projects / GitHub / LineageOS / android_kernel_motorola_exynos9610.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
[RAMEN9610-20880]wlbt: Driver changes for VTS Q Support for Auto Channel Selection
[GitHub/LineageOS/android_kernel_motorola_exynos9610.git] / drivers / net / wireless / scsc / rx.c
1 /*****************************************************************************
2 *
3 * Copyright (c) 2012 - 2019 Samsung Electronics Co., Ltd. All rights reserved
4 *
5 ****************************************************************************/
6 #include <linux/etherdevice.h>
7 #include <linux/time.h>
8
9 #include "debug.h"
10 #include "dev.h"
11 #include "mgt.h"
12 #include "mlme.h"
13 #include "src_sink.h"
14 #include "const.h"
15 #include "ba.h"
16 #include "mib.h"
17 #include "cac.h"
18 #include "nl80211_vendor.h"
19
20 #ifdef CONFIG_ANDROID
21 #include "scsc_wifilogger_rings.h"
22 #endif
23
24 #ifdef CONFIG_SCSC_LOG_COLLECTION
25 #include <scsc/scsc_log_collector.h>
26 #endif
27
28 #if (LINUX_VERSION_CODE < KERNEL_VERSION(3, 14, 0))
29 #include "porting_imx.h"
30 #endif
31 struct ieee80211_channel *slsi_find_scan_channel(struct slsi_dev *sdev, struct ieee80211_mgmt *mgmt, size_t mgmt_len, u16 freq)
32 {
33 int ielen = mgmt_len - (mgmt->u.beacon.variable - (u8 *)mgmt);
34 const u8 *scan_ds = cfg80211_find_ie(WLAN_EID_DS_PARAMS, mgmt->u.beacon.variable, ielen);
35 const u8 *scan_ht = cfg80211_find_ie(WLAN_EID_HT_OPERATION, mgmt->u.beacon.variable, ielen);
36 u8 chan = 0;
37
38 /* Use the DS or HT channel where possible as the Offchannel results mean the RX freq is not reliable */
39 if (scan_ds)
40 chan = scan_ds[2];
41 else if (scan_ht)
42 chan = scan_ht[2];
43
44 if (chan) {
45 enum nl80211_band band = NL80211_BAND_2GHZ;
46
47 if (chan > 14)
48 band = NL80211_BAND_5GHZ;
49 freq = (u16)ieee80211_channel_to_frequency(chan, band);
50 }
51 if (!freq)
52 return NULL;
53
54 return ieee80211_get_channel(sdev->wiphy, freq);
55 }
56
57 static struct ieee80211_mgmt *slsi_rx_scan_update_ssid(struct slsi_dev *sdev, struct net_device *dev,
58 struct ieee80211_mgmt *mgmt, size_t mgmt_len, size_t *new_len,
59 u16 freq)
60 {
61 struct netdev_vif *ndev_vif = netdev_priv(dev);
62 u8 *new_mgmt;
63 int offset;
64 const u8 *mgmt_pos;
65 const u8 *ssid;
66 int i;
67 int band;
68
69 if (!SLSI_IS_VIF_INDEX_WLAN(ndev_vif))
70 return NULL;
71
72 /* update beacon, not probe response as probe response will always have actual ssid.*/
73 if (!ieee80211_is_beacon(mgmt->frame_control))
74 return NULL;
75
76 ssid = cfg80211_find_ie(WLAN_EID_SSID, mgmt->u.beacon.variable,
77 mgmt_len - (mgmt->u.beacon.variable - (u8 *)mgmt));
78 if (!ssid) {
79 SLSI_WARN(sdev, "beacon with NO SSID IE\n");
80 return NULL;
81 }
82 /* update beacon only if hidden ssid. So, Skip if not hidden ssid*/
83 if ((ssid[1] > 0) && (ssid[2] != '\0'))
84 return NULL;
85
86 band = (freq / 1000) == 2 ? SLSI_FREQ_BAND_2GHZ : SLSI_FREQ_BAND_5GHZ;
87
88 /* check we have a known ssid for a bss */
89 for (i = 0; i < SLSI_SCAN_SSID_MAP_MAX; i++) {
90 if (SLSI_ETHER_EQUAL(sdev->ssid_map[i].bssid, mgmt->bssid) && (sdev->ssid_map[i].band == band)) {
91 new_mgmt = kmalloc(mgmt_len + 34, GFP_KERNEL);
92 if (!new_mgmt) {
93 SLSI_ERR_NODEV("malloc failed(len:%ld)\n", mgmt_len + 34);
94 return NULL;
95 }
96
97 /* copy frame till ssid element */
98 memcpy(new_mgmt, mgmt, ssid - (u8 *)mgmt);
99 offset = ssid - (u8 *)mgmt;
100 /* copy bss ssid into new frame */
101 new_mgmt[offset++] = WLAN_EID_SSID;
102 new_mgmt[offset++] = sdev->ssid_map[i].ssid_len;
103 memcpy(new_mgmt + offset, sdev->ssid_map[i].ssid, sdev->ssid_map[i].ssid_len);
104 offset += sdev->ssid_map[i].ssid_len;
105 /* copy rest of the frame following ssid */
106 mgmt_pos = ssid + ssid[1] + 2;
107 memcpy(new_mgmt + offset, mgmt_pos, mgmt_len - (mgmt_pos - (u8 *)mgmt));
108 offset += mgmt_len - (mgmt_pos - (u8 *)mgmt);
109 *new_len = offset;
110
111 return (struct ieee80211_mgmt *)new_mgmt;
112 }
113 }
114 return NULL;
115 }
116
117 void slsi_rx_scan_pass_to_cfg80211(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb)
118 {
119 struct ieee80211_mgmt *mgmt = fapi_get_mgmt(skb);
120 size_t mgmt_len = fapi_get_mgmtlen(skb);
121 s32 signal = fapi_get_s16(skb, u.mlme_scan_ind.rssi) * 100;
122 u16 freq = SLSI_FREQ_FW_TO_HOST(fapi_get_u16(skb, u.mlme_scan_ind.channel_frequency));
123 struct ieee80211_channel *channel = slsi_find_scan_channel(sdev, mgmt, mgmt_len, freq);
124 struct timespec uptime;
125
126 get_monotonic_boottime(&uptime);
127 SLSI_UNUSED_PARAMETER(dev);
128
129 /* update timestamp with device uptime in micro sec */
130 mgmt->u.beacon.timestamp = (uptime.tv_sec * 1000000) + (uptime.tv_nsec / 1000);
131
132 if (channel) {
133 struct cfg80211_bss *bss;
134 struct ieee80211_mgmt *mgmt_new;
135 size_t mgmt_new_len = 0;
136
137 mgmt_new = slsi_rx_scan_update_ssid(sdev, dev, mgmt, mgmt_len, &mgmt_new_len, freq);
138 if (mgmt_new)
139 bss = cfg80211_inform_bss_frame(sdev->wiphy, channel, mgmt_new, mgmt_new_len, signal, GFP_KERNEL);
140 else
141 bss = cfg80211_inform_bss_frame(sdev->wiphy, channel, mgmt, mgmt_len, signal, GFP_KERNEL);
142
143 slsi_cfg80211_put_bss(sdev->wiphy, bss);
144 kfree(mgmt_new);
145 } else {
146 SLSI_NET_DBG1(dev, SLSI_MLME, "No Channel info found for freq:%d\n", freq);
147 }
148
149 slsi_kfree_skb(skb);
150 }
151
152 static int slsi_add_to_scan_list(struct slsi_dev *sdev, struct netdev_vif *ndev_vif,
153 struct sk_buff *skb, const u8 *scan_ssid, u16 scan_id)
154 {
155 struct slsi_scan_result *head;
156 struct slsi_scan_result *scan_result, *current_result, *prev = NULL;
157 struct ieee80211_mgmt *mgmt = fapi_get_mgmt(skb);
158 bool found = 0, skb_stored = 0;
159 int current_rssi, current_band;
160
161 SLSI_MUTEX_LOCK(ndev_vif->scan_result_mutex);
162 head = ndev_vif->scan[scan_id].scan_results;
163 scan_result = head;
164 current_rssi = fapi_get_s16(skb, u.mlme_scan_ind.rssi);
165 current_band = (fapi_get_s16(skb,
166 u.mlme_scan_ind.channel_frequency) /
167 2000) == 2 ? SLSI_FREQ_BAND_2GHZ : SLSI_FREQ_BAND_5GHZ;
168
169 while (scan_result) {
170 if (SLSI_ETHER_EQUAL(scan_result->bssid, mgmt->bssid) && (scan_result->band == current_band)) {
171 /*entry exists for bssid*/
172 if (!scan_result->probe_resp && ieee80211_is_probe_resp(mgmt->frame_control)) {
173 scan_result->probe_resp = skb;
174 skb_stored = 1;
175 } else if (!scan_result->beacon && ieee80211_is_beacon(mgmt->frame_control)) {
176 scan_result->beacon = skb;
177 skb_stored = 1;
178 if (!scan_ssid || !scan_ssid[1] || scan_ssid[2] == '\0')
179 scan_result->hidden = 1;
180 }
181
182 /* Use the best RSSI value from all beacons/probe resp for a bssid. If no improvment
183 * in RSSI and beacon and probe response exist, ignore this result
184 */
185 if (current_rssi < scan_result->rssi) {
186 if (!skb_stored)
187 slsi_kfree_skb(skb);
188 SLSI_MUTEX_UNLOCK(ndev_vif->scan_result_mutex);
189 return 0;
190 }
191
192 scan_result->rssi = current_rssi;
193 if (!skb_stored) {
194 if (ieee80211_is_beacon(mgmt->frame_control)) {
195 slsi_kfree_skb(scan_result->beacon);
196 scan_result->beacon = skb;
197 } else {
198 slsi_kfree_skb(scan_result->probe_resp);
199 scan_result->probe_resp = skb;
200 }
201 }
202
203 /*No change in position if rssi is still less than prev node*/
204 if (!prev || (prev->rssi > current_rssi)) {
205 SLSI_MUTEX_UNLOCK(ndev_vif->scan_result_mutex);
206 return 0;
207 }
208
209 /*remove and re-insert*/
210 found = 1;
211 prev->next = scan_result->next;
212 scan_result->next = NULL;
213 current_result = scan_result;
214
215 break;
216 }
217
218 prev = scan_result;
219 scan_result = scan_result->next;
220 }
221
222 if (!found) {
223 /*add_new node*/
224 current_result = kzalloc(sizeof(*current_result), GFP_KERNEL);
225 if (!current_result) {
226 SLSI_ERR(sdev, "Failed to allocate node for scan result\n");
227 SLSI_MUTEX_UNLOCK(ndev_vif->scan_result_mutex);
228 return -1;
229 }
230 SLSI_ETHER_COPY(current_result->bssid, mgmt->bssid);
231
232 current_result->rssi = current_rssi;
233 current_result->band = current_band;
234 if (ieee80211_is_beacon(mgmt->frame_control)) {
235 current_result->beacon = skb;
236 if (!scan_ssid || !scan_ssid[1] || scan_ssid[2] == '\0')
237 current_result->hidden = 1;
238 } else {
239 current_result->probe_resp = skb;
240 }
241 current_result->next = NULL;
242
243 if (!head) { /*first node*/
244 ndev_vif->scan[scan_id].scan_results = current_result;
245 SLSI_MUTEX_UNLOCK(ndev_vif->scan_result_mutex);
246 return 0;
247 }
248 }
249
250 scan_result = head;
251 prev = NULL;
252 /* insert based on rssi in descending order*/
253 while (scan_result) {
254 if (current_result->rssi > scan_result->rssi) {
255 current_result->next = scan_result;
256 if (prev)
257 prev->next = current_result;
258 else
259 ndev_vif->scan[scan_id].scan_results = current_result;
260 break;
261 }
262 prev = scan_result;
263 scan_result = scan_result->next;
264 }
265 if (!scan_result) {
266 /*insert at the end*/
267 prev->next = current_result;
268 current_result->next = NULL;
269 }
270
271 SLSI_MUTEX_UNLOCK(ndev_vif->scan_result_mutex);
272 return 0;
273 }
274
275 static int slsi_add_to_p2p_scan_list(struct slsi_dev *sdev, struct netdev_vif *ndev_vif,
276 struct sk_buff *skb, u16 scan_id)
277 {
278 struct slsi_scan_result *current_result;
279 struct ieee80211_mgmt *mgmt = fapi_get_mgmt(skb);
280 struct slsi_scan *scan;
281
282 /*add_new node*/
283 current_result = kzalloc(sizeof(*current_result), GFP_KERNEL);
284 if (!current_result) {
285 SLSI_ERR(sdev, "Failed to allocate node for scan result\n");
286 return -1;
287 }
288 SLSI_ETHER_COPY(current_result->bssid, mgmt->bssid);
289
290 SLSI_MUTEX_LOCK(ndev_vif->scan_result_mutex);
291 scan = &ndev_vif->scan[scan_id];
292 if (ieee80211_is_beacon(mgmt->frame_control))
293 current_result->beacon = skb;
294 else
295 current_result->probe_resp = skb;
296
297 if (!scan->scan_results) {
298 scan->scan_results = current_result;
299 current_result->next = NULL;
300 } else {
301 current_result->next = scan->scan_results;
302 scan->scan_results = current_result;
303 }
304 SLSI_MUTEX_UNLOCK(ndev_vif->scan_result_mutex);
305
306 return 0;
307 }
308
309 void slsi_rx_scan_ind(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb)
310 {
311 u16 scan_id = fapi_get_u16(skb, u.mlme_scan_ind.scan_id);
312 struct netdev_vif *ndev_vif = netdev_priv(dev);
313 struct ieee80211_mgmt *mgmt = fapi_get_mgmt(skb);
314 size_t mgmt_len = fapi_get_mgmtlen(skb);
315 size_t ie_len = mgmt_len - offsetof(struct ieee80211_mgmt, u.probe_resp.variable);
316 const u8 *scan_ssid = NULL;
317
318 #ifdef CONFIG_SCSC_WLAN_GSCAN_ENABLE
319 if (slsi_is_gscan_id(scan_id)) {
320 SLSI_NET_DBG3(dev, SLSI_GSCAN, "scan_id:%#x bssid:%pM\n", scan_id, fapi_get_mgmt(skb)->bssid);
321 SLSI_MUTEX_LOCK(ndev_vif->scan_mutex);
322 slsi_gscan_handle_scan_result(sdev, dev, skb, scan_id, false);
323 SLSI_MUTEX_UNLOCK(ndev_vif->scan_mutex);
324 return;
325 }
326 #endif
327
328 scan_ssid = cfg80211_find_ie(WLAN_EID_SSID, mgmt->u.probe_resp.variable, ie_len);
329
330 if (sdev->p2p_certif && (ndev_vif->iftype == NL80211_IFTYPE_P2P_CLIENT) && (scan_id == (ndev_vif->ifnum << 8 | SLSI_SCAN_HW_ID))) {
331 /* When supplicant receives a peer GO probe response with selected registrar set and group capability as 0,
332 * which is invalid, it is unable to store persistent network block. Hence such probe response is getting ignored here.
