_LIBERTAS_DEBUG |
ffd074fc | 568 | struct bss_descriptor *iter; |
f8f55108 | 569 | int i = 0; |
0795af57 | 570 | DECLARE_MAC_BUF(mac); |
f8f55108 | 571 | #endif |
876c9d3a | 572 | |
ffd074fc HS |
573 | lbs_deb_enter_args(LBS_DEB_SCAN, "full_scan %d", |
574 | full_scan); | |
2afc0c5d DW |
575 | |
576 | /* Cancel any partial outstanding partial scans if this scan | |
577 | * is a full scan. | |
578 | */ | |
579 | if (full_scan && delayed_work_pending(&priv->scan_work)) | |
580 | cancel_delayed_work(&priv->scan_work); | |
876c9d3a | 581 | |
ffd074fc HS |
582 | /* Determine same scan parameters */ |
583 | if (user_cfg) { | |
584 | if (user_cfg->bsstype) | |
585 | bsstype = user_cfg->bsstype; | |
586 | if (compare_ether_addr(user_cfg->bssid, &zeromac[0]) != 0) { | |
587 | numchannels = MRVDRV_MAX_CHANNELS_PER_SCAN; | |
588 | filteredscan = 1; | |
589 | } | |
876c9d3a | 590 | } |
ffd074fc HS |
591 | lbs_deb_scan("numchannels %d, bsstype %d, " |
592 | "filteredscan %d\n", | |
593 | numchannels, bsstype, filteredscan); | |
876c9d3a | 594 | |
ffd074fc HS |
595 | /* Create list of channels to scan */ |
596 | chan_list = kzalloc(sizeof(struct chanscanparamset) * | |
597 | LBS_IOCTL_USER_SCAN_CHAN_MAX, GFP_KERNEL); | |
598 | if (!chan_list) { | |
599 | lbs_pr_alert("SCAN: chan_list empty\n"); | |
876c9d3a MT |
600 | goto out; |
601 | } | |
602 | ||
ffd074fc HS |
603 | /* We want to scan all channels */ |
604 | chan_count = lbs_scan_create_channel_list(priv, chan_list, | |
605 | filteredscan); | |
876c9d3a | 606 | |
ffd074fc HS |
607 | netif_stop_queue(priv->dev); |
608 | netif_carrier_off(priv->dev); | |
609 | if (priv->mesh_dev) { | |
a27b9f96 DW |
610 | netif_stop_queue(priv->mesh_dev); |
611 | netif_carrier_off(priv->mesh_dev); | |
876c9d3a MT |
612 | } |
613 | ||
ffd074fc | 614 | /* Prepare to continue an interrupted scan */ |
8816edce HS |
615 | lbs_deb_scan("chan_count %d, scan_channel %d\n", |
616 | chan_count, priv->scan_channel); | |
ffd074fc HS |
617 | curr_chans = chan_list; |
618 | /* advance channel list by already-scanned-channels */ | |
8816edce HS |
619 | if (priv->scan_channel > 0) { |
620 | curr_chans += priv->scan_channel; | |
621 | chan_count -= priv->scan_channel; | |
ffd074fc HS |
622 | } |
623 | ||
624 | /* Send scan command(s) | |
625 | * numchannels contains the number of channels we should maximally scan | |
626 | * chan_count is the total number of channels to scan | |
627 | */ | |
628 | ||
629 | while (chan_count) { | |
630 | int to_scan = min(numchannels, chan_count); | |
631 | lbs_deb_scan("scanning %d of %d channels\n", | |
632 | to_scan, chan_count); | |
633 | ret = lbs_do_scan(priv, bsstype, curr_chans, | |
634 | to_scan, user_cfg); | |
635 | if (ret) { | |
636 | lbs_pr_err("SCAN_CMD failed\n"); | |
637 | goto out2; | |
638 | } | |
639 | curr_chans += to_scan; | |
640 | chan_count -= to_scan; | |
641 | ||
642 | /* somehow schedule the next part of the scan */ | |
643 | if (chan_count && | |
644 | !full_scan && | |
aa21c004 | 645 | !priv->surpriseremoved) { |
ffd074fc | 646 | /* -1 marks just that we're currently scanning */ |
8816edce HS |
647 | if (priv->scan_channel < 0) |
648 | priv->scan_channel = to_scan; | |
ffd074fc | 649 | else |
8816edce | 650 | priv->scan_channel += to_scan; |
ffd074fc HS |
651 | cancel_delayed_work(&priv->scan_work); |
652 | queue_delayed_work(priv->work_thread, &priv->scan_work, | |
653 | msecs_to_jiffies(300)); | |
654 | /* skip over GIWSCAN event */ | |
655 | goto out; | |
656 | } | |
657 | ||
658 | } | |
659 | memset(&wrqu, 0, sizeof(union iwreq_data)); | |
660 | wireless_send_event(priv->dev, SIOCGIWSCAN, &wrqu, NULL); | |
876c9d3a | 661 | |
f8f55108 DW |
662 | #ifdef CONFIG_LIBERTAS_DEBUG |
663 | /* Dump the scan table */ | |
aa21c004 | 664 | mutex_lock(&priv->lock); |
ffd074fc | 665 | lbs_deb_scan("scan table:\n"); |
aa21c004 | 666 | list_for_each_entry(iter, &priv->network_list, list) |
ffd074fc HS |
667 | lbs_deb_scan("%02d: BSSID %s, RSSI %d, SSID '%s'\n", |
668 | i++, print_mac(mac, iter->bssid), (s32) iter->rssi, | |
669 | escape_essid(iter->ssid, iter->ssid_len)); | |
aa21c004 | 670 | mutex_unlock(&priv->lock); |
f8f55108 | 671 | #endif |
876c9d3a | 672 | |
ffd074fc | 673 | out2: |
8816edce | 674 | priv->scan_channel = 0; |
ffd074fc HS |
675 | |
676 | out: | |
aa21c004 | 677 | if (priv->connect_status == LBS_CONNECTED) { |
634b8f49 | 678 | netif_carrier_on(priv->dev); |
a27b9f96 DW |
679 | if (!priv->tx_pending_len) |
680 | netif_wake_queue(priv->dev); | |
01d77d8d | 681 | } |
aa21c004 | 682 | if (priv->mesh_dev && (priv->mesh_connect_status == LBS_CONNECTED)) { |
01d77d8d | 683 | netif_carrier_on(priv->mesh_dev); |
a27b9f96 DW |
684 | if (!priv->tx_pending_len) |
685 | netif_wake_queue(priv->mesh_dev); | |
876c9d3a | 686 | } |
ffd074fc | 687 | kfree(chan_list); |
876c9d3a | 688 | |
9012b28a | 689 | lbs_deb_leave_args(LBS_DEB_SCAN, "ret %d", ret); |
876c9d3a MT |
690 | return ret; |
691 | } | |
692 | ||
ffd074fc HS |
693 | |
694 | ||
695 | ||
696 | /*********************************************************************/ | |
697 | /* */ | |
698 | /* Result interpretation */ | |
699 | /* */ | |
700 | /*********************************************************************/ | |
701 | ||
876c9d3a MT |
702 | /** |
703 | * @brief Interpret a BSS scan response returned from the firmware | |
704 | * | |
705 | * Parse the various fixed fields and IEs passed back for a a BSS probe | |
ffd074fc HS |
706 | * response or beacon from the scan command. Record information as needed |
707 | * in the scan table struct bss_descriptor for that entry. | |
876c9d3a | 708 | * |
fcdb53db | 709 | * @param bss Output parameter: Pointer to the BSS Entry |
876c9d3a MT |
710 | * |
711 | * @return 0 or -1 | |
712 | */ | |
10078321 | 713 | static int lbs_process_bss(struct bss_descriptor *bss, |
fcdb53db | 714 | u8 ** pbeaconinfo, int *bytesleft) |
876c9d3a | 715 | { |
876c9d3a MT |
716 | struct ieeetypes_fhparamset *pFH; |
717 | struct ieeetypes_dsparamset *pDS; | |
718 | struct ieeetypes_cfparamset *pCF; | |
719 | struct ieeetypes_ibssparamset *pibss; | |
0795af57 | 720 | DECLARE_MAC_BUF(mac); |
876c9d3a | 721 | struct ieeetypes_countryinfoset *pcountryinfo; |
8c512765 DW |
722 | u8 *pos, *end, *p; |
723 | u8 n_ex_rates = 0, got_basic_rates = 0, n_basic_rates = 0; | |
724 | u16 beaconsize = 0; | |
725 | int ret; | |
876c9d3a | 726 | |
e56188ac | 727 | lbs_deb_enter(LBS_DEB_SCAN); |
876c9d3a | 728 | |
876c9d3a MT |
729 | if (*bytesleft >= sizeof(beaconsize)) { |
730 | /* Extract & convert beacon size from the command buffer */ | |
e7240aca | 731 | beaconsize = le16_to_cpu(get_unaligned((__le16 *)*pbeaconinfo)); |
876c9d3a MT |
732 | *bytesleft -= sizeof(beaconsize); |
733 | *pbeaconinfo += sizeof(beaconsize); | |
734 | } | |
735 | ||
736 | if (beaconsize == 0 || beaconsize > *bytesleft) { | |
876c9d3a MT |
737 | *pbeaconinfo += *bytesleft; |
738 | *bytesleft = 0; | |
e56188ac HS |
739 | ret = -1; |
740 | goto done; | |
876c9d3a MT |
741 | } |
742 | ||
743 | /* Initialize the current working beacon pointer for this BSS iteration */ | |
ab617971 DW |
744 | pos = *pbeaconinfo; |
745 | end = pos + beaconsize; | |
876c9d3a MT |
746 | |
747 | /* Advance the return beacon pointer past the current beacon */ | |
748 | *pbeaconinfo += beaconsize; | |
749 | *bytesleft -= beaconsize; | |
750 | ||
ab617971 | 751 | memcpy(bss->bssid, pos, ETH_ALEN); |
ffd074fc | 752 | lbs_deb_scan("process_bss: BSSID %s\n", print_mac(mac, bss->bssid)); |
ab617971 | 753 | pos += ETH_ALEN; |
876c9d3a | 754 | |
ab617971 | 755 | if ((end - pos) < 12) { |
fcdb53db | 756 | lbs_deb_scan("process_bss: Not enough bytes left\n"); |
e56188ac HS |
757 | ret = -1; |
758 | goto done; | |
876c9d3a MT |
759 | } |
760 | ||
761 | /* | |
762 | * next 4 fields are RSSI, time stamp, beacon interval, | |
763 | * and capability information | |
764 | */ | |
765 | ||
766 | /* RSSI is 1 byte long */ | |
ab617971 | 767 | bss->rssi = *pos; |
ffd074fc | 768 | lbs_deb_scan("process_bss: RSSI %d\n", *pos); |
ab617971 | 769 | pos++; |
876c9d3a MT |
770 | |
771 | /* time stamp is 8 bytes long */ | |
ab617971 | 772 | pos += 8; |
876c9d3a MT |
773 | |
774 | /* beacon interval is 2 bytes long */ | |
ab617971 DW |
775 | bss->beaconperiod = le16_to_cpup((void *) pos); |
776 | pos += 2; | |
876c9d3a MT |
777 | |
778 | /* capability information is 2 bytes long */ | |
ab617971 | 779 | bss->capability = le16_to_cpup((void *) pos); |
ffd074fc | 780 | lbs_deb_scan("process_bss: capabilities 0x%04x\n", bss->capability); |
ab617971 | 781 | pos += 2; |
876c9d3a | 782 | |
0c9ca690 | 783 | if (bss->capability & WLAN_CAPABILITY_PRIVACY) |
ffd074fc | 784 | lbs_deb_scan("process_bss: WEP enabled\n"); |
0c9ca690 DW |
785 | if (bss->capability & WLAN_CAPABILITY_IBSS) |
786 | bss->mode = IW_MODE_ADHOC; | |
787 | else | |
788 | bss->mode = IW_MODE_INFRA; | |
789 | ||
876c9d3a | 790 | /* rest of the current buffer are IE's */ |
ffd074fc | 791 | lbs_deb_scan("process_bss: IE len %zd\n", end - pos); |
ece56191 | 792 | lbs_deb_hex(LBS_DEB_SCAN, "process_bss: IE info", pos, end - pos); |
876c9d3a | 793 | |
876c9d3a | 794 | /* process variable IE */ |
ab617971 DW |
795 | while (pos <= end - 2) { |
796 | struct ieee80211_info_element * elem = | |
797 | (struct ieee80211_info_element *) pos; | |
876c9d3a | 798 | |
ab617971 | 799 | if (pos + elem->len > end) { |
fcdb53db | 800 | lbs_deb_scan("process_bss: error in processing IE, " |
876c9d3a | 801 | "bytes left < IE length\n"); |
ab617971 | 802 | break; |
876c9d3a MT |
803 | } |
804 | ||
ab617971 DW |
805 | switch (elem->id) { |
806 | case MFIE_TYPE_SSID: | |
807 | bss->ssid_len = elem->len; | |
808 | memcpy(bss->ssid, elem->data, elem->len); | |
ffd074fc | 809 | lbs_deb_scan("got SSID IE: '%s', len %u\n", |
d8efea25 DW |
810 | escape_essid(bss->ssid, bss->ssid_len), |
811 | bss->ssid_len); | |
876c9d3a MT |
812 | break; |
813 | ||
ab617971 | 814 | case MFIE_TYPE_RATES: |
8c512765 DW |
815 | n_basic_rates = min_t(u8, MAX_RATES, elem->len); |
816 | memcpy(bss->rates, elem->data, n_basic_rates); | |
817 | got_basic_rates = 1; | |
ffd074fc | 818 | lbs_deb_scan("got RATES IE\n"); |
876c9d3a MT |
819 | break; |
820 | ||
ab617971 DW |
821 | case MFIE_TYPE_FH_SET: |
822 | pFH = (struct ieeetypes_fhparamset *) pos; | |
fcdb53db | 823 | memmove(&bss->phyparamset.fhparamset, pFH, |
876c9d3a | 824 | sizeof(struct ieeetypes_fhparamset)); |
ffd074fc | 825 | lbs_deb_scan("got FH IE\n"); |
876c9d3a MT |
826 | break; |
827 | ||
ab617971 DW |
828 | case MFIE_TYPE_DS_SET: |
829 | pDS = (struct ieeetypes_dsparamset *) pos; | |
fcdb53db DW |
830 | bss->channel = pDS->currentchan; |
831 | memcpy(&bss->phyparamset.dsparamset, pDS, | |
876c9d3a | 832 | sizeof(struct ieeetypes_dsparamset)); |
ffd074fc | 833 | lbs_deb_scan("got DS IE, channel %d\n", bss->channel); |
876c9d3a MT |
834 | break; |
835 | ||
ab617971 DW |
836 | case MFIE_TYPE_CF_SET: |
837 | pCF = (struct ieeetypes_cfparamset *) pos; | |
fcdb53db | 838 | memcpy(&bss->ssparamset.cfparamset, pCF, |
876c9d3a | 839 | sizeof(struct ieeetypes_cfparamset)); |
ffd074fc | 840 | lbs_deb_scan("got CF IE\n"); |
876c9d3a MT |
841 | break; |
842 | ||
ab617971 DW |
843 | case MFIE_TYPE_IBSS_SET: |