333 * This is mainly for an inter-op with Realtek P2P GO in P2P certification
334 */
335 if (scan_ssid && scan_ssid[1] > 7) {
336 const u8 *p2p_ie = NULL;
337
338 p2p_ie = cfg80211_find_vendor_ie(WLAN_OUI_WFA, WLAN_OUI_TYPE_WFA_P2P, mgmt->u.probe_resp.variable, ie_len);
339 #define P2P_GROUP_CAPAB_PERSISTENT_GROUP BIT(1)
340 if (p2p_ie && !(p2p_ie[10] & P2P_GROUP_CAPAB_PERSISTENT_GROUP)) {
341 SLSI_NET_INFO(dev, "Ignoring a peer GO probe response with group_capab as 0\n");
342 slsi_kfree_skb(skb);
343 return;
344 }
345 }
346 }
347
348 scan_id = (scan_id & 0xFF);
349
350 if (WARN_ON(scan_id >= SLSI_SCAN_MAX)) {
351 slsi_kfree_skb(skb);
352 return;
353 }
354
355 /* Blocking scans already taken scan mutex.
356 * So scan mutex only incase of non blocking scans.
357 */
358 if (!ndev_vif->scan[scan_id].is_blocking_scan)
359 SLSI_MUTEX_LOCK(ndev_vif->scan_mutex);
360
361 if (fapi_get_vif(skb) != 0 && fapi_get_u16(skb, u.mlme_scan_ind.scan_id) == 0) {
362 /* Connect/Roaming scan data : Save for processing later */
363 SLSI_NET_DBG1(dev, SLSI_MLME, "Connect/Roaming scan indication received, bssid:%pM\n", fapi_get_mgmt(skb)->bssid);
364 slsi_kfree_skb(ndev_vif->sta.mlme_scan_ind_skb);
365 ndev_vif->sta.mlme_scan_ind_skb = skb;
366 } else if (ndev_vif->scan[scan_id].scan_req || ndev_vif->scan[scan_id].sched_req ||
367 ndev_vif->scan[scan_id].acs_request ||
368 ndev_vif->scan[SLSI_SCAN_HW_ID].is_blocking_scan) {
369 slsi_roam_channel_cache_add(sdev, dev, skb);
370 if (SLSI_IS_VIF_INDEX_WLAN(ndev_vif))
371 slsi_add_to_scan_list(sdev, ndev_vif, skb, scan_ssid, scan_id);
372 else
373 slsi_add_to_p2p_scan_list(sdev, ndev_vif, skb, scan_id);
374 }
375
376 if (!ndev_vif->scan[scan_id].is_blocking_scan)
377 SLSI_MUTEX_UNLOCK(ndev_vif->scan_mutex);
378 }
379
380 #ifdef CONFIG_SLSI_WLAN_STA_FWD_BEACON
381 void slsi_rx_beacon_reporting_event_ind(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb)
382 {
383 struct netdev_vif *ndev_vif = netdev_priv(dev);
384 u16 reason_code = fapi_get_u16(skb, u.mlme_beacon_reporting_event_ind.abort_reason) -
385 SLSI_FORWARD_BEACON_ABORT_REASON_OFFSET;
386 int ret = 0;
387
388 if (!ndev_vif->is_wips_running) {
389 SLSI_ERR(sdev, "WIPS is not running. Ignore beacon_reporting_event_ind(%u)\n", reason_code);
390 return;
391 }
392
393 ndev_vif->is_wips_running = false;
394
395 if (reason_code >= SLSI_FORWARD_BEACON_ABORT_REASON_UNSPECIFIED &&
396 reason_code <= SLSI_FORWARD_BEACON_ABORT_REASON_SUSPENDED) {
397 SLSI_INFO(sdev, "received abort_event from FW with reason(%u)\n", reason_code);
398 } else {
399 SLSI_ERR(sdev, "received abort_event unsupporting reason(%u)\n", reason_code);
400 }
401
402 ret = slsi_send_forward_beacon_abort_vendor_event(sdev, reason_code);
403 if (ret)
404 SLSI_ERR(sdev, "Failed to send forward_beacon_abort_event(err=%d)\n", ret);
405 }
406
407 void slsi_handle_wips_beacon(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb,
408 struct ieee80211_mgmt *mgmt, int mgmt_len)
409 {
410 struct netdev_vif *ndev_vif = netdev_priv(dev);
411 size_t ie_len = mgmt_len - offsetof(struct ieee80211_mgmt, u.beacon.variable);
412 const u8 *ssid_ie = NULL;
413 const u8 *scan_ssid = NULL;
414 const u8 *scan_bssid = NULL;
415 u16 beacon_int = 0;
416 u64 timestamp = 0;
417 int ssid_len = 0;
418 struct timespec sys_time;
419 int ret = 0;
420
421 u8 channel = (u8)(ndev_vif->chan->hw_value);
422
423 get_monotonic_boottime(&sys_time);
424 scan_bssid = fapi_get_mgmt(skb)->bssid;
425
426 ssid_ie = cfg80211_find_ie(WLAN_EID_SSID, mgmt->u.beacon.variable, ie_len);
427 ssid_len = ssid_ie[1];
428 scan_ssid = &ssid_ie[2];
429 beacon_int = mgmt->u.beacon.beacon_int;
430 timestamp = mgmt->u.beacon.timestamp;
431
432 SLSI_NET_DBG2(dev, SLSI_RX,
433 "forward_beacon from bssid:%pM beacon_int:%u timestamp:%llu system_time:%llu\n",
434 fapi_get_mgmt(skb)->bssid, beacon_int, timestamp,
435 (u64)TIMESPEC_TO_US(sys_time));
436
437 ret = slsi_send_forward_beacon_vendor_event(sdev, scan_ssid, ssid_len, scan_bssid,
438 channel, beacon_int, timestamp,
439 (u64)TIMESPEC_TO_US(sys_time));
440 if (ret)
441 SLSI_ERR(sdev, "Failed to forward beacon_event\n");
442 }
443 #endif
444
445 static void slsi_scan_update_ssid_map(struct slsi_dev *sdev, struct net_device *dev, u16 scan_id)
446 {
447 struct netdev_vif *ndev_vif = netdev_priv(dev);
448 struct ieee80211_mgmt *mgmt;
449 const u8 *ssid_ie = NULL, *connected_ssid = NULL;
450 int i, found = 0, is_connected = 0;
451 struct slsi_scan_result *scan_result = NULL;
452 int band;
453
454 WARN_ON(!SLSI_MUTEX_IS_LOCKED(ndev_vif->vif_mutex));
455 WARN_ON(!SLSI_MUTEX_IS_LOCKED(ndev_vif->scan_result_mutex));
456
457 if (ndev_vif->activated && ndev_vif->vif_type == FAPI_VIFTYPE_STATION && ndev_vif->sta.sta_bss) {
458 band = (ndev_vif->sta.sta_bss->channel->center_freq /
459 1000) == 2 ? SLSI_FREQ_BAND_2GHZ : SLSI_FREQ_BAND_5GHZ;
460 is_connected = 1;
461 connected_ssid = cfg80211_find_ie(WLAN_EID_SSID, ndev_vif->sta.sta_bss->ies->data, ndev_vif->sta.sta_bss->ies->len);
462 }
463
464 /* sanitize map: [remove any old entries] */
465 for (i = 0; i < SLSI_SCAN_SSID_MAP_MAX; i++) {
466 found = 0;
467 if (!sdev->ssid_map[i].ssid_len)
468 continue;
469
470 /* We are connected to this hidden AP. So no need to check if this AP is present in scan results */
471 if (is_connected && SLSI_ETHER_EQUAL(ndev_vif->sta.sta_bss->bssid, sdev->ssid_map[i].bssid) &&
472 (sdev->ssid_map[i].band == band))
473 continue;
474
475 /* If this entry AP is found to be non-hidden, remove entry. */
476 scan_result = ndev_vif->scan[scan_id].scan_results;
477 while (scan_result) {
478 if (SLSI_ETHER_EQUAL(sdev->ssid_map[i].bssid, scan_result->bssid) &&
479 (sdev->ssid_map[i].band == scan_result->band)) {
480 /* AP is no more hidden. OR AP is hidden but did not
481 * receive probe resp. Go for expiry.
482 */
483 if (!scan_result->hidden || (scan_result->hidden && !scan_result->probe_resp))
484 sdev->ssid_map[i].age = SLSI_SCAN_SSID_MAP_EXPIRY_AGE;
485 else
486 found = 1;
487 break;
488 }
489 scan_result = scan_result->next;
490 }
491
492 if (!found) {
493 sdev->ssid_map[i].age++;
494 if (sdev->ssid_map[i].age > SLSI_SCAN_SSID_MAP_EXPIRY_AGE) {
495 sdev->ssid_map[i].ssid_len = 0;
496 sdev->ssid_map[i].age = 0;
497 }
498 }
499 }
500
501 scan_result = ndev_vif->scan[scan_id].scan_results;
502 /* update/add hidden bss with known ssid */
503 while (scan_result) {
504 ssid_ie = NULL;
505
506 if (scan_result->hidden) {
507 if (is_connected && SLSI_ETHER_EQUAL(ndev_vif->sta.sta_bss->bssid, scan_result->bssid) &&
508 (scan_result->band == band)) {
509 ssid_ie = connected_ssid;
510 } else if (scan_result->probe_resp) {
511 mgmt = fapi_get_mgmt(scan_result->probe_resp);
512 ssid_ie = cfg80211_find_ie(WLAN_EID_SSID, mgmt->u.beacon.variable, fapi_get_mgmtlen(scan_result->probe_resp) - (mgmt->u.beacon.variable - (u8 *)mgmt));
513 }
514 }
515
516 if (!ssid_ie) {
517 scan_result = scan_result->next;
518 continue;
519 }
520
521 found = 0;
522 /* if this bss is in map, update map */
523 for (i = 0; i < SLSI_SCAN_SSID_MAP_MAX; i++) {
524 if (!sdev->ssid_map[i].ssid_len)
525 continue;
526 if (SLSI_ETHER_EQUAL(scan_result->bssid, sdev->ssid_map[i].bssid) &&
527 (scan_result->band == sdev->ssid_map[i].band)) {
528 sdev->ssid_map[i].ssid_len = ssid_ie[1];
529 memcpy(sdev->ssid_map[i].ssid, &ssid_ie[2], ssid_ie[1]);
530 found = 1;
531 break;
532 }
533 }
534 if (!found) {
535 /* add a new entry in map */
536 for (i = 0; i < SLSI_SCAN_SSID_MAP_MAX; i++) {
537 if (sdev->ssid_map[i].ssid_len)
538 continue;
539 SLSI_ETHER_COPY(sdev->ssid_map[i].bssid, scan_result->bssid);
540 sdev->ssid_map[i].age = 0;
541 sdev->ssid_map[i].ssid_len = ssid_ie[1];
542 sdev->ssid_map[i].band = scan_result->band;
543 memcpy(sdev->ssid_map[i].ssid, &ssid_ie[2], ssid_ie[1]);
544 break;
545 }
546 }
547 scan_result = scan_result->next;
548 }
549 }
550
551 void slsi_scan_complete(struct slsi_dev *sdev, struct net_device *dev, u16 scan_id, bool aborted)
552 {
553 struct netdev_vif *ndev_vif = netdev_priv(dev);
554 struct sk_buff *scan;
555 int count = 0;
556 int *result_count = NULL, max_count = 0;
557 struct cfg80211_scan_info info = {.aborted = aborted};
558 int scan_results_count = 0;
559 int more_than_max_count = 0;
560
561 if (WARN_ON(scan_id >= SLSI_SCAN_MAX))
562 return;
563
564 if (scan_id == SLSI_SCAN_HW_ID && !ndev_vif->scan[scan_id].scan_req)
565 return;
566
567 if (WARN_ON(scan_id == SLSI_SCAN_SCHED_ID && !ndev_vif->scan[scan_id].sched_req))
568 return;
569
570 SLSI_MUTEX_LOCK(ndev_vif->scan_result_mutex);
571 if (SLSI_IS_VIF_INDEX_WLAN(ndev_vif)) {
572 slsi_scan_update_ssid_map(sdev, dev, scan_id);
573 result_count = &count;
574 max_count = slsi_dev_get_scan_result_count();
575 }
576 scan = slsi_dequeue_cached_scan_result(&ndev_vif->scan[scan_id], result_count);
577 while (scan) {
578 scan_results_count++;
579 /* skb freed inside slsi_rx_scan_pass_to_cfg80211 */
580 slsi_rx_scan_pass_to_cfg80211(sdev, dev, scan);
581
582 if ((SLSI_IS_VIF_INDEX_WLAN(ndev_vif)) && (*result_count >= max_count)) {
583 more_than_max_count = 1;
584 slsi_purge_scan_results_locked(ndev_vif, scan_id);
585 break;
586 }
587 scan = slsi_dequeue_cached_scan_result(&ndev_vif->scan[scan_id], result_count);
588 }
589 SLSI_INFO(sdev, "Scan count:%d APs\n", scan_results_count);
590 SLSI_NET_DBG3(dev, SLSI_MLME, "interface:%d, scan_id:%d,%s\n", ndev_vif->ifnum, scan_id,
591 more_than_max_count ? "Scan results overflow" : "");
592 slsi_roam_channel_cache_prune(dev, SLSI_ROAMING_CHANNEL_CACHE_TIMEOUT);
593
594 if (scan_id == SLSI_SCAN_HW_ID) {
595 if (SLSI_IS_VIF_INDEX_P2P(ndev_vif) && (!SLSI_IS_P2P_GROUP_STATE(sdev))) {
596 /* Check for unsync vif as it could be present during the cycle of social channel scan and listen */
597 if (ndev_vif->activated)
598 SLSI_P2P_STATE_CHANGE(sdev, P2P_IDLE_VIF_ACTIVE);
599 else
600 SLSI_P2P_STATE_CHANGE(sdev, P2P_IDLE_NO_VIF);
601 }
602 #if (LINUX_VERSION_CODE >= KERNEL_VERSION(4, 9, 0))
603 cfg80211_scan_done(ndev_vif->scan[scan_id].scan_req, &info);
604 #else
605 cfg80211_scan_done(ndev_vif->scan[scan_id].scan_req, aborted);
606 #endif
607
608 ndev_vif->scan[scan_id].scan_req = NULL;
609 ndev_vif->scan[scan_id].requeue_timeout_work = false;
610 }
611
612 if (scan_id == SLSI_SCAN_SCHED_ID && scan_results_count > 0)
613 #if (LINUX_VERSION_CODE >= KERNEL_VERSION(4, 12, 0))
614 cfg80211_sched_scan_results(sdev->wiphy, ndev_vif->scan[scan_id].sched_req->reqid);
615 #else
616 cfg80211_sched_scan_results(sdev->wiphy);
617 #endif
618 SLSI_MUTEX_UNLOCK(ndev_vif->scan_result_mutex);
619 }
620
621 int slsi_set_2g_auto_channel(struct slsi_dev *sdev, struct netdev_vif *ndev_vif,
622 struct slsi_acs_selected_channels *acs_selected_channels,
623 struct slsi_acs_chan_info *ch_info)
624 {
625 int i = 0, j = 0, avg_load, total_num_ap, total_rssi, adjacent_rssi;
626 bool all_bss_load = true, none_bss_load = true;
627 int min_avg_chan_utilization = INT_MAX, min_adjacent_rssi = INT_MAX;
628 int ch_idx_min_load = 0, ch_idx_min_rssi = 0;
629 int min_avg_chan_utilization_20 = INT_MAX, min_adjacent_rssi_20 = INT_MAX;
630 int ch_idx_min_load_20 = 0, ch_idx_min_rssi_20 = 0;
631 int ret = 0;
632 /* BEGIN IKSAMP-8520 limit 2.4G ACS channels to 11 */
633 // int ch_list_len = MAX_24G_CHANNELS;
634 int ch_list_len = 11;
635 /* END IKSAMP-8520 */
636