844 | pibss = (struct ieeetypes_ibssparamset *) pos; | |
e7240aca | 845 | bss->atimwindow = le16_to_cpu(pibss->atimwindow); |
fcdb53db | 846 | memmove(&bss->ssparamset.ibssparamset, pibss, |
876c9d3a | 847 | sizeof(struct ieeetypes_ibssparamset)); |
ffd074fc | 848 | lbs_deb_scan("got IBSS IE\n"); |
876c9d3a MT |
849 | break; |
850 | ||
ab617971 DW |
851 | case MFIE_TYPE_COUNTRY: |
852 | pcountryinfo = (struct ieeetypes_countryinfoset *) pos; | |
ffd074fc | 853 | lbs_deb_scan("got COUNTRY IE\n"); |
fcdb53db | 854 | if (pcountryinfo->len < sizeof(pcountryinfo->countrycode) |
876c9d3a | 855 | || pcountryinfo->len > 254) { |
fcdb53db | 856 | lbs_deb_scan("process_bss: 11D- Err " |
ffd074fc | 857 | "CountryInfo len %d, min %zd, max 254\n", |
876c9d3a MT |
858 | pcountryinfo->len, |
859 | sizeof(pcountryinfo->countrycode)); | |
9012b28a HS |
860 | ret = -1; |
861 | goto done; | |
876c9d3a MT |
862 | } |
863 | ||
fcdb53db | 864 | memcpy(&bss->countryinfo, |
876c9d3a | 865 | pcountryinfo, pcountryinfo->len + 2); |
ece56191 | 866 | lbs_deb_hex(LBS_DEB_SCAN, "process_bss: 11d countryinfo", |
876c9d3a MT |
867 | (u8 *) pcountryinfo, |
868 | (u32) (pcountryinfo->len + 2)); | |
869 | break; | |
870 | ||
ab617971 DW |
871 | case MFIE_TYPE_RATES_EX: |
872 | /* only process extended supported rate if data rate is | |
873 | * already found. Data rate IE should come before | |
876c9d3a MT |
874 | * extended supported rate IE |
875 | */ | |
ffd074fc HS |
876 | lbs_deb_scan("got RATESEX IE\n"); |
877 | if (!got_basic_rates) { | |
878 | lbs_deb_scan("... but ignoring it\n"); | |
ab617971 | 879 | break; |
ffd074fc | 880 | } |
876c9d3a | 881 | |
8c512765 DW |
882 | n_ex_rates = elem->len; |
883 | if (n_basic_rates + n_ex_rates > MAX_RATES) | |
884 | n_ex_rates = MAX_RATES - n_basic_rates; | |
876c9d3a | 885 | |
8c512765 DW |
886 | p = bss->rates + n_basic_rates; |
887 | memcpy(p, elem->data, n_ex_rates); | |
876c9d3a | 888 | break; |
ab617971 DW |
889 | |
890 | case MFIE_TYPE_GENERIC: | |
891 | if (elem->len >= 4 && | |
892 | elem->data[0] == 0x00 && | |
893 | elem->data[1] == 0x50 && | |
894 | elem->data[2] == 0xf2 && | |
895 | elem->data[3] == 0x01) { | |
896 | bss->wpa_ie_len = min(elem->len + 2, | |
897 | MAX_WPA_IE_LEN); | |
898 | memcpy(bss->wpa_ie, elem, bss->wpa_ie_len); | |
ffd074fc HS |
899 | lbs_deb_scan("got WPA IE\n"); |
900 | lbs_deb_hex(LBS_DEB_SCAN, "WPA IE", bss->wpa_ie, | |
ab617971 | 901 | elem->len); |
1e838bf3 LCC |
902 | } else if (elem->len >= MARVELL_MESH_IE_LENGTH && |
903 | elem->data[0] == 0x00 && | |
904 | elem->data[1] == 0x50 && | |
905 | elem->data[2] == 0x43 && | |
906 | elem->data[3] == 0x04) { | |
ffd074fc | 907 | lbs_deb_scan("got mesh IE\n"); |
1e838bf3 | 908 | bss->mesh = 1; |
ffd074fc HS |
909 | } else { |
910 | lbs_deb_scan("got generiec IE: " | |
911 | "%02x:%02x:%02x:%02x, len %d\n", | |
912 | elem->data[0], elem->data[1], | |
913 | elem->data[2], elem->data[3], | |
914 | elem->len); | |
ab617971 | 915 | } |
876c9d3a | 916 | break; |
ab617971 DW |
917 | |
918 | case MFIE_TYPE_RSN: | |
ffd074fc | 919 | lbs_deb_scan("got RSN IE\n"); |
ab617971 DW |
920 | bss->rsn_ie_len = min(elem->len + 2, MAX_WPA_IE_LEN); |
921 | memcpy(bss->rsn_ie, elem, bss->rsn_ie_len); | |
ffd074fc HS |
922 | lbs_deb_hex(LBS_DEB_SCAN, "process_bss: RSN_IE", |
923 | bss->rsn_ie, elem->len); | |
876c9d3a MT |
924 | break; |
925 | ||
ab617971 | 926 | default: |
ffd074fc HS |
927 | lbs_deb_scan("got IE 0x%04x, len %d\n", |
928 | elem->id, elem->len); | |
876c9d3a MT |
929 | break; |
930 | } | |
931 | ||
ab617971 DW |
932 | pos += elem->len + 2; |
933 | } | |
fcdb53db DW |
934 | |
935 | /* Timestamp */ | |
936 | bss->last_scanned = jiffies; | |
10078321 | 937 | lbs_unset_basic_rate_flags(bss->rates, sizeof(bss->rates)); |
fcdb53db | 938 | |
9012b28a | 939 | ret = 0; |
876c9d3a | 940 | |
9012b28a HS |
941 | done: |
942 | lbs_deb_leave_args(LBS_DEB_SCAN, "ret %d", ret); | |
943 | return ret; | |
876c9d3a MT |
944 | } |
945 | ||
876c9d3a MT |
946 | /** |
947 | * @brief This function finds a specific compatible BSSID in the scan list | |
948 | * | |
e56188ac HS |
949 | * Used in association code |
950 | * | |
aa21c004 | 951 | * @param priv A pointer to struct lbs_private |
876c9d3a MT |
952 | * @param bssid BSSID to find in the scan list |
953 | * @param mode Network mode: Infrastructure or IBSS | |
954 | * | |
955 | * @return index in BSSID list, or error return code (< 0) | |
956 | */ | |
aa21c004 | 957 | struct bss_descriptor *lbs_find_bssid_in_list(struct lbs_private *priv, |
fcdb53db | 958 | u8 * bssid, u8 mode) |
876c9d3a | 959 | { |
fcdb53db DW |
960 | struct bss_descriptor * iter_bss; |
961 | struct bss_descriptor * found_bss = NULL; | |
876c9d3a | 962 | |
e56188ac HS |
963 | lbs_deb_enter(LBS_DEB_SCAN); |
964 | ||
876c9d3a | 965 | if (!bssid) |
e56188ac | 966 | goto out; |
876c9d3a | 967 | |
ece56191 | 968 | lbs_deb_hex(LBS_DEB_SCAN, "looking for", |
fcdb53db | 969 | bssid, ETH_ALEN); |
876c9d3a | 970 | |
fcdb53db DW |
971 | /* Look through the scan table for a compatible match. The loop will |
972 | * continue past a matched bssid that is not compatible in case there | |
973 | * is an AP with multiple SSIDs assigned to the same BSSID | |
876c9d3a | 974 | */ |
aa21c004 DW |
975 | mutex_lock(&priv->lock); |
976 | list_for_each_entry (iter_bss, &priv->network_list, list) { | |
3cf20931 | 977 | if (compare_ether_addr(iter_bss->bssid, bssid)) |
fcdb53db DW |
978 | continue; /* bssid doesn't match */ |
979 | switch (mode) { | |
980 | case IW_MODE_INFRA: | |
981 | case IW_MODE_ADHOC: | |
aa21c004 | 982 | if (!is_network_compatible(priv, iter_bss, mode)) |
876c9d3a | 983 | break; |
fcdb53db DW |
984 | found_bss = iter_bss; |
985 | break; | |
986 | default: | |
987 | found_bss = iter_bss; | |
988 | break; | |
876c9d3a MT |
989 | } |
990 | } | |
aa21c004 | 991 | mutex_unlock(&priv->lock); |
876c9d3a | 992 | |
e56188ac HS |
993 | out: |
994 | lbs_deb_leave_args(LBS_DEB_SCAN, "found_bss %p", found_bss); | |
fcdb53db | 995 | return found_bss; |
876c9d3a MT |
996 | } |
997 | ||
998 | /** | |
999 | * @brief This function finds ssid in ssid list. | |
1000 | * | |
e56188ac HS |
1001 | * Used in association code |
1002 | * | |
aa21c004 | 1003 | * @param priv A pointer to struct lbs_private |
876c9d3a MT |
1004 | * @param ssid SSID to find in the list |
1005 | * @param bssid BSSID to qualify the SSID selection (if provided) | |
1006 | * @param mode Network mode: Infrastructure or IBSS | |
1007 | * | |
1008 | * @return index in BSSID list | |
1009 | */ | |
aa21c004 | 1010 | struct bss_descriptor *lbs_find_ssid_in_list(struct lbs_private *priv, |
d8efea25 | 1011 | u8 *ssid, u8 ssid_len, u8 * bssid, u8 mode, |
aeea0ab4 | 1012 | int channel) |
876c9d3a | 1013 | { |
876c9d3a | 1014 | u8 bestrssi = 0; |
fcdb53db DW |
1015 | struct bss_descriptor * iter_bss = NULL; |
1016 | struct bss_descriptor * found_bss = NULL; | |
1017 | struct bss_descriptor * tmp_oldest = NULL; | |
876c9d3a | 1018 | |
e56188ac HS |
1019 | lbs_deb_enter(LBS_DEB_SCAN); |
1020 | ||
aa21c004 | 1021 | mutex_lock(&priv->lock); |
fcdb53db | 1022 | |
aa21c004 | 1023 | list_for_each_entry (iter_bss, &priv->network_list, list) { |
fcdb53db DW |
1024 | if ( !tmp_oldest |
1025 | || (iter_bss->last_scanned < tmp_oldest->last_scanned)) | |
1026 | tmp_oldest = iter_bss; | |
1027 | ||
10078321 | 1028 | if (lbs_ssid_cmp(iter_bss->ssid, iter_bss->ssid_len, |
d8efea25 | 1029 | ssid, ssid_len) != 0) |
fcdb53db | 1030 | continue; /* ssid doesn't match */ |
3cf20931 | 1031 | if (bssid && compare_ether_addr(iter_bss->bssid, bssid) != 0) |
fcdb53db | 1032 | continue; /* bssid doesn't match */ |
aeea0ab4 DW |
1033 | if ((channel > 0) && (iter_bss->channel != channel)) |
1034 | continue; /* channel doesn't match */ | |
fcdb53db DW |
1035 | |
1036 | switch (mode) { | |
1037 | case IW_MODE_INFRA: | |
1038 | case IW_MODE_ADHOC: | |
aa21c004 | 1039 | if (!is_network_compatible(priv, iter_bss, mode)) |
876c9d3a | 1040 | break; |
fcdb53db DW |
1041 | |
1042 | if (bssid) { | |
1043 | /* Found requested BSSID */ | |
1044 | found_bss = iter_bss; | |
1045 | goto out; | |
1046 | } | |
1047 | ||
1048 | if (SCAN_RSSI(iter_bss->rssi) > bestrssi) { | |
1049 | bestrssi = SCAN_RSSI(iter_bss->rssi); | |
1050 | found_bss = iter_bss; | |
1051 | } | |
1052 | break; | |
1053 | case IW_MODE_AUTO: | |
1054 | default: | |
1055 | if (SCAN_RSSI(iter_bss->rssi) > bestrssi) { | |
1056 | bestrssi = SCAN_RSSI(iter_bss->rssi); | |
1057 | found_bss = iter_bss; | |
876c9d3a | 1058 | } |
fcdb53db | 1059 | break; |
876c9d3a MT |
1060 | } |
1061 | } | |
1062 | ||
fcdb53db | 1063 | out: |
aa21c004 | 1064 | mutex_unlock(&priv->lock); |
e56188ac | 1065 | lbs_deb_leave_args(LBS_DEB_SCAN, "found_bss %p", found_bss); |
fcdb53db | 1066 | return found_bss; |
876c9d3a MT |
1067 | } |
1068 | ||
1069 | /** | |
1070 | * @brief This function finds the best SSID in the Scan List | |
1071 | * | |
1072 | * Search the scan table for the best SSID that also matches the current | |
1073 | * adapter network preference (infrastructure or adhoc) | |
1074 | * | |
aa21c004 | 1075 | * @param priv A pointer to struct lbs_private |
876c9d3a MT |
1076 | * |
1077 | * @return index in BSSID list | |
1078 | */ | |
69f9032d | 1079 | static struct bss_descriptor *lbs_find_best_ssid_in_list( |
aa21c004 | 1080 | struct lbs_private *priv, |
69f9032d | 1081 | u8 mode) |
876c9d3a | 1082 | { |
876c9d3a | 1083 | u8 bestrssi = 0; |
fcdb53db DW |
1084 | struct bss_descriptor * iter_bss; |
1085 | struct bss_descriptor * best_bss = NULL; | |
876c9d3a | 1086 | |
e56188ac HS |
1087 | lbs_deb_enter(LBS_DEB_SCAN); |
1088 | ||
aa21c004 | 1089 | mutex_lock(&priv->lock); |
876c9d3a | 1090 | |
aa21c004 | 1091 | list_for_each_entry (iter_bss, &priv->network_list, list) { |
876c9d3a | 1092 | switch (mode) { |
0dc5a290 DW |
1093 | case IW_MODE_INFRA: |
1094 | case IW_MODE_ADHOC: | |
aa21c004 | 1095 | if (!is_network_compatible(priv, iter_bss, mode)) |
fcdb53db DW |
1096 | break; |
1097 | if (SCAN_RSSI(iter_bss->rssi) <= bestrssi) | |
1098 | break; | |
1099 | bestrssi = SCAN_RSSI(iter_bss->rssi); | |
1100 | best_bss = iter_bss; | |
876c9d3a | 1101 | break; |
0dc5a290 | 1102 | case IW_MODE_AUTO: |
876c9d3a | 1103 | default: |
fcdb53db DW |
1104 | if (SCAN_RSSI(iter_bss->rssi) <= bestrssi) |
1105 | break; | |
1106 | bestrssi = SCAN_RSSI(iter_bss->rssi); | |
1107 | best_bss = iter_bss; | |
876c9d3a MT |
1108 | break; |
1109 | } | |
1110 | } | |
1111 | ||
aa21c004 | 1112 | mutex_unlock(&priv->lock); |
e56188ac | 1113 | lbs_deb_leave_args(LBS_DEB_SCAN, "best_bss %p", best_bss); |
fcdb53db | 1114 | return best_bss; |
876c9d3a MT |
1115 | } |
1116 | ||
1117 | /** | |
1118 | * @brief Find the AP with specific ssid in the scan list | |
1119 | * | |
e56188ac HS |
1120 | * Used from association worker. |
1121 | * | |
69f9032d | 1122 | * @param priv A pointer to struct lbs_private structure |
876c9d3a MT |
1123 | * @param pSSID A pointer to AP's ssid |
1124 | * | |
1125 | * @return 0--success, otherwise--fail | |
1126 | */ | |
69f9032d | 1127 | int lbs_find_best_network_ssid(struct lbs_private *priv, |
d8efea25 | 1128 | u8 *out_ssid, u8 *out_ssid_len, u8 preferred_mode, u8 *out_mode) |