637 acs_selected_channels->ch_width = ndev_vif->scan[SLSI_SCAN_HW_ID].acs_request->ch_width;
638 acs_selected_channels->hw_mode = ndev_vif->scan[SLSI_SCAN_HW_ID].acs_request->hw_mode;
639
640 SLSI_DBG3(sdev, SLSI_MLME, "ch_lis_len:%d\n", ch_list_len);
641 for (i = 0; i < ch_list_len; i++) {
642 if (!ch_info[i].chan)
643 continue;
644 adjacent_rssi = 0; /* Assuming ch_list is in sorted order. */
645 for (j = -2; j <= 2; j++)
646 if (i + j >= 0 && i + j < ch_list_len)
647 adjacent_rssi += ch_info[i + j].rssi_factor;
648 ch_info[i].adj_rssi_factor = adjacent_rssi;
649 if (ch_info[i].num_bss_load_ap != 0) {
650 ch_info[i].avg_chan_utilization = ch_info[i].total_chan_utilization /
651 ch_info[i].num_bss_load_ap;
652 if (ch_info[i].avg_chan_utilization < min_avg_chan_utilization_20) {
653 min_avg_chan_utilization_20 = ch_info[i].avg_chan_utilization;
654 ch_idx_min_load_20 = i;
655 } else if (ch_info[i].avg_chan_utilization == min_avg_chan_utilization_20 &&
656 ch_info[i].num_ap < ch_info[ch_idx_min_load_20].num_ap) {
657 ch_idx_min_load_20 = i;
658 }
659 none_bss_load = false;
660 } else {
661 SLSI_DBG3(sdev, SLSI_MLME, "BSS load IE not found\n");
662 all_bss_load = false;
663 }
664 if (adjacent_rssi < min_adjacent_rssi_20) {
665 min_adjacent_rssi_20 = adjacent_rssi;
666 ch_idx_min_rssi_20 = i;
667 } else if (adjacent_rssi == min_adjacent_rssi_20 &&
668 ch_info[i].num_ap < ch_info[ch_idx_min_rssi_20].num_ap) {
669 ch_idx_min_rssi_20 = i;
670 }
671 SLSI_DBG3(sdev, SLSI_MLME, "min rssi:%d min_rssi_idx:%d\n", min_adjacent_rssi_20, ch_idx_min_rssi_20);
672 SLSI_DBG3(sdev, SLSI_MLME, "num_ap:%d,chan:%d,total_util:%d,avg_util:%d,rssi_fac:%d,adj_rssi_fac:%d,"
673 "bss_ap:%d\n", ch_info[i].num_ap, ch_info[i].chan, ch_info[i].total_chan_utilization,
674 ch_info[i].avg_chan_utilization, ch_info[i].rssi_factor, ch_info[i].adj_rssi_factor,
675 ch_info[i].num_bss_load_ap);
676 }
677
678 if (acs_selected_channels->ch_width == 40) {
679 for (i = 0; i < ch_list_len; i++) {
680 if (i + 4 >= ch_list_len || !ch_info[i + 4].chan || !ch_info[i].chan)
681 continue;
682 avg_load = ch_info[i].avg_chan_utilization + ch_info[i + 4].avg_chan_utilization;
683 total_num_ap = ch_info[i].num_ap + ch_info[i + 4].num_ap;
684 total_rssi = ch_info[i].adj_rssi_factor + ch_info[i + 4].adj_rssi_factor;
685
686 if (avg_load < min_avg_chan_utilization) {
687 min_avg_chan_utilization = avg_load;
688 ch_idx_min_load = i;
689 } else if (avg_load == min_avg_chan_utilization &&
690 total_num_ap < ch_info[ch_idx_min_load].num_ap +
691 ch_info[ch_idx_min_load + 4].num_ap) {
692 ch_idx_min_load = i;
693 }
694 if (total_rssi < min_adjacent_rssi) {
695 min_adjacent_rssi = total_rssi;
696 ch_idx_min_rssi = i;
697 } else if (total_rssi == min_adjacent_rssi &&
698 total_num_ap < ch_info[ch_idx_min_rssi].num_ap +
699 ch_info[ch_idx_min_rssi + 4].num_ap) {
700 ch_idx_min_rssi = i;
701 }
702 }
703 if (all_bss_load) {
704 acs_selected_channels->pri_channel = ch_info[ch_idx_min_load].chan;
705 acs_selected_channels->sec_channel = ch_info[ch_idx_min_load].chan + 4;
706 } else {
707 acs_selected_channels->pri_channel = ch_info[ch_idx_min_rssi].chan;
708 acs_selected_channels->sec_channel = ch_info[ch_idx_min_rssi].chan + 4;
709 }
710
711 if (!acs_selected_channels->pri_channel)
712 acs_selected_channels->ch_width = 20;
713 }
714
715 if (acs_selected_channels->ch_width == 20) {
716 if (all_bss_load)
717 acs_selected_channels->pri_channel = ch_info[ch_idx_min_load_20].chan;
718 else
719 acs_selected_channels->pri_channel = ch_info[ch_idx_min_rssi_20].chan;
720 }
721 return ret;
722 }
723
724 int slsi_is_40mhz_5gchan(u8 pri_channel, u8 sec_channel)
725 {
726 int slsi_40mhz_chan[12] = {38, 46, 54, 62, 102, 110, 118, 126, 134, 142, 151, 159};
727 int i;
728
729 for (i = 0; i < 12; i++) {
730 if (pri_channel == slsi_40mhz_chan[i] - 2 && sec_channel == slsi_40mhz_chan[i] + 2)
731 return 1;
732 else if (pri_channel < slsi_40mhz_chan[i])
733 return 0;
734 }
735 return 0;
736 }
737
738 int slsi_is_80mhz_5gchan(u8 pri_channel, u8 last_channel)
739 {
740 int slsi_80mhz_chan[6] = {42, 58, 106, 122, 138, 155};
741 int i;
742
743 for (i = 0; i < 6; i++) {
744 if (pri_channel == slsi_80mhz_chan[i] - 6 && last_channel == slsi_80mhz_chan[i] + 6)
745 return 1;
746 else if (pri_channel < slsi_80mhz_chan[i])
747 return 0;
748 }
749 return 0;
750 }
751
752 int slsi_set_5g_auto_channel(struct slsi_dev *sdev, struct netdev_vif *ndev_vif,
753 struct slsi_acs_selected_channels *acs_selected_channels,
754 struct slsi_acs_chan_info *ch_info)
755 {
756 int i = 0, avg_load, total_num_ap;
757 bool all_bss_load = true, none_bss_load = true;
758 int min_num_ap = INT_MAX, min_avg_chan_utilization = INT_MAX;
759 int ch_idx_min_load = 0, ch_idx_min_ap = 0;
760 int min_avg_chan_utilization_20 = INT_MAX, min_num_ap_20 = INT_MAX;
761 int ch_idx_min_load_20 = 0, ch_idx_min_ap_20 = 0;
762 int ret = 0;
763 int ch_list_len = MAX_5G_CHANNELS;
764
765 acs_selected_channels->ch_width = ndev_vif->scan[SLSI_SCAN_HW_ID].acs_request->ch_width;
766 acs_selected_channels->hw_mode = ndev_vif->scan[SLSI_SCAN_HW_ID].acs_request->hw_mode;
767
768 SLSI_DBG3(sdev, SLSI_MLME, "ch_lis_len:%d\n", ch_list_len);
769 for (i = 0; i < ch_list_len; i++) {
770 if (!ch_info[i].chan)
771 continue;
772 if (ch_info[i].num_bss_load_ap != 0) {
773 ch_info[i].avg_chan_utilization = ch_info[i].total_chan_utilization /
774 ch_info[i].num_bss_load_ap;
775 if (ch_info[i].avg_chan_utilization < min_avg_chan_utilization_20) {
776 min_avg_chan_utilization_20 = ch_info[i].avg_chan_utilization;
777 ch_idx_min_load_20 = i;
778 } else if (ch_info[i].avg_chan_utilization == min_avg_chan_utilization_20 &&
779 ch_info[i].num_ap < ch_info[ch_idx_min_load_20].num_ap) {
780 ch_idx_min_load_20 = i;
781 }
782 none_bss_load = false;
783 } else {
784 if (ch_info[i].num_ap < min_num_ap_20) {
785 min_num_ap_20 = ch_info[i].num_ap;
786 ch_idx_min_ap_20 = i;
787 }
788 SLSI_DBG3(sdev, SLSI_MLME, "BSS load IE not found\n");
789 ch_info[i].avg_chan_utilization = 128;
790 all_bss_load = false;
791 }
792 SLSI_DBG3(sdev, SLSI_MLME, "num_ap:%d chan:%d, total_chan_util:%d, avg_chan_util:%d, bss_load_ap:%d\n",
793 ch_info[i].num_ap, ch_info[i].chan, ch_info[i].total_chan_utilization,
794 ch_info[i].avg_chan_utilization, ch_info[i].num_bss_load_ap);
795 }
796
797 if (acs_selected_channels->ch_width == 80) {
798 for (i = 0; i < ch_list_len; i++) {
799 if (i + 3 >= ch_list_len)
800 continue;
801 if (!ch_info[i].chan || !ch_info[i + 1].chan || !ch_info[i + 2].chan || !ch_info[i + 3].chan)
802 continue;
803 if (slsi_is_80mhz_5gchan(ch_info[i].chan, ch_info[i + 3].chan)) {
804 avg_load = ch_info[i].avg_chan_utilization + ch_info[i + 1].avg_chan_utilization +
805 ch_info[i + 2].avg_chan_utilization + ch_info[i + 3].avg_chan_utilization;
806 total_num_ap = ch_info[i].num_ap + ch_info[i + 1].num_ap + ch_info[i + 2].num_ap +
807 ch_info[i + 3].num_ap;
808 if (avg_load < min_avg_chan_utilization) {
809 min_avg_chan_utilization = avg_load;
810 ch_idx_min_load = i;
811 } else if (avg_load == min_avg_chan_utilization && total_num_ap <
812 (ch_info[ch_idx_min_load].num_ap + ch_info[ch_idx_min_load + 1].num_ap +
813 ch_info[ch_idx_min_load + 2].num_ap +
814 ch_info[ch_idx_min_load + 3].num_ap)) {
815 ch_idx_min_load = i;
816 }
817 if (total_num_ap < min_num_ap) {
818 min_num_ap = total_num_ap;
819 ch_idx_min_ap = i;
820 }
821 }
822 }
823 if (all_bss_load || min_avg_chan_utilization <= 512) {
824 acs_selected_channels->pri_channel = ch_info[ch_idx_min_load].chan;
825 acs_selected_channels->vht_seg0_center_ch = ch_info[ch_idx_min_load].chan + 6;
826 } else if (none_bss_load || min_avg_chan_utilization > 512) {
827 acs_selected_channels->pri_channel = ch_info[ch_idx_min_ap].chan;
828 acs_selected_channels->vht_seg0_center_ch = ch_info[ch_idx_min_ap].chan + 6;
829 }
830
831 if (!acs_selected_channels->pri_channel)
832 acs_selected_channels->ch_width = 40;
833 }
834
835 if (acs_selected_channels->ch_width == 40) {
836 for (i = 0; i < ch_list_len; i++) {
837 if (!ch_info[i].chan || i + 1 >= ch_list_len || !ch_info[i + 1].chan)
838 continue;
839 if (slsi_is_40mhz_5gchan(ch_info[i].chan, ch_info[i + 1].chan)) {
840 avg_load = ch_info[i].avg_chan_utilization + ch_info[i + 1].avg_chan_utilization;
841 total_num_ap = ch_info[i].num_ap + ch_info[i + 1].num_ap;
842 if (avg_load < min_avg_chan_utilization) {
843 min_avg_chan_utilization = avg_load;
844 ch_idx_min_load = i;
845 } else if (avg_load == min_avg_chan_utilization && total_num_ap <
846 ch_info[ch_idx_min_load].num_ap + ch_info[ch_idx_min_load + 1].num_ap) {
847 ch_idx_min_load = i;
848 }
849 if (total_num_ap < min_num_ap) {
850 min_num_ap = total_num_ap;
851 ch_idx_min_ap = i;
852 }
853 }
854 }
855 if (all_bss_load || min_avg_chan_utilization <= 256) {
856 acs_selected_channels->pri_channel = ch_info[ch_idx_min_load].chan;
857 acs_selected_channels->sec_channel = ch_info[ch_idx_min_load + 1].chan;
858 } else if (none_bss_load || min_avg_chan_utilization > 256) {
859 acs_selected_channels->pri_channel = ch_info[ch_idx_min_ap].chan;
860 acs_selected_channels->sec_channel = ch_info[ch_idx_min_ap + 1].chan;
861 }
862
863 if (!acs_selected_channels->pri_channel)
864 acs_selected_channels->ch_width = 20;
865 }
866
867 if (acs_selected_channels->ch_width == 20) {
868 if (all_bss_load || min_avg_chan_utilization_20 < 128)
869 acs_selected_channels->pri_channel = ch_info[ch_idx_min_load_20].chan;
870 else if (none_bss_load || min_avg_chan_utilization_20 >= 128)
871 acs_selected_channels->pri_channel = ch_info[ch_idx_min_ap_20].chan;
872 }
873 return ret;
874 }
875
876 int slsi_set_band_any_auto_channel(struct slsi_dev *sdev, struct netdev_vif *ndev_vif,
877 struct slsi_acs_selected_channels *acs_selected_channels,
878 struct slsi_acs_chan_info *ch_info)
879 {
880 struct slsi_acs_chan_info ch_info_2g[MAX_24G_CHANNELS];
881 struct slsi_acs_chan_info ch_info_5g[MAX_5G_CHANNELS];
882 struct slsi_acs_selected_channels acs_selected_channels_5g;
883 struct slsi_acs_selected_channels acs_selected_channels_2g;
884 int Best_channel_5g = -1;
885 int Best_channel_5g_num_ap = 0;
886 int Best_channel_2g = -1;
887 int Best_channel_2g_num_ap = 0;
888 int i, ret = 0;
889 int j = 0;
890
891 memset(&acs_selected_channels_5g, 0, sizeof(acs_selected_channels_5g));
892 memset(&acs_selected_channels_2g, 0, sizeof(acs_selected_channels_2g));
893 memset(&ch_info_5g, 0, sizeof(ch_info_5g));
894 memset(&ch_info_2g, 0, sizeof(ch_info_2g));
895
896 for(i = MAX_24G_CHANNELS; i < MAX_CHAN_VALUE_ACS; i++) {
897 ch_info_5g[j] = ch_info[i];
898 j++;
899 }
900 ret = slsi_set_5g_auto_channel(sdev, ndev_vif, &acs_selected_channels_5g, ch_info_5g);
901
902 if(ret == 0) {
903 Best_channel_5g = acs_selected_channels_5g.pri_channel;
904 for(i = 0; i < MAX_5G_CHANNELS; i++) {
905 if (ch_info_5g[i].chan == Best_channel_5g) {
906 Best_channel_5g_num_ap = ch_info_5g[i].num_ap;
907 break;
908 }
909 }
910 SLSI_DBG3(sdev, SLSI_MLME, "Best 5G channel = %d, num_ap = %d\n", Best_channel_5g,
911 Best_channel_5g_num_ap);
912
913 if (Best_channel_5g_num_ap < MAX_AP_THRESHOLD) {
914 *acs_selected_channels = acs_selected_channels_5g;
915 return ret;
916 }
917 }
918
919 SLSI_DBG3(sdev, SLSI_MLME, "5G AP threshold exceed, trying to select from 2G band\n");
920
921 for(i =0; i < MAX_24G_CHANNELS; i++) {
922 ch_info_2g[i] = ch_info[i];
923 }