876c9d3a | 1129 | { |
fcdb53db DW |
1130 | int ret = -1; |
1131 | struct bss_descriptor * found; | |
876c9d3a | 1132 | |
e56188ac | 1133 | lbs_deb_enter(LBS_DEB_SCAN); |
876c9d3a | 1134 | |
10078321 | 1135 | lbs_scan_networks(priv, NULL, 1); |
aa21c004 | 1136 | if (priv->surpriseremoved) |
e56188ac | 1137 | goto out; |
876c9d3a | 1138 | |
aa21c004 | 1139 | found = lbs_find_best_ssid_in_list(priv, preferred_mode); |
d8efea25 DW |
1140 | if (found && (found->ssid_len > 0)) { |
1141 | memcpy(out_ssid, &found->ssid, IW_ESSID_MAX_SIZE); | |
1142 | *out_ssid_len = found->ssid_len; | |
fcdb53db DW |
1143 | *out_mode = found->mode; |
1144 | ret = 0; | |
876c9d3a MT |
1145 | } |
1146 | ||
e56188ac | 1147 | out: |
9012b28a | 1148 | lbs_deb_leave_args(LBS_DEB_SCAN, "ret %d", ret); |
876c9d3a MT |
1149 | return ret; |
1150 | } | |
1151 | ||
e56188ac | 1152 | |
876c9d3a MT |
1153 | /** |
1154 | * @brief Send a scan command for all available channels filtered on a spec | |
1155 | * | |
e56188ac HS |
1156 | * Used in association code and from debugfs |
1157 | * | |
69f9032d | 1158 | * @param priv A pointer to struct lbs_private structure |
e56188ac HS |
1159 | * @param ssid A pointer to the SSID to scan for |
1160 | * @param ssid_len Length of the SSID | |
1161 | * @param clear_ssid Should existing scan results with this SSID | |
1162 | * be cleared? | |
876c9d3a MT |
1163 | * |
1164 | * @return 0-success, otherwise fail | |
1165 | */ | |
69f9032d | 1166 | int lbs_send_specific_ssid_scan(struct lbs_private *priv, |
d8efea25 | 1167 | u8 *ssid, u8 ssid_len, u8 clear_ssid) |
876c9d3a | 1168 | { |
10078321 | 1169 | struct lbs_ioctl_user_scan_cfg scancfg; |
eb8f7330 | 1170 | int ret = 0; |
876c9d3a | 1171 | |
e56188ac HS |
1172 | lbs_deb_enter_args(LBS_DEB_SCAN, "SSID '%s', clear %d", |
1173 | escape_essid(ssid, ssid_len), clear_ssid); | |
876c9d3a | 1174 | |
d8efea25 | 1175 | if (!ssid_len) |
eb8f7330 | 1176 | goto out; |
876c9d3a MT |
1177 | |
1178 | memset(&scancfg, 0x00, sizeof(scancfg)); | |
d8efea25 DW |
1179 | memcpy(scancfg.ssid, ssid, ssid_len); |
1180 | scancfg.ssid_len = ssid_len; | |
eb8f7330 | 1181 | scancfg.clear_ssid = clear_ssid; |
876c9d3a | 1182 | |
10078321 | 1183 | lbs_scan_networks(priv, &scancfg, 1); |
aa21c004 | 1184 | if (priv->surpriseremoved) { |
e56188ac HS |
1185 | ret = -1; |
1186 | goto out; | |
1187 | } | |
876c9d3a | 1188 | |
eb8f7330 | 1189 | out: |
e56188ac | 1190 | lbs_deb_leave_args(LBS_DEB_SCAN, "ret %d", ret); |
eb8f7330 | 1191 | return ret; |
876c9d3a MT |
1192 | } |
1193 | ||
e56188ac HS |
1194 | |
1195 | ||
1196 | ||
1197 | /*********************************************************************/ | |
1198 | /* */ | |
1199 | /* Support for Wireless Extensions */ | |
1200 | /* */ | |
1201 | /*********************************************************************/ | |
1202 | ||
ffd074fc | 1203 | |
00af0157 DW |
1204 | #define MAX_CUSTOM_LEN 64 |
1205 | ||
69f9032d | 1206 | static inline char *lbs_translate_scan(struct lbs_private *priv, |
fcdb53db DW |
1207 | char *start, char *stop, |
1208 | struct bss_descriptor *bss) | |
876c9d3a | 1209 | { |
876c9d3a | 1210 | struct chan_freq_power *cfp; |
876c9d3a MT |
1211 | char *current_val; /* For rates */ |
1212 | struct iw_event iwe; /* Temporary buffer */ | |
876c9d3a | 1213 | int j; |
876c9d3a MT |
1214 | #define PERFECT_RSSI ((u8)50) |
1215 | #define WORST_RSSI ((u8)0) | |
1216 | #define RSSI_DIFF ((u8)(PERFECT_RSSI - WORST_RSSI)) | |
1217 | u8 rssi; | |
1218 | ||
e56188ac HS |
1219 | lbs_deb_enter(LBS_DEB_SCAN); |
1220 | ||
aa21c004 | 1221 | cfp = lbs_find_cfp_by_band_and_channel(priv, 0, bss->channel); |
fcdb53db DW |
1222 | if (!cfp) { |
1223 | lbs_deb_scan("Invalid channel number %d\n", bss->channel); | |
e56188ac HS |
1224 | start = NULL; |
1225 | goto out; | |
2be92196 | 1226 | } |
876c9d3a | 1227 | |
ffd074fc | 1228 | /* First entry *MUST* be the BSSID */ |
fcdb53db DW |
1229 | iwe.cmd = SIOCGIWAP; |
1230 | iwe.u.ap_addr.sa_family = ARPHRD_ETHER; | |
1231 | memcpy(iwe.u.ap_addr.sa_data, &bss->bssid, ETH_ALEN); | |
1232 | start = iwe_stream_add_event(start, stop, &iwe, IW_EV_ADDR_LEN); | |
1233 | ||
1234 | /* SSID */ | |
1235 | iwe.cmd = SIOCGIWESSID; | |
1236 | iwe.u.data.flags = 1; | |
d8efea25 DW |
1237 | iwe.u.data.length = min((u32) bss->ssid_len, (u32) IW_ESSID_MAX_SIZE); |
1238 | start = iwe_stream_add_point(start, stop, &iwe, bss->ssid); | |
fcdb53db DW |
1239 | |
1240 | /* Mode */ | |
1241 | iwe.cmd = SIOCGIWMODE; | |
1242 | iwe.u.mode = bss->mode; | |
1243 | start = iwe_stream_add_event(start, stop, &iwe, IW_EV_UINT_LEN); | |
1244 | ||
1245 | /* Frequency */ | |
1246 | iwe.cmd = SIOCGIWFREQ; | |
1247 | iwe.u.freq.m = (long)cfp->freq * 100000; | |
1248 | iwe.u.freq.e = 1; | |
1249 | start = iwe_stream_add_event(start, stop, &iwe, IW_EV_FREQ_LEN); | |
1250 | ||
1251 | /* Add quality statistics */ | |
1252 | iwe.cmd = IWEVQUAL; | |
1253 | iwe.u.qual.updated = IW_QUAL_ALL_UPDATED; | |
1254 | iwe.u.qual.level = SCAN_RSSI(bss->rssi); | |
1255 | ||
1256 | rssi = iwe.u.qual.level - MRVDRV_NF_DEFAULT_SCAN_VALUE; | |
1257 | iwe.u.qual.qual = | |
1258 | (100 * RSSI_DIFF * RSSI_DIFF - (PERFECT_RSSI - rssi) * | |
1259 | (15 * (RSSI_DIFF) + 62 * (PERFECT_RSSI - rssi))) / | |
1260 | (RSSI_DIFF * RSSI_DIFF); | |
1261 | if (iwe.u.qual.qual > 100) | |
1262 | iwe.u.qual.qual = 100; | |
1263 | ||
aa21c004 | 1264 | if (priv->NF[TYPE_BEACON][TYPE_NOAVG] == 0) { |
fcdb53db DW |
1265 | iwe.u.qual.noise = MRVDRV_NF_DEFAULT_SCAN_VALUE; |
1266 | } else { | |
1267 | iwe.u.qual.noise = | |
aa21c004 | 1268 | CAL_NF(priv->NF[TYPE_BEACON][TYPE_NOAVG]); |