924 ret = slsi_set_2g_auto_channel(sdev, ndev_vif, &acs_selected_channels_2g, ch_info_2g);
925
926 if(ret == 0) {
927 Best_channel_2g = acs_selected_channels_2g.pri_channel;
928 for(i =0; i < MAX_24G_CHANNELS; i++) {
929 if (ch_info_2g[i].chan == Best_channel_2g) {
930 Best_channel_2g_num_ap = ch_info_2g[i].num_ap;
931 break;
932 }
933 }
934 SLSI_DBG3(sdev, SLSI_MLME, "Best 2G channel = %d, num_ap = %d\n", Best_channel_2g,
935 Best_channel_2g_num_ap);
936 if (Best_channel_5g == -1) {
937 *acs_selected_channels = acs_selected_channels_2g;
938 return ret;
939 } else {
940 /* Based on min no of APs selecting channel from that band */
941 /* If no. of APs are equal, selecting the 5G channel */
942 if(Best_channel_5g_num_ap > Best_channel_2g_num_ap)
943 *acs_selected_channels = acs_selected_channels_2g;
944 else
945 *acs_selected_channels = acs_selected_channels_5g;
946 }
947 }
948 return ret;
949 }
950
951 int slsi_acs_get_rssi_factor(struct slsi_dev *sdev, int rssi, int ch_util)
952 {
953 int frac_pow_val[10] = {10, 12, 15, 19, 25, 31, 39, 50, 63, 79};
954 int res = 1;
955 int i;
956
957 if (rssi < 0)
958 rssi = 0 - rssi;
959 else
960 return INT_MAX;
961 for (i = 0; i < rssi / 10; i++)
962 res *= 10;
963 res = (10000000 * ch_util / res) / frac_pow_val[rssi % 10];
964
965 SLSI_DBG3(sdev, SLSI_MLME, "ch_util:%d\n", ch_util);
966 return res;
967 }
968
969 struct slsi_acs_chan_info *slsi_acs_scan_results(struct slsi_dev *sdev, struct netdev_vif *ndev_vif, u16 scan_id)
970 {
971 struct sk_buff *scan_res;
972 struct sk_buff *unique_scan;
973 struct sk_buff_head unique_scan_results;
974 struct slsi_acs_chan_info *ch_info = ndev_vif->scan[SLSI_SCAN_HW_ID].acs_request->acs_chan_info;
975
976 SLSI_DBG3(sdev, SLSI_MLME, "Received acs_results\n");
977 skb_queue_head_init(&unique_scan_results);
978 SLSI_MUTEX_LOCK(ndev_vif->scan_result_mutex);
979 scan_res = slsi_dequeue_cached_scan_result(&ndev_vif->scan[SLSI_SCAN_HW_ID], NULL);
980
981 while (scan_res) {
982 struct ieee80211_mgmt *mgmt = fapi_get_mgmt(scan_res);
983 size_t mgmt_len = fapi_get_mgmtlen(scan_res);
984 struct ieee80211_channel *scan_channel;
985 int idx = 0;
986 const u8 *ie_data;
987 const u8 *ie;
988 int ie_len;
989 int ch_util = 128;
990 /* ieee80211_mgmt structure is similar for Probe Response and Beacons */
991 size_t ies_len = mgmt_len - offsetof(struct ieee80211_mgmt, u.beacon.variable);
992 /* make sure this BSSID has not already been used */
993 skb_queue_walk(&unique_scan_results, unique_scan) {
994 struct ieee80211_mgmt *unique_mgmt = fapi_get_mgmt(unique_scan);
995
996 if (compare_ether_addr(mgmt->bssid, unique_mgmt->bssid) == 0)
997 goto next_scan;
998 }
999 slsi_skb_queue_head(&unique_scan_results, scan_res);
1000 scan_channel = slsi_find_scan_channel(sdev, mgmt, mgmt_len,
1001 fapi_get_u16(scan_res, u.mlme_scan_ind.channel_frequency) / 2);
1002 if (!scan_channel)
1003 goto next_scan;
1004 SLSI_DBG3(sdev, SLSI_MLME, "scan result (scan_id:%d, %pM, channel:%d, rssi:%d, ie_len = %zu)\n",
1005 fapi_get_u16(scan_res, u.mlme_scan_ind.scan_id),
1006 fapi_get_mgmt(scan_res)->bssid, scan_channel->hw_value,
1007 fapi_get_s16(scan_res, u.mlme_scan_ind.rssi),
1008 ies_len);
1009
1010 idx = slsi_find_chan_idx(scan_channel->hw_value, ndev_vif->scan[SLSI_SCAN_HW_ID].acs_request->hw_mode);
1011 SLSI_DBG3(sdev, SLSI_MLME, "chan_idx:%d chan_value: %d\n", idx, ch_info[idx].chan);
1012
1013 if ((idx < 0) || (idx == MAX_CHAN_VALUE_ACS)) {
1014 SLSI_DBG3(sdev, SLSI_MLME, "idx is not in range idx=%d\n", idx);
1015 goto next_scan;
1016 }
1017 if (ch_info[idx].chan) {
1018 ch_info[idx].num_ap += 1;
1019 ie = cfg80211_find_ie(WLAN_EID_QBSS_LOAD, mgmt->u.beacon.variable, ies_len);
1020 if (ie) {
1021 ie_len = ie[1];
1022 ie_data = &ie[2];
1023 if (ie_len >= 3) {
1024 ch_util = ie_data[2];
1025 ch_info[idx].num_bss_load_ap += 1;
1026 ch_info[idx].total_chan_utilization += ch_util;
1027 }
1028 }
1029 if (idx == scan_channel->hw_value - 1) { /*if 2.4GHZ channel */
1030 int res = 0;
1031
1032 res = slsi_acs_get_rssi_factor(sdev, fapi_get_s16(scan_res, u.mlme_scan_ind.rssi),
1033 ch_util);
1034 ch_info[idx].rssi_factor += res;
1035 SLSI_DBG3(sdev, SLSI_MLME, "ch_info[idx].rssi_factor:%d\n", ch_info[idx].rssi_factor);
1036 }
1037 } else {
1038 goto next_scan;
1039 }
1040 next_scan:
1041 scan_res = slsi_dequeue_cached_scan_result(&ndev_vif->scan[scan_id], NULL);
1042 }
1043 SLSI_MUTEX_UNLOCK(ndev_vif->scan_result_mutex);
1044 slsi_skb_queue_purge(&unique_scan_results);
1045 return ch_info;
1046 }
1047
1048 void slsi_acs_scan_complete(struct slsi_dev *sdev, struct netdev_vif *ndev_vif, u16 scan_id)
1049 {
1050 struct slsi_acs_selected_channels acs_selected_channels;
1051 struct slsi_acs_chan_info *ch_info;
1052 int r = 0;
1053
1054 memset(&acs_selected_channels, 0, sizeof(acs_selected_channels));
1055 ch_info = slsi_acs_scan_results(sdev, ndev_vif, scan_id);
1056 if (ndev_vif->scan[SLSI_SCAN_HW_ID].acs_request->hw_mode == SLSI_ACS_MODE_IEEE80211A)
1057 r = slsi_set_5g_auto_channel(sdev, ndev_vif, &acs_selected_channels, ch_info);
1058 else if (ndev_vif->scan[SLSI_SCAN_HW_ID].acs_request->hw_mode == SLSI_ACS_MODE_IEEE80211B ||
1059 ndev_vif->scan[SLSI_SCAN_HW_ID].acs_request->hw_mode == SLSI_ACS_MODE_IEEE80211G)
1060 r = slsi_set_2g_auto_channel(sdev, ndev_vif, &acs_selected_channels, ch_info);
1061 else if (ndev_vif->scan[SLSI_SCAN_HW_ID].acs_request->hw_mode == SLSI_ACS_MODE_IEEE80211ANY)
1062 r = slsi_set_band_any_auto_channel(sdev, ndev_vif, &acs_selected_channels, ch_info);
1063 else
1064 r = -EINVAL;
1065 if (!r) {
1066 r = slsi_send_acs_event(sdev, acs_selected_channels);
1067 if (r != 0)
1068 SLSI_ERR(sdev, "Could not send ACS vendor event up\n");
1069 } else {
1070 SLSI_ERR(sdev, "set_auto_channel failed: %d\n", r);
1071 }
1072 sdev->acs_channel_switched = true;
1073 kfree(ndev_vif->scan[SLSI_SCAN_HW_ID].acs_request);
1074 if (ndev_vif->scan[SLSI_SCAN_HW_ID].acs_request)
1075 ndev_vif->scan[SLSI_SCAN_HW_ID].acs_request = NULL;
1076 }
1077
1078 void slsi_rx_scan_done_ind(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb)
1079 {
1080 u16 scan_id = fapi_get_u16(skb, u.mlme_scan_done_ind.scan_id);
1081 struct netdev_vif *ndev_vif = netdev_priv(dev);
1082
1083 SLSI_MUTEX_LOCK(ndev_vif->vif_mutex);
1084 SLSI_MUTEX_LOCK(ndev_vif->scan_mutex);
1085 SLSI_NET_DBG3(dev, SLSI_GSCAN, "slsi_rx_scan_done_ind Received scan_id:%#x\n", scan_id);
1086
1087 #ifdef CONFIG_SCSC_WLAN_GSCAN_ENABLE
1088 if (slsi_is_gscan_id(scan_id)) {
1089 SLSI_NET_DBG3(dev, SLSI_GSCAN, "scan_id:%#x\n", scan_id);
1090
1091 slsi_gscan_handle_scan_result(sdev, dev, skb, scan_id, true);
1092
1093 SLSI_MUTEX_UNLOCK(ndev_vif->scan_mutex);
1094 SLSI_MUTEX_UNLOCK(ndev_vif->vif_mutex);
1095 return;
1096 }
1097 #endif
1098 scan_id = (scan_id & 0xFF);
1099
1100 if (scan_id == SLSI_SCAN_HW_ID && (ndev_vif->scan[SLSI_SCAN_HW_ID].scan_req ||
1101 ndev_vif->scan[SLSI_SCAN_HW_ID].acs_request))
1102 cancel_delayed_work(&ndev_vif->scan_timeout_work);
1103 if (ndev_vif->scan[SLSI_SCAN_HW_ID].acs_request)
1104 slsi_acs_scan_complete(sdev, ndev_vif, scan_id);
1105 else
1106 slsi_scan_complete(sdev, dev, scan_id, false);
1107
1108 SLSI_MUTEX_UNLOCK(ndev_vif->scan_mutex);
1109 SLSI_MUTEX_UNLOCK(ndev_vif->vif_mutex);
1110 slsi_kfree_skb(skb);
1111 }
1112
1113 void slsi_rx_channel_switched_ind(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb)
1114 {
1115 u16 freq = 0;
1116 int width;
1117 int primary_chan_pos;
1118 u16 temp_chan_info;
1119 struct cfg80211_chan_def chandef;
1120 u16 cf1 = 0;
1121 struct netdev_vif *ndev_vif = netdev_priv(dev);
1122
1123 temp_chan_info = fapi_get_u16(skb, u.mlme_channel_switched_ind.channel_information);
1124 cf1 = fapi_get_u16(skb, u.mlme_channel_switched_ind.channel_frequency);
1125 cf1 = cf1 / 2;
1126
1127 primary_chan_pos = (temp_chan_info >> 8);
1128 width = (temp_chan_info & 0x00FF);
1129
1130 /* If width is 80MHz/40MHz then do frequency calculation, else store as it is */
1131 if (width == 40)
1132 freq = cf1 + (primary_chan_pos * 20) - 10;
1133 else if (width == 80)
1134 freq = cf1 + (primary_chan_pos * 20) - 30;
1135 else
1136 freq = cf1;
1137
1138 if (width == 20)
1139 width = NL80211_CHAN_WIDTH_20;
1140 else if (width == 40)
1141 width = NL80211_CHAN_WIDTH_40;
1142 else if (width == 80)
1143 width = NL80211_CHAN_WIDTH_80;
1144 else if (width == 160)
1145 width = NL80211_CHAN_WIDTH_160;
1146
1147 chandef.chan = ieee80211_get_channel(sdev->wiphy, freq);
1148 chandef.width = width;
1149 chandef.center_freq1 = cf1;
1150 chandef.center_freq2 = 0;
1151
1152 ndev_vif->ap.channel_freq = freq; /* updated for GETSTAINFO */
1153 ndev_vif->chan = chandef.chan;
1154
1155 cfg80211_ch_switch_notify(dev, &chandef);
1156 slsi_kfree_skb(skb);
1157 }
1158
1159 void __slsi_rx_blockack_ind(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb)
1160 {
1161 struct netdev_vif *ndev_vif = netdev_priv(dev);
1162 struct slsi_peer *peer;
1163
1164 SLSI_NET_DBG1(dev, SLSI_MLME, "ma_blockack_ind(vif:%d, peer_qsta_address:%pM, parameter_set:%d, sequence_number:%d, reason_code:%d, direction:%d)\n",
1165 fapi_get_vif(skb),
1166 fapi_get_buff(skb, u.ma_blockack_ind.peer_qsta_address),
1167 fapi_get_u16(skb, u.ma_blockack_ind.blockack_parameter_set),
1168 fapi_get_u16(skb, u.ma_blockack_ind.sequence_number),
1169 fapi_get_u16(skb, u.ma_blockack_ind.reason_code),
1170 fapi_get_u16(skb, u.ma_blockack_ind.direction));
1171
1172 peer = slsi_get_peer_from_mac(sdev, dev, fapi_get_buff(skb, u.ma_blockack_ind.peer_qsta_address));
1173 WARN_ON(!peer);
1174
1175 if (peer) {
1176 /* Buffering of frames before the mlme_connected_ind */
1177 if ((ndev_vif->vif_type == FAPI_VIFTYPE_AP) && (peer->connected_state == SLSI_STA_CONN_STATE_CONNECTING)) {
1178 SLSI_DBG3(sdev, SLSI_MLME, "Buffering MA-BlockAck.Indication\n");
1179 slsi_skb_queue_tail(&peer->buffered_frames, skb);
1180 return;
1181 }
1182 slsi_handle_blockack(
1183 dev,
1184 peer,
1185 fapi_get_vif(skb),
1186 fapi_get_buff(skb, u.ma_blockack_ind.peer_qsta_address),
1187 fapi_get_u16(skb, u.ma_blockack_ind.blockack_parameter_set),
1188 fapi_get_u16(skb, u.ma_blockack_ind.sequence_number),
1189 fapi_get_u16(skb, u.ma_blockack_ind.reason_code),
1190 fapi_get_u16(skb, u.ma_blockack_ind.direction)
1191 );
1192 }
1193
1194 slsi_kfree_skb(skb);
1195 }
1196
1197 void slsi_rx_blockack_ind(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb)
1198 {
1199 struct netdev_vif *ndev_vif = netdev_priv(dev);
1200
1201 SLSI_MUTEX_LOCK(ndev_vif->vif_mutex);
1202 __slsi_rx_blockack_ind(sdev, dev, skb);
1203 SLSI_MUTEX_UNLOCK(ndev_vif->vif_mutex);
1204 }
1205
1206 static bool get_wmm_ie_from_resp_ie(struct slsi_dev *sdev, struct net_device *dev, u8 *resp_ie, size_t resp_ie_len, const u8 **wmm_elem, size_t *wmm_elem_len)
1207 {
1208 struct ieee80211_vendor_ie *ie;
1209
1210 SLSI_UNUSED_PARAMETER(sdev);
1211
1212 if (!resp_ie) {
1213 SLSI_NET_ERR(dev, "Received invalid pointer to the ie's of the association response\n");
1214 return false;
1215 }
1216
1217 *wmm_elem = resp_ie;
1218 while (*wmm_elem && (*wmm_elem - resp_ie < resp_ie_len)) {
1219 /* parse response ie elements and return the wmm ie */
1220 *wmm_elem = cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT, WLAN_OUI_TYPE_MICROSOFT_WMM, *wmm_elem,
1221 resp_ie_len - (*wmm_elem - resp_ie));
1222 /* re-assoc-res can contain wmm parameter IE and wmm TSPEC IE.
1223 * we want wmm parameter Element)
1224 */
1225 if (*wmm_elem && (*wmm_elem)[1] > 6 && (*wmm_elem)[6] == WMM_OUI_SUBTYPE_PARAMETER_ELEMENT)
1226 break;
1227 if (*wmm_elem)
1228 *wmm_elem += (*wmm_elem)[1];
1229 }
1230
1231 if (!(*wmm_elem)) {
1232 SLSI_NET_DBG2(dev, SLSI_MLME, "No WMM IE\n");
1233 return false;
1234 }
1235 ie = (struct ieee80211_vendor_ie *)*wmm_elem;
1236 *wmm_elem_len = ie->len + 2;
1237
1238 SLSI_NET_DBG3(dev, SLSI_MLME, "WMM IE received and parsed successfully\n");
1239 return true;
1240 }
1241
1242 static bool sta_wmm_update_uapsd(struct slsi_dev *sdev, struct net_device *dev, struct slsi_peer *peer, u8 *assoc_req_ie, size_t assoc_req_ie_len)
1243 {
1244 const u8 *wmm_information_ie;
1245
1246 if (!assoc_req_ie) {
1247 SLSI_NET_ERR(dev, "null reference to IE\n");
1248 return false;
1249 }
1250
1251 wmm_information_ie = cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT, WLAN_OUI_TYPE_MICROSOFT_WMM, assoc_req_ie, assoc_req_ie_len);
1252 if (!wmm_information_ie) {
1253 SLSI_NET_DBG1(dev, SLSI_MLME, "no WMM IE\n");
1254 return false;
1255 }
1256
1257 peer->uapsd = wmm_information_ie[8];
1258 SLSI_NET_DBG1(dev, SLSI_MLME, "peer->uapsd = 0x%x\n", peer->uapsd);
1259 return true;
1260 }
1261
1262 static bool sta_wmm_update_wmm_ac_ies(struct slsi_dev *sdev, struct net_device *dev, struct slsi_peer *peer,
1263 u8 *assoc_rsp_ie, size_t assoc_rsp_ie_len)
1264 {
1265 size_t left;
1266 const u8 *pos;
1267 const u8 *wmm_elem = NULL;
1268 size_t wmm_elem_len = 0;
1269 struct netdev_vif *ndev_vif = netdev_priv(dev);
1270 struct slsi_wmm_ac *wmm_ac = &ndev_vif->sta.wmm_ac[0];
1271
1272 if (!get_wmm_ie_from_resp_ie(sdev, dev, assoc_rsp_ie, assoc_rsp_ie_len, &wmm_elem, &wmm_elem_len)) {
1273 SLSI_NET_DBG1(dev, SLSI_MLME, "No WMM IE received\n");
1274 return false;
1275 }
1276
1277 if (wmm_elem_len < 10 || wmm_elem[7] /* version */ != 1) {
1278 SLSI_NET_WARN(dev, "Invalid WMM IE: wmm_elem_len=%lu, wmm_elem[7]=%d\n", (unsigned long int)wmm_elem_len, (int)wmm_elem[7]);
1279 return false;
1280 }
1281
1282 pos = wmm_elem + 10;
1283 left = wmm_elem_len - 10;
1284
1285 for (; left >= 4; left -= 4, pos += 4) {
1286 int aci = (pos[0] >> 5) & 0x03;
1287 int acm = (pos[0] >> 4) & 0x01;
1288
1289 memcpy(wmm_ac, pos, sizeof(struct slsi_wmm_ac));
1290
1291 switch (aci) {
1292 case 1: /* AC_BK */
1293 if (acm)
1294 peer->wmm_acm |= BIT(1) | BIT(2); /* BK/- */
1295 break;
1296 case 2: /* AC_VI */
1297 if (acm)
1298 peer->wmm_acm |= BIT(4) | BIT(5); /* CL/VI */
1299 break;
1300 case 3: /* AC_VO */
1301 if (acm)
1302 peer->wmm_acm |= BIT(6) | BIT(7); /* VO/NC */
1303 break;
1304 case 0: /* AC_BE */
1305 default:
1306 if (acm)
1307 peer->wmm_acm |= BIT(0) | BIT(3); /* BE/EE */
1308 break;
1309 }
1310 wmm_ac++;
1311 }
1312
1313 SLSI_NET_DBG3(dev, SLSI_MLME, "WMM ies have been updated successfully\n");
1314 return true;
1315 }
1316
1317 #ifdef CONFIG_SCSC_WLAN_KEY_MGMT_OFFLOAD
1318 enum slsi_wlan_vendor_attr_roam_auth {
1319 SLSI_WLAN_VENDOR_ATTR_ROAM_AUTH_INVALID = 0,
1320 SLSI_WLAN_VENDOR_ATTR_ROAM_AUTH_BSSID,
1321 SLSI_WLAN_VENDOR_ATTR_ROAM_AUTH_REQ_IE,
1322 SLSI_WLAN_VENDOR_ATTR_ROAM_AUTH_RESP_IE,
1323 SLSI_WLAN_VENDOR_ATTR_ROAM_AUTH_AUTHORIZED,
1324 SLSI_WLAN_VENDOR_ATTR_ROAM_AUTH_KEY_REPLAY_CTR,
1325 SLSI_WLAN_VENDOR_ATTR_ROAM_AUTH_PTK_KCK,
1326 SLSI_WLAN_VENDOR_ATTR_ROAM_AUTH_PTK_KEK,
1327 SLSI_WLAN_VENDOR_ATTR_ROAM_BEACON_IE,
1328 /* keep last */
1329 SLSI_WLAN_VENDOR_ATTR_ROAM_AUTH_AFTER_LAST,
1330 SLSI_WLAN_VENDOR_ATTR_ROAM_AUTH_MAX =
1331 SLSI_WLAN_VENDOR_ATTR_ROAM_AUTH_AFTER_LAST - 1
1332 };
1333
1334 int slsi_send_roam_vendor_event(struct slsi_dev *sdev, const u8 *bssid,
1335 const u8 *req_ie, u32 req_ie_len, const u8 *resp_ie, u32 resp_ie_len,
1336 const u8 *beacon_ie, u32 beacon_ie_len, bool authorized)
1337 {
1338 bool is_secured_bss;
1339 struct sk_buff *skb = NULL;
1340 u8 err = 0;
1341
1342 is_secured_bss = cfg80211_find_ie(WLAN_EID_RSN, req_ie, req_ie_len) ||
1343 cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT, WLAN_OUI_TYPE_MICROSOFT_WPA, req_ie, req_ie_len);
1344
1345 SLSI_DBG2(sdev, SLSI_MLME, "authorized:%d, is_secured_bss:%d\n", authorized, is_secured_bss);
1346
1347 #if (LINUX_VERSION_CODE >= KERNEL_VERSION(4, 1, 0))
1348 skb = cfg80211_vendor_event_alloc(sdev->wiphy, NULL, NLMSG_DEFAULT_SIZE,
1349 SLSI_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH, GFP_KERNEL);
1350 #else
1351 skb = cfg80211_vendor_event_alloc(sdev->wiphy, NLMSG_DEFAULT_SIZE,
1352 SLSI_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH, GFP_KERNEL);
1353 #endif
1354 if (!skb) {
1355 SLSI_ERR_NODEV("Failed to allocate skb for VENDOR Roam event\n");
1356 return -ENOMEM;
1357 }
1358
1359 err |= nla_put(skb, SLSI_WLAN_VENDOR_ATTR_ROAM_AUTH_BSSID, ETH_ALEN, bssid) ? BIT(1) : 0;
1360 err |= nla_put(skb, SLSI_WLAN_VENDOR_ATTR_ROAM_AUTH_AUTHORIZED, 1, &authorized) ? BIT(2) : 0;
1361 err |= (req_ie && nla_put(skb, SLSI_WLAN_VENDOR_ATTR_ROAM_AUTH_REQ_IE, req_ie_len, req_ie)) ? BIT(3) : 0;
1362 err |= (resp_ie && nla_put(skb, SLSI_WLAN_VENDOR_ATTR_ROAM_AUTH_RESP_IE, resp_ie_len, resp_ie)) ? BIT(4) : 0;
1363 err |= (beacon_ie && nla_put(skb, SLSI_WLAN_VENDOR_ATTR_ROAM_BEACON_IE, beacon_ie_len, beacon_ie)) ? BIT(5) : 0;
1364 if (err) {
1365 SLSI_ERR_NODEV("Failed nla_put ,req_ie_len=%d,resp_ie_len=%d,beacon_ie_len=%d,condition_failed=%d\n",
1366 req_ie_len, resp_ie_len, beacon_ie_len, err);
1367 slsi_kfree_skb(skb);
1368 return -EINVAL;
1369 }
1370 SLSI_DBG3_NODEV(SLSI_MLME, "Event: KEY_MGMT_ROAM_AUTH(%d)\n", SLSI_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH);
1371 cfg80211_vendor_event(skb, GFP_KERNEL);
1372 return 0;
1373 }
1374 #endif /* offload */
1375
1376 void slsi_rx_roamed_ind(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb)
1377 {
1378 struct netdev_vif *ndev_vif = netdev_priv(dev);
1379 struct ieee80211_mgmt *mgmt = fapi_get_mgmt(skb);
1380 struct slsi_peer *peer;
1381 u16 temporal_keys_required = fapi_get_u16(skb, u.mlme_roamed_ind.temporal_keys_required);
1382 #if (LINUX_VERSION_CODE >= KERNEL_VERSION(4, 1, 0))
1383 enum ieee80211_privacy bss_privacy;
1384 #endif
1385 #if (LINUX_VERSION_CODE >= KERNEL_VERSION(4, 12, 0))
1386 struct cfg80211_roam_info roam_info = {};
1387 #endif
1388
1389 SLSI_MUTEX_LOCK(ndev_vif->vif_mutex);
1390
1391 SLSI_NET_DBG1(dev, SLSI_MLME, "mlme_roamed_ind(vif:%d) Roaming to %pM\n",
1392 fapi_get_vif(skb),
1393 mgmt->bssid);
1394
1395 peer = slsi_get_peer_from_qs(sdev, dev, SLSI_STA_PEER_QUEUESET);
1396 if (WARN_ON(!peer))
1397 goto exit;
1398
1399 if (WARN_ON(!ndev_vif->sta.sta_bss))
1400 goto exit;
1401
1402 slsi_rx_ba_stop_all(dev, peer);
1403
1404 SLSI_ETHER_COPY(peer->address, mgmt->bssid);
1405
1406 if (ndev_vif->sta.mlme_scan_ind_skb) {
1407 /* saved skb [mlme_scan_ind] freed inside slsi_rx_scan_pass_to_cfg80211 */
1408 slsi_rx_scan_pass_to_cfg80211(sdev, dev, ndev_vif->sta.mlme_scan_ind_skb);
1409 ndev_vif->sta.mlme_scan_ind_skb = NULL;
1410 }
1411
1412 #if (LINUX_VERSION_CODE >= KERNEL_VERSION(4, 1, 0))
1413 if (ndev_vif->sta.sta_bss->capability & WLAN_CAPABILITY_PRIVACY)
1414 bss_privacy = IEEE80211_PRIVACY_ON;
1415 else
1416 bss_privacy = IEEE80211_PRIVACY_OFF;
1417 #endif
1418
1419 slsi_cfg80211_put_bss(sdev->wiphy, ndev_vif->sta.sta_bss);
1420
1421 #if (LINUX_VERSION_CODE >= KERNEL_VERSION(4, 1, 0))
1422 ndev_vif->sta.sta_bss = cfg80211_get_bss(sdev->wiphy, NULL, peer->address, NULL, 0,
1423 IEEE80211_BSS_TYPE_ANY, bss_privacy);
1424 #else
1425 ndev_vif->sta.sta_bss = cfg80211_get_bss(sdev->wiphy, NULL, peer->address, NULL, 0, 0, 0);
1426 #endif
1427
1428 if (!ndev_vif->sta.sta_bss || !ndev_vif->sta.roam_mlme_procedure_started_ind) {
1429 if (!ndev_vif->sta.sta_bss)
1430 SLSI_INFO(sdev, "BSS not updated in cfg80211\n");
1431 if (!ndev_vif->sta.roam_mlme_procedure_started_ind)
1432 SLSI_INFO(sdev, "procedure-started-ind not received before roamed-ind\n");
1433 netif_carrier_off(dev);
1434 slsi_mlme_disconnect(sdev, dev, peer->address, 0, true);
1435 slsi_handle_disconnect(sdev, dev, peer->address, 0, NULL, 0);
1436 } else {
1437 u8 *assoc_ie = NULL;
1438 int assoc_ie_len = 0;
1439 u8 *assoc_rsp_ie = NULL;
1440 int assoc_rsp_ie_len = 0;
1441
1442 slsi_peer_reset_stats(sdev, dev, peer);
1443 slsi_peer_update_assoc_req(sdev, dev, peer, ndev_vif->sta.roam_mlme_procedure_started_ind);
1444 slsi_peer_update_assoc_rsp(sdev, dev, peer, skb);
1445
1446 /* skb is consumed by slsi_peer_update_assoc_rsp. So do not access this anymore. */
1447 skb = NULL;
1448
1449 if (peer->assoc_ie) {
1450 assoc_ie = peer->assoc_ie->data;
1451 assoc_ie_len = peer->assoc_ie->len;
1452 }
1453
1454 if (peer->assoc_resp_ie) {
1455 assoc_rsp_ie = peer->assoc_resp_ie->data;
1456 assoc_rsp_ie_len = peer->assoc_resp_ie->len;
1457 }
1458
1459 /* this is the right place to initialize the bitmasks for
1460 * acm bit and tspec establishment
1461 */
1462 peer->wmm_acm = 0;
1463 peer->tspec_established = 0;
1464 peer->uapsd = 0;
1465
1466 /* update the uapsd bitmask according to the bit values
1467 * in wmm information element of association request
1468 */
1469 if (!sta_wmm_update_uapsd(sdev, dev, peer, assoc_ie, assoc_ie_len))
1470 SLSI_NET_DBG1(dev, SLSI_MLME, "Fail to update WMM uapsd\n");
1471
1472 /* update the acm bitmask according to the acm bit values that
1473 * are included in wmm ie element of association response
1474 */
1475 if (!sta_wmm_update_wmm_ac_ies(sdev, dev, peer, assoc_rsp_ie, assoc_rsp_ie_len))
1476 SLSI_NET_DBG1(dev, SLSI_MLME, "Fail to update WMM AC ies\n");
1477
1478 ndev_vif->sta.roam_mlme_procedure_started_ind = NULL;
1479
1480 if (temporal_keys_required) {
1481 peer->pairwise_key_set = 0;
1482 slsi_ps_port_control(sdev, dev, peer, SLSI_STA_CONN_STATE_DOING_KEY_CONFIG);
1483 }
1484
1485 WARN_ON(assoc_ie_len && !assoc_ie);
1486 WARN_ON(assoc_rsp_ie_len && !assoc_rsp_ie);
1487
1488 SLSI_NET_DBG3(dev, SLSI_MLME, "cfg80211_roamed()\n");
1489
1490 #if (LINUX_VERSION_CODE >= KERNEL_VERSION(4, 12, 0))
1491 /* cfg80211 does not require bss pointer in roam_info.