fcdb53db | 1269 | } |
80e78ef7 DW |
1270 | |
1271 | /* Locally created ad-hoc BSSs won't have beacons if this is the | |
1272 | * only station in the adhoc network; so get signal strength | |
1273 | * from receive statistics. | |
1274 | */ | |
aa21c004 DW |
1275 | if ((priv->mode == IW_MODE_ADHOC) |
1276 | && priv->adhoccreate | |
1277 | && !lbs_ssid_cmp(priv->curbssparams.ssid, | |
1278 | priv->curbssparams.ssid_len, | |
d8efea25 | 1279 | bss->ssid, bss->ssid_len)) { |
80e78ef7 | 1280 | int snr, nf; |
aa21c004 DW |
1281 | snr = priv->SNR[TYPE_RXPD][TYPE_AVG] / AVG_SCALE; |
1282 | nf = priv->NF[TYPE_RXPD][TYPE_AVG] / AVG_SCALE; | |
80e78ef7 | 1283 | iwe.u.qual.level = CAL_RSSI(snr, nf); |
fcdb53db DW |
1284 | } |
1285 | start = iwe_stream_add_event(start, stop, &iwe, IW_EV_QUAL_LEN); | |
876c9d3a | 1286 | |
fcdb53db DW |
1287 | /* Add encryption capability */ |
1288 | iwe.cmd = SIOCGIWENCODE; | |
0c9ca690 | 1289 | if (bss->capability & WLAN_CAPABILITY_PRIVACY) { |
fcdb53db DW |
1290 | iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY; |
1291 | } else { | |
1292 | iwe.u.data.flags = IW_ENCODE_DISABLED; | |
1293 | } | |
1294 | iwe.u.data.length = 0; | |
d8efea25 | 1295 | start = iwe_stream_add_point(start, stop, &iwe, bss->ssid); |
876c9d3a | 1296 | |
fcdb53db | 1297 | current_val = start + IW_EV_LCP_LEN; |
876c9d3a | 1298 | |
fcdb53db DW |
1299 | iwe.cmd = SIOCGIWRATE; |
1300 | iwe.u.bitrate.fixed = 0; | |
1301 | iwe.u.bitrate.disabled = 0; | |
1302 | iwe.u.bitrate.value = 0; | |
876c9d3a | 1303 | |
8c512765 DW |
1304 | for (j = 0; bss->rates[j] && (j < sizeof(bss->rates)); j++) { |
1305 | /* Bit rate given in 500 kb/s units */ | |
1306 | iwe.u.bitrate.value = bss->rates[j] * 500000; | |
fcdb53db DW |
1307 | current_val = iwe_stream_add_value(start, current_val, |
1308 | stop, &iwe, IW_EV_PARAM_LEN); | |
1309 | } | |
1310 | if ((bss->mode == IW_MODE_ADHOC) | |
aa21c004 DW |
1311 | && !lbs_ssid_cmp(priv->curbssparams.ssid, |
1312 | priv->curbssparams.ssid_len, | |
d8efea25 | 1313 | bss->ssid, bss->ssid_len) |
aa21c004 | 1314 | && priv->adhoccreate) { |
fcdb53db DW |
1315 | iwe.u.bitrate.value = 22 * 500000; |
1316 | current_val = iwe_stream_add_value(start, current_val, | |
1317 | stop, &iwe, IW_EV_PARAM_LEN); | |
1318 | } | |
1319 | /* Check if we added any event */ | |
1320 | if((current_val - start) > IW_EV_LCP_LEN) | |
1321 | start = current_val; | |
1322 | ||
1323 | memset(&iwe, 0, sizeof(iwe)); | |
1324 | if (bss->wpa_ie_len) { | |
1325 | char buf[MAX_WPA_IE_LEN]; | |
1326 | memcpy(buf, bss->wpa_ie, bss->wpa_ie_len); | |
1327 | iwe.cmd = IWEVGENIE; | |
1328 | iwe.u.data.length = bss->wpa_ie_len; | |
1329 | start = iwe_stream_add_point(start, stop, &iwe, buf); | |
1330 | } | |
876c9d3a | 1331 | |
fcdb53db DW |
1332 | memset(&iwe, 0, sizeof(iwe)); |
1333 | if (bss->rsn_ie_len) { | |
1334 | char buf[MAX_WPA_IE_LEN]; | |
1335 | memcpy(buf, bss->rsn_ie, bss->rsn_ie_len); | |
1336 | iwe.cmd = IWEVGENIE; | |
1337 | iwe.u.data.length = bss->rsn_ie_len; | |
1338 | start = iwe_stream_add_point(start, stop, &iwe, buf); | |
1339 | } | |
876c9d3a | 1340 | |
00af0157 DW |
1341 | if (bss->mesh) { |
1342 | char custom[MAX_CUSTOM_LEN]; | |
1343 | char *p = custom; | |
1344 | ||
1345 | iwe.cmd = IWEVCUSTOM; | |
1346 | p += snprintf(p, MAX_CUSTOM_LEN - (p - custom), | |
1347 | "mesh-type: olpc"); | |
1348 | iwe.u.data.length = p - custom; | |
1349 | if (iwe.u.data.length) | |
1350 | start = iwe_stream_add_point(start, stop, &iwe, custom); | |
1351 | } | |
1352 | ||
e56188ac HS |
1353 | out: |
1354 | lbs_deb_leave_args(LBS_DEB_SCAN, "start %p", start); | |
fcdb53db DW |
1355 | return start; |
1356 | } | |
876c9d3a | 1357 | |
ffd074fc HS |
1358 | |
1359 | /** | |
1360 | * @brief Handle Scan Network ioctl | |
1361 | * | |
1362 | * @param dev A pointer to net_device structure | |
1363 | * @param info A pointer to iw_request_info structure | |
1364 | * @param vwrq A pointer to iw_param structure | |
1365 | * @param extra A pointer to extra data buf | |
1366 | * | |
1367 | * @return 0 --success, otherwise fail | |
1368 | */ | |
1369 | int lbs_set_scan(struct net_device *dev, struct iw_request_info *info, | |
1370 | struct iw_param *wrqu, char *extra) | |
1371 | { | |
1372 | struct lbs_private *priv = dev->priv; | |
ffd074fc HS |
1373 | |
1374 | lbs_deb_enter(LBS_DEB_SCAN); | |
1375 | ||
1376 | if (!netif_running(dev)) | |
1377 | return -ENETDOWN; | |
1378 | ||
1379 | /* mac80211 does this: | |
1380 | struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); | |
1381 | if (sdata->type != IEEE80211_IF_TYPE_xxx) | |
1382 | return -EOPNOTSUPP; | |
1383 | ||
1384 | if (wrqu->data.length == sizeof(struct iw_scan_req) && | |
1385 | wrqu->data.flags & IW_SCAN_THIS_ESSID) { | |
1386 | req = (struct iw_scan_req *)extra; | |
1387 | ssid = req->essid; | |
1388 | ssid_len = req->essid_len; | |
1389 | } | |
1390 | */ | |
1391 | ||
1392 | if (!delayed_work_pending(&priv->scan_work)) | |
1393 | queue_delayed_work(priv->work_thread, &priv->scan_work, | |
1394 | msecs_to_jiffies(50)); | |
1395 | /* set marker that currently a scan is taking place */ | |
8816edce | 1396 | priv->scan_channel = -1; |
ffd074fc | 1397 | |
aa21c004 | 1398 | if (priv->surpriseremoved) |
ffd074fc HS |
1399 | return -EIO; |
1400 | ||
1401 | lbs_deb_leave(LBS_DEB_SCAN); | |
1402 | return 0; | |
1403 | } | |
1404 | ||
1405 | ||
fcdb53db | 1406 | /** |
e56188ac | 1407 | * @brief Handle Retrieve scan table ioctl |
fcdb53db DW |
1408 | * |
1409 | * @param dev A pointer to net_device structure | |
1410 | * @param info A pointer to iw_request_info structure | |