1492 * If bss pointer is given in roam_info, cfg80211 bss
1493 * data base goes bad and results in random panic.
1494 */
1495 roam_info.channel = ndev_vif->sta.sta_bss->channel;
1496 roam_info.bssid = peer->address;
1497 roam_info.req_ie = assoc_ie;
1498 roam_info.req_ie_len = assoc_ie_len;
1499 roam_info.resp_ie = assoc_rsp_ie;
1500 roam_info.resp_ie_len = assoc_rsp_ie_len;
1501 cfg80211_roamed(dev, &roam_info, GFP_KERNEL);
1502 #else
1503 cfg80211_roamed(dev,
1504 ndev_vif->sta.sta_bss->channel,
1505 peer->address,
1506 assoc_ie,
1507 assoc_ie_len,
1508 assoc_rsp_ie,
1509 assoc_rsp_ie_len,
1510 GFP_KERNEL);
1511 #endif
1512 #ifdef CONFIG_SCSC_WLAN_KEY_MGMT_OFFLOAD
1513 if (slsi_send_roam_vendor_event(sdev, peer->address, assoc_ie, assoc_ie_len,
1514 assoc_rsp_ie, assoc_rsp_ie_len,
1515 ndev_vif->sta.sta_bss->ies->data, ndev_vif->sta.sta_bss->ies->len,
1516 !temporal_keys_required) != 0) {
1517 SLSI_NET_ERR(dev, "Could not send Roam vendor event up");
1518 }
1519 #endif
1520 SLSI_NET_DBG3(dev, SLSI_MLME, "cfg80211_roamed() Done\n");
1521
1522 ndev_vif->sta.roam_in_progress = false;
1523 ndev_vif->chan = ndev_vif->sta.sta_bss->channel;
1524 #if !defined SLSI_TEST_DEV && defined CONFIG_ANDROID
1525 SLSI_NET_DBG1(dev, SLSI_MLME, "Taking a wakelock for DHCP to finish after roaming\n");
1526 wake_lock_timeout(&sdev->wlan_wl_roam, msecs_to_jiffies(10 * 1000));
1527 #ifdef CONFIG_SCSC_WIFILOGGER
1528 SCSC_WLOG_WAKELOCK(WLOG_NORMAL, WL_TAKEN, "wlan_wl_roam", WL_REASON_ROAM);
1529 #endif
1530 #endif
1531
1532 if (!temporal_keys_required) {
1533 slsi_mlme_roamed_resp(sdev, dev);
1534 cac_update_roam_traffic_params(sdev, dev);
1535 } else {
1536 ndev_vif->sta.resp_id = MLME_ROAMED_RES;
1537 }
1538 }
1539
1540 exit:
1541 SLSI_MUTEX_UNLOCK(ndev_vif->vif_mutex);
1542 slsi_kfree_skb(skb);
1543 }
1544
1545 void slsi_rx_roam_ind(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb)
1546 {
1547 struct netdev_vif *ndev_vif = netdev_priv(dev);
1548 enum ieee80211_statuscode status = WLAN_STATUS_SUCCESS;
1549
1550 SLSI_UNUSED_PARAMETER(sdev);
1551
1552 SLSI_NET_DBG1(dev, SLSI_MLME, "mlme_roam_ind(vif:%d, aid:0, result:0x%04x )\n",
1553 fapi_get_vif(skb),
1554 fapi_get_u16(skb, u.mlme_roam_ind.result_code));
1555
1556 SLSI_MUTEX_LOCK(ndev_vif->vif_mutex);
1557
1558 if (!ndev_vif->activated) {
1559 SLSI_NET_DBG1(dev, SLSI_MLME, "VIF not activated\n");
1560 goto exit_with_lock;
1561 }
1562
1563 if (WARN(ndev_vif->vif_type != FAPI_VIFTYPE_STATION, "Not a Station VIF\n"))
1564 goto exit_with_lock;
1565
1566 if (fapi_get_u16(skb, u.mlme_roam_ind.result_code) != FAPI_RESULTCODE_HOST_REQUEST_SUCCESS)
1567 status = WLAN_STATUS_UNSPECIFIED_FAILURE;
1568
1569 exit_with_lock:
1570 SLSI_MUTEX_UNLOCK(ndev_vif->vif_mutex);
1571 slsi_kfree_skb(skb);
1572 }
1573
1574 static void slsi_tdls_event_discovered(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb)
1575 {
1576 struct netdev_vif *ndev_vif = netdev_priv(dev);
1577 u16 tdls_event = fapi_get_u16(skb, u.mlme_tdls_peer_ind.tdls_event);
1578 u16 peer_index = fapi_get_u16(skb, u.mlme_tdls_peer_ind.peer_index);
1579 struct ieee80211_mgmt *mgmt = fapi_get_mgmt(skb);
1580 int len = fapi_get_mgmtlen(skb);
1581
1582 SLSI_MUTEX_LOCK(ndev_vif->vif_mutex);
1583
1584 SLSI_INFO(sdev, "\n");
1585
1586 if (len != 0) {
1587 #if (LINUX_VERSION_CODE >= KERNEL_VERSION(3, 10, 9))
1588 cfg80211_rx_mgmt(&ndev_vif->wdev, ndev_vif->chan->center_freq, 0, (const u8 *)mgmt, len, GFP_ATOMIC);
1589 #else
1590 cfg80211_rx_mgmt(dev, ndev_vif->chan->center_freq, 0, (const u8 *)mgmt, len, GFP_ATOMIC);
1591 #endif
1592 /* Handling MLME-TDLS-PEER.response */
1593 slsi_mlme_tdls_peer_resp(sdev, dev, peer_index, tdls_event);
1594 }
1595
1596 SLSI_MUTEX_UNLOCK(ndev_vif->vif_mutex);
1597
1598 slsi_kfree_skb(skb);
1599 }
1600
1601 static void slsi_tdls_event_connected(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb)
1602 {
1603 struct slsi_peer *peer = NULL;
1604 struct netdev_vif *ndev_vif = netdev_priv(dev);
1605 u16 peer_index = fapi_get_u16(skb, u.mlme_tdls_peer_ind.peer_index);
1606 u16 tdls_event = fapi_get_u16(skb, u.mlme_tdls_peer_ind.tdls_event);
1607
1608 SLSI_MUTEX_LOCK(ndev_vif->vif_mutex);
1609
1610 ndev_vif->sta.tdls_enabled = true;
1611
1612 SLSI_INFO(sdev, "(vif:%d, peer_index:%d mac[%pM])\n",
1613 fapi_get_vif(skb), peer_index, fapi_get_buff(skb, u.mlme_tdls_peer_ind.peer_sta_address));
1614
1615 if (!ndev_vif->activated) {
1616 SLSI_NET_DBG1(dev, SLSI_MLME, "VIF not activated\n");
1617 goto exit_with_lock;
1618 }
1619
1620 if (WARN(ndev_vif->vif_type != FAPI_VIFTYPE_STATION, "STA VIF"))
1621 goto exit_with_lock;
1622
1623 if (peer_index < SLSI_TDLS_PEER_INDEX_MIN || peer_index > SLSI_TDLS_PEER_INDEX_MAX) {
1624 SLSI_NET_ERR(dev, "Received incorrect peer_index: %d\n", peer_index);
1625 goto exit_with_lock;
1626 }
1627
1628 slsi_spinlock_lock(&ndev_vif->peer_lock);
1629 /* Check for MAX client */
1630 if ((ndev_vif->sta.tdls_peer_sta_records) + 1 > SLSI_TDLS_PEER_CONNECTIONS_MAX) {
1631 SLSI_NET_ERR(dev, "MAX TDLS peer limit reached. Ignore ind for peer_index:%d\n", peer_index);
1632 slsi_spinlock_unlock(&ndev_vif->peer_lock);
1633 goto exit_with_lock;
1634 }
1635
1636 peer = slsi_peer_add(sdev, dev, fapi_get_buff(skb, u.mlme_tdls_peer_ind.peer_sta_address), peer_index);
1637
1638 if (!peer) {
1639 SLSI_NET_ERR(dev, "Peer NOT Created\n");
1640 slsi_spinlock_unlock(&ndev_vif->peer_lock);
1641 goto exit_with_lock;
1642 }
1643
1644 /* QoS is mandatory for TDLS - enable QoS for TDLS peer by default */
1645 peer->qos_enabled = true;
1646
1647 slsi_ps_port_control(sdev, dev, peer, SLSI_STA_CONN_STATE_CONNECTED);
1648
1649 /* Move TDLS packets from STA_Q to TDLS_Q */
1650 slsi_tdls_move_packets(sdev, dev, ndev_vif->peer_sta_record[SLSI_STA_PEER_QUEUESET], peer, true);
1651 slsi_spinlock_unlock(&ndev_vif->peer_lock);
1652
1653 /* Handling MLME-TDLS-PEER.response */
1654 slsi_mlme_tdls_peer_resp(sdev, dev, peer_index, tdls_event);
1655
1656 exit_with_lock:
1657 SLSI_MUTEX_UNLOCK(ndev_vif->vif_mutex);
1658 slsi_kfree_skb(skb);
1659 }
1660
1661 static void slsi_tdls_event_disconnected(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb)
1662 {
1663 struct slsi_peer *peer = NULL;
1664 struct netdev_vif *ndev_vif = netdev_priv(dev);
1665 u16 pid = fapi_get_u16(skb, u.mlme_tdls_peer_ind.peer_index);
1666 u16 tdls_event = fapi_get_u16(skb, u.mlme_tdls_peer_ind.tdls_event);
1667
1668 SLSI_MUTEX_LOCK(ndev_vif->vif_mutex);
1669
1670 if (WARN_ON(!dev))
1671 goto exit;
1672
1673 SLSI_INFO(sdev, "(vif:%d, MAC:%pM)\n", ndev_vif->ifnum,
1674 fapi_get_buff(skb, u.mlme_tdls_peer_ind.peer_sta_address));
1675
1676 if (!ndev_vif->activated) {
1677 SLSI_NET_DBG1(dev, SLSI_MLME, "VIF not activated\n");
1678 goto exit;
1679 }
1680
1681 slsi_spinlock_lock(&ndev_vif->peer_lock);
1682 peer = slsi_get_peer_from_mac(sdev, dev, fapi_get_buff(skb, u.mlme_tdls_peer_ind.peer_sta_address));
1683
1684 if (!peer || (peer->aid == 0)) {
1685 WARN_ON(!peer || (peer->aid == 0));
1686 SLSI_NET_DBG1(dev, SLSI_MLME, "peer NOT found by MAC address\n");
1687 slsi_spinlock_unlock(&ndev_vif->peer_lock);
1688 goto exit;
1689 }
1690
1691 slsi_ps_port_control(sdev, dev, peer, SLSI_STA_CONN_STATE_DISCONNECTED);
1692
1693 /* Move TDLS packets from TDLS_Q to STA_Q */
1694 slsi_tdls_move_packets(sdev, dev, ndev_vif->peer_sta_record[SLSI_STA_PEER_QUEUESET], peer, false);
1695
1696 slsi_peer_remove(sdev, dev, peer);
1697 slsi_spinlock_unlock(&ndev_vif->peer_lock);
1698
1699 slsi_mlme_tdls_peer_resp(sdev, dev, pid, tdls_event);
1700 exit:
1701 SLSI_MUTEX_UNLOCK(ndev_vif->vif_mutex);
1702 slsi_kfree_skb(skb);
1703 }
1704
1705 /* Handling for MLME-TDLS-PEER.indication
1706 */
1707 void slsi_tdls_peer_ind(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb)
1708 {
1709 u16 tdls_event = fapi_get_u16(skb, u.mlme_tdls_peer_ind.tdls_event);
1710
1711 SLSI_NET_DBG1(dev, SLSI_MLME, "mlme_tdls_peer_ind tdls_event: %d\n", tdls_event);
1712
1713 switch (tdls_event) {
1714 case FAPI_TDLSEVENT_CONNECTED:
1715 slsi_tdls_event_connected(sdev, dev, skb);
1716 break;
1717 case FAPI_TDLSEVENT_DISCONNECTED:
1718 slsi_tdls_event_disconnected(sdev, dev, skb);
1719 break;
1720 case FAPI_TDLSEVENT_DISCOVERED:
1721 slsi_tdls_event_discovered(sdev, dev, skb);
1722 break;
1723 default:
1724 WARN_ON((tdls_event == 0) || (tdls_event > 4));
1725 slsi_kfree_skb(skb);
1726 break;
1727 }
1728 }
1729
1730 /* Retrieve any buffered frame before connected_ind and pass them up. */
1731 void slsi_rx_buffered_frames(struct slsi_dev *sdev, struct net_device *dev, struct slsi_peer *peer)
1732 {
1733 struct netdev_vif *ndev_vif = netdev_priv(dev);
1734 struct sk_buff *buff_frame = NULL;
1735
1736 WARN_ON(!SLSI_MUTEX_IS_LOCKED(ndev_vif->vif_mutex));
1737 if (WARN(!peer, "Peer is NULL"))
1738 return;
1739 WARN(peer->connected_state == SLSI_STA_CONN_STATE_CONNECTING, "Wrong state");
1740
1741 SLSI_NET_DBG2(dev, SLSI_MLME, "Processing buffered RX frames received before mlme_connected_ind for (vif:%d, aid:%d)\n",
1742 ndev_vif->ifnum, peer->aid);
1743 buff_frame = slsi_skb_dequeue(&peer->buffered_frames);
1744 while (buff_frame) {
1745 slsi_debug_frame(sdev, dev, buff_frame, "RX_BUFFERED");
1746 switch (fapi_get_sigid(buff_frame)) {
1747 case MA_BLOCKACK_IND:
1748 SLSI_NET_DBG2(dev, SLSI_MLME, "Transferring buffered MA_BLOCKACK_IND frame");
1749 __slsi_rx_blockack_ind(sdev, dev, buff_frame);
1750 break;
1751 default:
1752 SLSI_NET_WARN(dev, "Unexpected Data: 0x%.4x\n", fapi_get_sigid(buff_frame));
1753 slsi_kfree_skb(buff_frame);
1754 break;
1755 }
1756 buff_frame = slsi_skb_dequeue(&peer->buffered_frames);
1757 }
1758 }
1759
1760 #ifdef CONFIG_SCSC_WLAN_SAE_CONFIG
1761 void slsi_rx_synchronised_ind(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb)
1762 {
1763 struct netdev_vif *ndev_vif = netdev_priv(dev);
1764 const u8 *connecting_ssid = NULL;
1765 struct cfg80211_external_auth_params auth_request;
1766 int r;
1767
1768 SLSI_MUTEX_LOCK(ndev_vif->vif_mutex);
1769 SLSI_NET_DBG1(dev, SLSI_MLME, "Received slsi_rx_synchronised_ind\n");
1770 if (ndev_vif->sta.sta_bss->ies->len)
1771 connecting_ssid = cfg80211_find_ie(WLAN_EID_SSID, ndev_vif->sta.sta_bss->ies->data,
1772 ndev_vif->sta.sta_bss->ies->len);
1773
1774 auth_request.action = NL80211_EXTERNAL_AUTH_START;
1775 memcpy(auth_request.bssid, ndev_vif->sta.sta_bss->bssid, ETH_ALEN);
1776 if (connecting_ssid && (connecting_ssid[1] > 0)) {
1777 memcpy(auth_request.ssid.ssid, &connecting_ssid[2], connecting_ssid[1]);
1778 auth_request.ssid.ssid_len = connecting_ssid[1];
1779 }
1780 auth_request.key_mgmt_suite = ndev_vif->sta.crypto.akm_suites[0];
1781 r = cfg80211_external_auth_request(dev, &auth_request, GFP_KERNEL);
1782 if (r)
1783 SLSI_NET_DBG1(dev, SLSI_MLME, "cfg80211_external_auth_request failed");
1784 SLSI_MUTEX_UNLOCK(ndev_vif->vif_mutex);
1785 }
1786 #endif
1787
1788 void slsi_rx_connected_ind(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb)
1789 {
1790 struct netdev_vif *ndev_vif = netdev_priv(dev);
1791 struct slsi_peer *peer = NULL;
1792 u16 aid = fapi_get_u16(skb, u.mlme_connected_ind.association_identifier);
1793
1794 /* For AP mode, peer_index value is equivalent to aid(association_index) value */
1795
1796 SLSI_MUTEX_LOCK(ndev_vif->vif_mutex);
1797
1798 SLSI_NET_DBG1(dev, SLSI_MLME, "mlme_connected_ind(vif:%d, peer_index:%d)\n",
1799 fapi_get_vif(skb),
1800 aid);
1801 SLSI_INFO(sdev, "Received Association Response\n");
1802
1803 if (!ndev_vif->activated) {
1804 SLSI_NET_DBG1(dev, SLSI_MLME, "VIF not activated\n");
1805 goto exit_with_lock;
1806 }
1807
1808 if (WARN(ndev_vif->vif_type == FAPI_VIFTYPE_STATION, "STA VIF and Not Roaming"))
1809 goto exit_with_lock;
1810
1811 switch (ndev_vif->vif_type) {
1812 case FAPI_VIFTYPE_AP:
1813 {
1814 if (aid < SLSI_PEER_INDEX_MIN || aid > SLSI_PEER_INDEX_MAX) {
1815 SLSI_NET_ERR(dev, "Received incorrect peer_index: %d\n", aid);
1816 goto exit_with_lock;
1817 }
1818
1819 peer = slsi_get_peer_from_qs(sdev, dev, aid - 1);
1820 if (!peer) {
1821 SLSI_NET_ERR(dev, "Peer (aid:%d) Not Found - Disconnect peer\n", aid);
1822 goto exit_with_lock;
1823 }
1824
1825 cfg80211_new_sta(dev, peer->address, &peer->sinfo, GFP_KERNEL);
1826
1827 if (ndev_vif->ap.privacy) {
1828 peer->connected_state = SLSI_STA_CONN_STATE_DOING_KEY_CONFIG;
1829 slsi_ps_port_control(sdev, dev, peer, SLSI_STA_CONN_STATE_DOING_KEY_CONFIG);
1830 } else {
1831 peer->connected_state = SLSI_STA_CONN_STATE_CONNECTED;
1832 slsi_mlme_connected_resp(sdev, dev, aid);
1833 slsi_ps_port_control(sdev, dev, peer, SLSI_STA_CONN_STATE_CONNECTED);
1834 }
1835 slsi_rx_buffered_frames(sdev, dev, peer);
1836 break;
1837 }
1838
1839 default:
1840 SLSI_NET_WARN(dev, "mlme_connected_ind(vif:%d, unexpected vif type:%d)\n", fapi_get_vif(skb), ndev_vif->vif_type);
1841 break;
1842 }
1843 exit_with_lock:
1844 SLSI_MUTEX_UNLOCK(ndev_vif->vif_mutex);
1845 slsi_kfree_skb(skb);
1846 }
1847
1848 void slsi_rx_reassoc_ind(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb)
1849 {
1850 struct netdev_vif *ndev_vif = netdev_priv(dev);
1851 enum ieee80211_statuscode status = WLAN_STATUS_SUCCESS;
1852 struct slsi_peer *peer = NULL;
1853 u8 *assoc_ie = NULL;
1854 int assoc_ie_len = 0;
1855 u8 *reassoc_rsp_ie = NULL;
1856 int reassoc_rsp_ie_len = 0;
1857
1858 SLSI_NET_DBG1(dev, SLSI_MLME, "mlme_reassoc_ind(vif:%d, result:0x%04x)\n",
1859 fapi_get_vif(skb),
1860 fapi_get_u16(skb, u.mlme_reassociate_ind.result_code));
1861
1862 SLSI_MUTEX_LOCK(ndev_vif->vif_mutex);
1863
1864 if (!ndev_vif->activated) {
1865 SLSI_NET_DBG1(dev, SLSI_MLME, "VIF not activated\n");
1866 goto exit_with_lock;
1867 }
1868
1869 if (WARN(ndev_vif->vif_type != FAPI_VIFTYPE_STATION, "Not a Station VIF\n"))
1870 goto exit_with_lock;
1871
1872 peer = slsi_get_peer_from_qs(sdev, dev, 0);
1873 if (WARN_ON(!peer)) {
1874 SLSI_NET_ERR(dev, "PEER Not found\n");
1875 goto exit_with_lock;
1876 }
1877
1878 if (fapi_get_u16(skb, u.mlme_reassociate_ind.result_code) != FAPI_RESULTCODE_SUCCESS) {
1879 status = WLAN_STATUS_UNSPECIFIED_FAILURE;
1880 slsi_rx_ba_stop_all(dev, peer);
1881 } else {
1882 peer->pairwise_key_set = 0;
1883
1884 if (peer->assoc_ie) {
1885 assoc_ie = peer->assoc_ie->data;
1886 assoc_ie_len = peer->assoc_ie->len;
1887 WARN_ON(assoc_ie_len && !assoc_ie);
1888 }
1889
1890 slsi_peer_reset_stats(sdev, dev, peer);
1891
1892 peer->sinfo.assoc_req_ies = assoc_ie;
1893 peer->sinfo.assoc_req_ies_len = assoc_ie_len;
1894 #if (LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0))
1895 peer->sinfo.filled |= STATION_INFO_ASSOC_REQ_IES;
1896 #endif
1897 slsi_peer_update_assoc_rsp(sdev, dev, peer, skb);
1898 /* skb is consumed by slsi_peer_update_assoc_rsp. So do not access this anymore. */
1899 skb = NULL;
1900 if (peer->assoc_resp_ie) {
1901 reassoc_rsp_ie = peer->assoc_resp_ie->data;
1902 reassoc_rsp_ie_len = peer->assoc_resp_ie->len;
1903 WARN_ON(reassoc_rsp_ie_len && !reassoc_rsp_ie);
1904 }
1905
1906 /* update the uapsd bitmask according to the bit values
1907 * in wmm information element of association request
1908 */
1909 if (!sta_wmm_update_uapsd(sdev, dev, peer, assoc_ie, assoc_ie_len))
1910 SLSI_NET_DBG1(dev, SLSI_MLME, "Fail to update WMM uapsd\n");
1911
1912 /* update the acm bitmask according to the acm bit values that
1913 * are included in wmm ie elements of re-association response
1914 */
1915 if (!sta_wmm_update_wmm_ac_ies(sdev, dev, peer, reassoc_rsp_ie, reassoc_rsp_ie_len))
1916 SLSI_NET_DBG1(dev, SLSI_MLME, "Fail to update WMM AC ies\n");
1917 }
1918
1919 /* cfg80211_connect_result will take a copy of any ASSOC or (RE)ASSOC RSP IEs passed to it */
1920 cfg80211_connect_result(dev,
1921 peer->address,
1922 assoc_ie, assoc_ie_len,
1923 reassoc_rsp_ie, reassoc_rsp_ie_len,
1924 status,
1925 GFP_KERNEL);
1926
1927 if (status == WLAN_STATUS_SUCCESS) {
1928 ndev_vif->sta.vif_status = SLSI_VIF_STATUS_CONNECTED;
1929
1930 /* For Open & WEP AP,send reassoc response.