1411 | * @param dwrq A pointer to iw_point structure | |
1412 | * @param extra A pointer to extra data buf | |
1413 | * | |
1414 | * @return 0 --success, otherwise fail | |
1415 | */ | |
10078321 | 1416 | int lbs_get_scan(struct net_device *dev, struct iw_request_info *info, |
fcdb53db DW |
1417 | struct iw_point *dwrq, char *extra) |
1418 | { | |
1419 | #define SCAN_ITEM_SIZE 128 | |
69f9032d | 1420 | struct lbs_private *priv = dev->priv; |
fcdb53db DW |
1421 | int err = 0; |
1422 | char *ev = extra; | |
1423 | char *stop = ev + dwrq->length; | |
1424 | struct bss_descriptor * iter_bss; | |
1425 | struct bss_descriptor * safe; | |
876c9d3a | 1426 | |
e56188ac | 1427 | lbs_deb_enter(LBS_DEB_SCAN); |
876c9d3a | 1428 | |
ffd074fc | 1429 | /* iwlist should wait until the current scan is finished */ |
8816edce | 1430 | if (priv->scan_channel) |
ffd074fc HS |
1431 | return -EAGAIN; |
1432 | ||
80e78ef7 | 1433 | /* Update RSSI if current BSS is a locally created ad-hoc BSS */ |
aa21c004 | 1434 | if ((priv->mode == IW_MODE_ADHOC) && priv->adhoccreate) { |
10078321 | 1435 | lbs_prepare_and_send_command(priv, CMD_802_11_RSSI, 0, |
0aef64d7 | 1436 | CMD_OPTION_WAITFORRSP, 0, NULL); |
80e78ef7 DW |
1437 | } |
1438 | ||
aa21c004 DW |
1439 | mutex_lock(&priv->lock); |
1440 | list_for_each_entry_safe (iter_bss, safe, &priv->network_list, list) { | |
fcdb53db DW |
1441 | char * next_ev; |
1442 | unsigned long stale_time; | |
876c9d3a | 1443 | |
fcdb53db DW |
1444 | if (stop - ev < SCAN_ITEM_SIZE) { |
1445 | err = -E2BIG; | |
1446 | break; | |
876c9d3a | 1447 | } |
876c9d3a | 1448 | |
1e838bf3 LCC |
1449 | /* For mesh device, list only mesh networks */ |
1450 | if (dev == priv->mesh_dev && !iter_bss->mesh) | |
1451 | continue; | |
1452 | ||
fcdb53db DW |
1453 | /* Prune old an old scan result */ |
1454 | stale_time = iter_bss->last_scanned + DEFAULT_MAX_SCAN_AGE; | |
1455 | if (time_after(jiffies, stale_time)) { | |
1456 | list_move_tail (&iter_bss->list, | |
aa21c004 | 1457 | &priv->network_free_list); |
fcdb53db DW |
1458 | clear_bss_descriptor(iter_bss); |
1459 | continue; | |
876c9d3a MT |
1460 | } |
1461 | ||
fcdb53db | 1462 | /* Translate to WE format this entry */ |
10078321 | 1463 | next_ev = lbs_translate_scan(priv, ev, stop, iter_bss); |
fcdb53db DW |
1464 | if (next_ev == NULL) |
1465 | continue; | |
1466 | ev = next_ev; | |
876c9d3a | 1467 | } |
aa21c004 | 1468 | mutex_unlock(&priv->lock); |
876c9d3a | 1469 | |
fcdb53db | 1470 | dwrq->length = (ev - extra); |
876c9d3a MT |
1471 | dwrq->flags = 0; |
1472 | ||
e56188ac | 1473 | lbs_deb_leave_args(LBS_DEB_SCAN, "ret %d", err); |
fcdb53db | 1474 | return err; |
876c9d3a MT |
1475 | } |
1476 | ||
e56188ac HS |
1477 | |
1478 | ||
1479 | ||
1480 | /*********************************************************************/ | |
1481 | /* */ | |
1482 | /* Command execution */ | |
1483 | /* */ | |
1484 | /*********************************************************************/ | |
1485 | ||
1486 | ||
876c9d3a MT |
1487 | /** |
1488 | * @brief Prepare a scan command to be sent to the firmware | |
1489 | * | |
ffd074fc HS |
1490 | * Called via lbs_prepare_and_send_command(priv, CMD_802_11_SCAN, ...) |
1491 | * from cmd.c | |
876c9d3a | 1492 | * |
efad798b | 1493 | * Sends a fixed length data part (specifying the BSS type and BSSID filters) |
e56188ac | 1494 | * as well as a variable number/length of TLVs to the firmware. |
876c9d3a | 1495 | * |
69f9032d | 1496 | * @param priv A pointer to struct lbs_private structure |
876c9d3a MT |
1497 | * @param cmd A pointer to cmd_ds_command structure to be sent to |
1498 | * firmware with the cmd_DS_801_11_SCAN structure | |
10078321 | 1499 | * @param pdata_buf Void pointer cast of a lbs_scan_cmd_config struct used |
876c9d3a MT |
1500 | * to set the fields/TLVs for the command sent to firmware |
1501 | * | |
1502 | * @return 0 or -1 | |
876c9d3a | 1503 | */ |
69f9032d | 1504 | int lbs_cmd_80211_scan(struct lbs_private *priv, |
ffd074fc | 1505 | struct cmd_ds_command *cmd, void *pdata_buf) |
876c9d3a MT |
1506 | { |
1507 | struct cmd_ds_802_11_scan *pscan = &cmd->params.scan; | |
10078321 | 1508 | struct lbs_scan_cmd_config *pscancfg = pdata_buf; |
876c9d3a | 1509 | |
e56188ac | 1510 | lbs_deb_enter(LBS_DEB_SCAN); |
876c9d3a MT |
1511 | |
1512 | /* Set fixed field variables in scan command */ | |
1513 | pscan->bsstype = pscancfg->bsstype; | |
492b6da7 | 1514 | memcpy(pscan->bssid, pscancfg->bssid, ETH_ALEN); |
876c9d3a MT |
1515 | memcpy(pscan->tlvbuffer, pscancfg->tlvbuffer, pscancfg->tlvbufferlen); |
1516 | ||
876c9d3a | 1517 | /* size is equal to the sizeof(fixed portions) + the TLV len + header */ |
492b6da7 DW |
1518 | cmd->size = cpu_to_le16(sizeof(pscan->bsstype) + ETH_ALEN |
1519 | + pscancfg->tlvbufferlen + S_DS_GEN); | |
876c9d3a | 1520 | |
e56188ac | 1521 | lbs_deb_leave(LBS_DEB_SCAN); |
876c9d3a MT |
1522 | return 0; |
1523 | } | |
1524 | ||
1525 | /** | |
1526 | * @brief This function handles the command response of scan | |
1527 | * | |
e56188ac HS |
1528 | * Called from handle_cmd_response() in cmdrespc. |
1529 | * | |
876c9d3a MT |
1530 | * The response buffer for the scan command has the following |
1531 | * memory layout: | |
1532 | * | |
1533 | * .-----------------------------------------------------------. | |
1534 | * | header (4 * sizeof(u16)): Standard command response hdr | | |
1535 | * .-----------------------------------------------------------. | |
1536 | * | bufsize (u16) : sizeof the BSS Description data | | |
1537 | * .-----------------------------------------------------------. | |
1538 | * | NumOfSet (u8) : Number of BSS Descs returned | | |
1539 | * .-----------------------------------------------------------. | |
1540 | * | BSSDescription data (variable, size given in bufsize) | | |
1541 | * .-----------------------------------------------------------. | |
1542 | * | TLV data (variable, size calculated using header->size, | | |
1543 | * | bufsize and sizeof the fixed fields above) | | |
1544 | * .-----------------------------------------------------------. | |
1545 | * | |
69f9032d | 1546 | * @param priv A pointer to struct lbs_private structure |
876c9d3a MT |
1547 | * @param resp A pointer to cmd_ds_command |
1548 | * | |
1549 | * @return 0 or -1 | |
1550 | */ | |
69f9032d | 1551 | int lbs_ret_80211_scan(struct lbs_private *priv, struct cmd_ds_command *resp) |
876c9d3a | 1552 | { |
876c9d3a | 1553 | struct cmd_ds_802_11_scan_rsp *pscan; |
fcdb53db DW |
1554 | struct bss_descriptor * iter_bss; |
1555 | struct bss_descriptor * safe; | |
876c9d3a MT |
1556 | u8 *pbssinfo; |
1557 | u16 scanrespsize; | |
1558 | int bytesleft; | |
876c9d3a MT |
1559 | int idx; |
1560 | int tlvbufsize; | |
9012b28a | 1561 | int ret; |
876c9d3a | 1562 | |
e56188ac | 1563 | lbs_deb_enter(LBS_DEB_SCAN); |
876c9d3a | 1564 | |
fcdb53db | 1565 | /* Prune old entries from scan table */ |
aa21c004 | 1566 | list_for_each_entry_safe (iter_bss, safe, &priv->network_list, list) { |
fcdb53db DW |
1567 | unsigned long stale_time = iter_bss->last_scanned + DEFAULT_MAX_SCAN_AGE; |
1568 | if (time_before(jiffies, stale_time)) | |
1569 | continue; | |
aa21c004 | 1570 | list_move_tail (&iter_bss->list, &priv->network_free_list); |
fcdb53db DW |
1571 | clear_bss_descriptor(iter_bss); |
1572 | } | |
1573 | ||
876c9d3a MT |
1574 | pscan = &resp->params.scanresp; |
1575 | ||
fcdb53db DW |
1576 | if (pscan->nr_sets > MAX_NETWORK_COUNT) { |
1577 | lbs_deb_scan( | |
1578 | "SCAN_RESP: too many scan results (%d, max %d)!!\n", | |
1579 | pscan->nr_sets, MAX_NETWORK_COUNT); | |
9012b28a HS |
1580 | ret = -1; |
1581 | goto done; | |
876c9d3a MT |
1582 | } |
1583 | ||
e7240aca | 1584 | bytesleft = le16_to_cpu(pscan->bssdescriptsize); |
9012b28a | 1585 | lbs_deb_scan("SCAN_RESP: bssdescriptsize %d\n", bytesleft); |
876c9d3a | 1586 | |
e7240aca DW |
1587 | scanrespsize = le16_to_cpu(resp->size); |
1588 | lbs_deb_scan("SCAN_RESP: scan results %d\n", pscan->nr_sets); | |
876c9d3a | 1589 | |
876c9d3a MT |
1590 | pbssinfo = pscan->bssdesc_and_tlvbuffer; |
1591 | ||
1592 | /* The size of the TLV buffer is equal to the entire command response | |
1593 | * size (scanrespsize) minus the fixed fields (sizeof()'s), the | |
1594 | * BSS Descriptions (bssdescriptsize as bytesLef) and the command | |
1595 | * response header (S_DS_GEN) | |
1596 | */ | |
1597 | tlvbufsize = scanrespsize - (bytesleft + sizeof(pscan->bssdescriptsize) | |
1598 | + sizeof(pscan->nr_sets) | |
1599 | + S_DS_GEN); | |
1600 | ||
876c9d3a MT |
1601 | /* |
1602 | * Process each scan response returned (pscan->nr_sets). Save | |
1603 | * the information in the newbssentry and then insert into the | |
1604 | * driver scan table either as an update to an existing entry | |
1605 | * or as an addition at the end of the table | |
1606 | */ | |
1607 | for (idx = 0; idx < pscan->nr_sets && bytesleft; idx++) { | |
fcdb53db DW |
1608 | struct bss_descriptor new; |
1609 | struct bss_descriptor * found = NULL; | |
fcdb53db | 1610 | struct bss_descriptor * oldest = NULL; |
0795af57 | 1611 | DECLARE_MAC_BUF(mac); |
876c9d3a MT |
1612 | |
1613 | /* Process the data fields and IEs returned for this BSS */ | |
fcdb53db | 1614 | memset(&new, 0, sizeof (struct bss_descriptor)); |
10078321 | 1615 | if (lbs_process_bss(&new, &pbssinfo, &bytesleft) != 0) { |
fcdb53db DW |
1616 | /* error parsing the scan response, skipped */ |
1617 | lbs_deb_scan("SCAN_RESP: process_bss returned ERROR\n"); | |
1618 | continue; | |
1619 | } | |
876c9d3a | 1620 | |
fcdb53db | 1621 | /* Try to find this bss in the scan table */ |
aa21c004 | 1622 | list_for_each_entry (iter_bss, &priv->network_list, list) { |
fcdb53db DW |
1623 | if (is_same_network(iter_bss, &new)) { |
1624 | found = iter_bss; | |
1625 | break; | |
876c9d3a MT |
1626 | } |
1627 | ||
fcdb53db DW |
1628 | if ((oldest == NULL) || |
1629 | (iter_bss->last_scanned < oldest->last_scanned)) | |
1630 | oldest = iter_bss; | |
1631 | } | |
876c9d3a | 1632 | |
fcdb53db DW |
1633 | if (found) { |
1634 | /* found, clear it */ | |
1635 | clear_bss_descriptor(found); | |
aa21c004 | 1636 | } else if (!list_empty(&priv->network_free_list)) { |
fcdb53db | 1637 | /* Pull one from the free list */ |
aa21c004 | 1638 | found = list_entry(priv->network_free_list.next, |
fcdb53db | 1639 | struct bss_descriptor, list); |
aa21c004 | 1640 | list_move_tail(&found->list, &priv->network_list); |
fcdb53db DW |
1641 | } else if (oldest) { |
1642 | /* If there are no more slots, expire the oldest */ | |
1643 | found = oldest; | |
1644 | clear_bss_descriptor(found); | |
aa21c004 | 1645 | list_move_tail(&found->list, &priv->network_list); |
876c9d3a | 1646 | } else { |
fcdb53db DW |
1647 | continue; |
1648 | } | |
876c9d3a | 1649 | |
ffd074fc | 1650 | lbs_deb_scan("SCAN_RESP: BSSID %s\n", |
0795af57 | 1651 | print_mac(mac, new.bssid)); |
fcdb53db | 1652 | |
fcdb53db DW |
1653 | /* Copy the locally created newbssentry to the scan table */ |
1654 | memcpy(found, &new, offsetof(struct bss_descriptor, list)); | |
1655 | } | |
876c9d3a | 1656 | |
9012b28a | 1657 | ret = 0; |
876c9d3a | 1658 | |
9012b28a HS |
1659 | done: |
1660 | lbs_deb_leave_args(LBS_DEB_SCAN, "ret %d", ret); | |
1661 | return ret; | |
876c9d3a | 1662 | } |