1931 * For secured AP, all this would be done after handshake
1932 */
1933 if ((peer->capabilities & WLAN_CAPABILITY_PRIVACY) &&
1934 (cfg80211_find_ie(WLAN_EID_RSN, assoc_ie, assoc_ie_len) ||
1935 cfg80211_find_ie(SLSI_WLAN_EID_WAPI, assoc_ie, assoc_ie_len) ||
1936 cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT, WLAN_OUI_TYPE_MICROSOFT_WPA, assoc_ie, assoc_ie_len))) {
1937 /*secured AP*/
1938 ndev_vif->sta.resp_id = MLME_REASSOCIATE_RES;
1939 slsi_ps_port_control(sdev, dev, peer, SLSI_STA_CONN_STATE_DOING_KEY_CONFIG);
1940 peer->connected_state = SLSI_STA_CONN_STATE_DOING_KEY_CONFIG;
1941 } else {
1942 /*Open/WEP AP*/
1943 slsi_mlme_reassociate_resp(sdev, dev);
1944 slsi_ps_port_control(sdev, dev, peer, SLSI_STA_CONN_STATE_CONNECTED);
1945 peer->connected_state = SLSI_STA_CONN_STATE_CONNECTED;
1946 }
1947 } else {
1948 netif_carrier_off(dev);
1949 slsi_mlme_del_vif(sdev, dev);
1950 slsi_vif_deactivated(sdev, dev);
1951 }
1952
1953 exit_with_lock:
1954 SLSI_MUTEX_UNLOCK(ndev_vif->vif_mutex);
1955 slsi_kfree_skb(skb);
1956 }
1957
1958 void slsi_rx_connect_ind(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb)
1959 {
1960 struct netdev_vif *ndev_vif = netdev_priv(dev);
1961 enum ieee80211_statuscode status = WLAN_STATUS_SUCCESS;
1962 struct slsi_peer *peer = NULL;
1963 u8 *assoc_ie = NULL;
1964 int assoc_ie_len = 0;
1965 u8 *assoc_rsp_ie = NULL;
1966 int assoc_rsp_ie_len = 0;
1967 u8 bssid[ETH_ALEN];
1968 u16 fw_result_code;
1969
1970 SLSI_MUTEX_LOCK(ndev_vif->vif_mutex);
1971
1972 fw_result_code = fapi_get_u16(skb, u.mlme_connect_ind.result_code);
1973
1974 SLSI_NET_DBG1(dev, SLSI_MLME, "mlme_connect_ind(vif:%d, result:0x%04x)\n",
1975 fapi_get_vif(skb), fw_result_code);
1976
1977 if (!ndev_vif->activated) {
1978 SLSI_NET_DBG1(dev, SLSI_MLME, "VIF not activated\n");
1979 goto exit_with_lock;
1980 }
1981
1982 if (WARN(ndev_vif->vif_type != FAPI_VIFTYPE_STATION, "Not a Station VIF\n"))
1983 goto exit_with_lock;
1984
1985 if (ndev_vif->sta.vif_status != SLSI_VIF_STATUS_CONNECTING) {
1986 SLSI_NET_DBG1(dev, SLSI_MLME, "VIF not connecting\n");
1987 goto exit_with_lock;
1988 }
1989
1990 peer = slsi_get_peer_from_qs(sdev, dev, SLSI_STA_PEER_QUEUESET);
1991 if (peer) {
1992 SLSI_ETHER_COPY(bssid, peer->address);
1993 } else {
1994 SLSI_NET_ERR(dev, "!!NO peer record for AP\n");
1995 eth_zero_addr(bssid);
1996 }
1997 sdev->assoc_result_code = fw_result_code;
1998 if (fw_result_code != FAPI_RESULTCODE_SUCCESS) {
1999 if (fw_result_code == FAPI_RESULTCODE_AUTH_NO_ACK) {
2000 SLSI_INFO(sdev, "Connect failed,Result code:AUTH_NO_ACK\n");
2001 } else if (fw_result_code == FAPI_RESULTCODE_ASSOC_NO_ACK) {
2002 SLSI_INFO(sdev, "Connect failed,Result code:ASSOC_NO_ACK\n");
2003 } else if (fw_result_code >= 0x8100 && fw_result_code <= 0x81FF) {
2004 fw_result_code = fw_result_code & 0x00FF;
2005 SLSI_INFO(sdev, "Connect failed(Auth failure), Result code:0x%04x\n", fw_result_code);
2006 } else if (fw_result_code >= 0x8200 && fw_result_code <= 0x82FF) {
2007 fw_result_code = fw_result_code & 0x00FF;
2008 SLSI_INFO(sdev, "Connect failed(Assoc Failure), Result code:0x%04x\n", fw_result_code);
2009 if (fapi_get_datalen(skb)) {
2010 int mgmt_hdr_len;
2011 struct ieee80211_mgmt *mgmt = fapi_get_mgmt(skb);
2012
2013 if (ieee80211_is_assoc_resp(mgmt->frame_control)) {
2014 mgmt_hdr_len = (mgmt->u.assoc_resp.variable - (u8 *)mgmt);
2015 } else if (ieee80211_is_reassoc_resp(mgmt->frame_control)) {
2016 mgmt_hdr_len = (mgmt->u.reassoc_resp.variable - (u8 *)mgmt);
2017 } else {
2018 SLSI_NET_DBG1(dev, SLSI_MLME, "Assoc/Reassoc response not found!\n");
2019 goto exit_with_lock;
2020 }
2021
2022 assoc_rsp_ie = (char *)mgmt + mgmt_hdr_len;
2023 assoc_rsp_ie_len = fapi_get_datalen(skb) - mgmt_hdr_len;
2024 }
2025 } else {
2026 SLSI_INFO(sdev, "Connect failed,Result code:0x%04x\n", fw_result_code);
2027 }
2028 #ifdef CONFIG_SCSC_LOG_COLLECTION
2029 /* Trigger log collection if fw result code is not success */
2030 scsc_log_collector_schedule_collection(SCSC_LOG_HOST_WLAN, SCSC_LOG_HOST_WLAN_REASON_CONNECT_ERR);
2031 #endif
2032 status = fw_result_code;
2033 #ifdef CONFIG_SCSC_WLAN_SAE_CONFIG
2034 if (ndev_vif->sta.crypto.wpa_versions == 3) {
2035 const u8 *connecting_ssid = NULL;
2036 int r;
2037 struct cfg80211_external_auth_params auth_request;
2038
2039 if (ndev_vif->sta.sta_bss->ies->len)
2040 connecting_ssid = cfg80211_find_ie(WLAN_EID_SSID, ndev_vif->sta.sta_bss->ies->data,
2041 ndev_vif->sta.sta_bss->ies->len);
2042
2043 auth_request.action = NL80211_EXTERNAL_AUTH_ABORT;
2044 memcpy(auth_request.bssid, ndev_vif->sta.sta_bss->bssid, ETH_ALEN);
2045 if (connecting_ssid && (connecting_ssid[1] > 0)) {
2046 memcpy(auth_request.ssid.ssid, &connecting_ssid[2], connecting_ssid[1]);
2047 auth_request.ssid.ssid_len = connecting_ssid[1];
2048 }
2049 auth_request.key_mgmt_suite = ndev_vif->sta.crypto.akm_suites[0];
2050 r = cfg80211_external_auth_request(dev, &auth_request, GFP_KERNEL);
2051 if (r)
2052 SLSI_NET_DBG1(dev, SLSI_MLME, "cfg80211_external_auth_request Abort failed");
2053 }
2054 #endif
2055 } else {
2056 SLSI_INFO(sdev, "Received Association Response\n");
2057 if (!peer || !peer->assoc_ie) {
2058 if (peer)
2059 WARN(!peer->assoc_ie, "proc-started-ind not received before connect-ind");
2060 status = WLAN_STATUS_UNSPECIFIED_FAILURE;
2061 } else {
2062 if (peer->assoc_ie) {
2063 assoc_ie = peer->assoc_ie->data;
2064 assoc_ie_len = peer->assoc_ie->len;
2065 }
2066
2067 slsi_peer_update_assoc_rsp(sdev, dev, peer, skb);
2068 /* skb is consumed by slsi_peer_update_assoc_rsp. So do not access this anymore. */
2069 skb = NULL;
2070
2071 if (peer->assoc_resp_ie) {
2072 assoc_rsp_ie = peer->assoc_resp_ie->data;
2073 assoc_rsp_ie_len = peer->assoc_resp_ie->len;
2074 }
2075
2076 /* this is the right place to initialize the bitmasks for
2077 * acm bit and tspec establishment
2078 */
2079 peer->wmm_acm = 0;
2080 peer->tspec_established = 0;
2081 peer->uapsd = 0;
2082
2083 /* update the uapsd bitmask according to the bit values
2084 * in wmm information element of association request
2085 */
2086 if (!sta_wmm_update_uapsd(sdev, dev, peer, assoc_ie, assoc_ie_len))
2087 SLSI_NET_DBG1(dev, SLSI_MLME, "Fail to update WMM uapsd\n");
2088
2089 /* update the wmm ac bitmasks according to the bit values that
2090 * are included in wmm ie elements of association response
2091 */
2092 if (!sta_wmm_update_wmm_ac_ies(sdev, dev, peer, assoc_rsp_ie, assoc_rsp_ie_len))
2093 SLSI_NET_DBG1(dev, SLSI_MLME, "Fail to update WMM AC ies\n");
2094
2095 WARN_ON(!assoc_rsp_ie_len && !assoc_rsp_ie);
2096 }
2097
2098 WARN(!ndev_vif->sta.mlme_scan_ind_skb, "mlme_scan.ind not received before connect-ind");
2099
2100 if (ndev_vif->sta.mlme_scan_ind_skb) {
2101 SLSI_NET_DBG1(dev, SLSI_MLME, "Sending scan indication to cfg80211, bssid: %pM\n", fapi_get_mgmt(ndev_vif->sta.mlme_scan_ind_skb)->bssid);
2102
2103 /* saved skb [mlme_scan_ind] freed inside slsi_rx_scan_pass_to_cfg80211 */
2104 slsi_rx_scan_pass_to_cfg80211(sdev, dev, ndev_vif->sta.mlme_scan_ind_skb);
2105 ndev_vif->sta.mlme_scan_ind_skb = NULL;
2106 }
2107
2108 if (!ndev_vif->sta.sta_bss) {
2109 if (peer)
2110 #if (LINUX_VERSION_CODE >= KERNEL_VERSION(4, 1, 0))
2111 ndev_vif->sta.sta_bss = cfg80211_get_bss(sdev->wiphy, ndev_vif->chan, peer->address,
2112 NULL, 0, IEEE80211_BSS_TYPE_ANY,
2113 IEEE80211_PRIVACY_ANY);
2114 #else
2115 ndev_vif->sta.sta_bss = cfg80211_get_bss(sdev->wiphy, ndev_vif->chan, peer->address,
2116 NULL, 0, 0, 0);
2117 #endif
2118 if (!ndev_vif->sta.sta_bss) {
2119 SLSI_NET_ERR(dev, "sta_bss is not available, terminating the connection (peer: %p)\n", peer);
2120 status = WLAN_STATUS_UNSPECIFIED_FAILURE;
2121 }
2122 }
2123 }
2124
2125 #if (LINUX_VERSION_CODE >= KERNEL_VERSION(4, 14, 0))
2126 cfg80211_ref_bss(sdev->wiphy, ndev_vif->sta.sta_bss);
2127 cfg80211_connect_bss(dev, bssid, ndev_vif->sta.sta_bss, assoc_ie, assoc_ie_len, assoc_rsp_ie,
2128 assoc_rsp_ie_len, status, GFP_KERNEL, NL80211_TIMEOUT_UNSPECIFIED);
2129 #else
2130 /* cfg80211_connect_result will take a copy of any ASSOC or
2131 * ASSOC RSP IEs passed to it
2132 */
2133 cfg80211_connect_result(dev,
2134 bssid,
2135 assoc_ie, assoc_ie_len,
2136 assoc_rsp_ie, assoc_rsp_ie_len,
2137 status,
2138 GFP_KERNEL);
2139 #endif
2140 if (status == WLAN_STATUS_SUCCESS) {
2141 ndev_vif->sta.vif_status = SLSI_VIF_STATUS_CONNECTED;
2142
2143 /* For Open & WEP AP,set the power mode (static IP scenario) ,send connect response and install the packet filters .
2144 * For secured AP, all this would be done after handshake
2145 */
2146 if ((peer->capabilities & WLAN_CAPABILITY_PRIVACY) &&
2147 (cfg80211_find_ie(WLAN_EID_RSN, assoc_ie, assoc_ie_len) ||
2148 cfg80211_find_ie(SLSI_WLAN_EID_WAPI, assoc_ie, assoc_ie_len) ||
2149 cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT, WLAN_OUI_TYPE_MICROSOFT_WPA, assoc_ie, assoc_ie_len))) {
2150 /*secured AP*/
2151 slsi_ps_port_control(sdev, dev, peer, SLSI_STA_CONN_STATE_DOING_KEY_CONFIG);
2152 ndev_vif->sta.resp_id = MLME_CONNECT_RES;
2153 } else {
2154 /*Open/WEP AP*/
2155 slsi_mlme_connect_resp(sdev, dev);
2156 slsi_set_packet_filters(sdev, dev);
2157
2158 if (ndev_vif->ipaddress)
2159 slsi_mlme_powermgt(sdev, dev, ndev_vif->set_power_mode);
2160 slsi_ps_port_control(sdev, dev, peer, SLSI_STA_CONN_STATE_CONNECTED);
2161 }
2162
2163 /* For P2PCLI, set the Connection Timeout (beacon miss) mib to 10 seconds
2164 * This MIB set failure does not cause any fatal isuue. It just varies the
2165 * detection time of GO's absence from 10 sec to FW default. So Do not disconnect
2166 */
2167 if (ndev_vif->iftype == NL80211_IFTYPE_P2P_CLIENT)
2168 SLSI_P2P_STATE_CHANGE(sdev, P2P_GROUP_FORMED_CLI);
2169
2170 /*Update the firmware with cached channels*/
2171 #ifdef CONFIG_SCSC_WLAN_WES_NCHO
2172 if (!sdev->device_config.roam_scan_mode && ndev_vif->vif_type == FAPI_VIFTYPE_STATION && ndev_vif->activated && ndev_vif->iftype != NL80211_IFTYPE_P2P_CLIENT) {
2173 #else
2174 if (ndev_vif->vif_type == FAPI_VIFTYPE_STATION && ndev_vif->activated && ndev_vif->iftype != NL80211_IFTYPE_P2P_CLIENT) {
2175 #endif
2176 const u8 *ssid = cfg80211_find_ie(WLAN_EID_SSID, assoc_ie, assoc_ie_len);
2177 u8 channels[SLSI_ROAMING_CHANNELS_MAX];
2178 u32 channels_count = slsi_roaming_scan_configure_channels(sdev, dev, ssid, channels);
2179
2180 if (channels_count)
2181 if (slsi_mlme_set_cached_channels(sdev, dev, channels_count, channels) != 0)
2182 SLSI_NET_ERR(dev, "MLME-SET-CACHED-CHANNELS.req failed\n");
2183 }
2184 } else {
2185 /* Firmware reported connection success, but driver reported failure to cfg80211:
2186 * send mlme-disconnect.req to firmware
2187 */
2188 if ((fw_result_code == FAPI_RESULTCODE_SUCCESS) && peer) {
2189 slsi_mlme_disconnect(sdev, dev, peer->address, FAPI_REASONCODE_UNSPECIFIED_REASON, true);
2190 slsi_handle_disconnect(sdev, dev, peer->address, FAPI_REASONCODE_UNSPECIFIED_REASON, NULL, 0);
2191 } else {
2192 slsi_handle_disconnect(sdev, dev, NULL, FAPI_REASONCODE_UNSPECIFIED_REASON, NULL, 0);
2193 }
2194 }
2195
2196 exit_with_lock:
2197 SLSI_MUTEX_UNLOCK(ndev_vif->vif_mutex);
2198 slsi_kfree_skb(skb);
2199 }
2200
2201 void slsi_rx_disconnect_ind(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb)
2202 {
2203 struct netdev_vif *ndev_vif = netdev_priv(dev);
2204
2205 SLSI_MUTEX_LOCK(ndev_vif->vif_mutex);
2206
2207 SLSI_NET_DBG1(dev, SLSI_MLME, "mlme_disconnect_ind(vif:%d, MAC:%pM)\n",
2208 fapi_get_vif(skb),
2209 fapi_get_buff(skb, u.mlme_disconnect_ind.peer_sta_address));
2210
2211 #ifdef CONFIG_SCSC_LOG_COLLECTION
2212 scsc_log_collector_schedule_collection(SCSC_LOG_HOST_WLAN, SCSC_LOG_HOST_WLAN_REASON_DISCONNECT_IND);
2213 #else
2214 mx140_log_dump();
2215 #endif
2216
2217 SLSI_INFO(sdev, "Received DEAUTH, reason = 0\n");
2218 slsi_handle_disconnect(sdev,
2219 dev,
2220 fapi_get_buff(skb, u.mlme_disconnect_ind.peer_sta_address),
2221 0,
2222 NULL,
2223 0);
2224
2225 SLSI_MUTEX_UNLOCK(ndev_vif->vif_mutex);
2226 slsi_kfree_skb(skb);
2227 }
2228
2229 void slsi_rx_disconnected_ind(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb)
2230 {
2231 struct netdev_vif *ndev_vif = netdev_priv(dev);
2232 u16 reason;
2233 u8 *disassoc_rsp_ie = NULL;
2234 u32 disassoc_rsp_ie_len = 0;
2235
2236 SLSI_MUTEX_LOCK(ndev_vif->vif_mutex);
2237 reason = fapi_get_u16(skb, u.mlme_disconnected_ind.reason_code);
2238 SLSI_NET_DBG1(dev, SLSI_MLME, "mlme_disconnected_ind(vif:%d, reason:%d, MAC:%pM)\n",
2239 fapi_get_vif(skb),
2240 fapi_get_u16(skb, u.mlme_disconnected_ind.reason_code),
2241 fapi_get_buff(skb, u.mlme_disconnected_ind.peer_sta_address));
2242
2243 #ifdef CONFIG_SCSC_LOG_COLLECTION
2244 scsc_log_collector_schedule_collection(SCSC_LOG_HOST_WLAN, SCSC_LOG_HOST_WLAN_REASON_DISCONNECTED_IND);
2245 #else
2246 mx140_log_dump();
2247 #endif
2248 if (reason <= 0xFF) {
2249 SLSI_INFO(sdev, "Received DEAUTH, reason = %d\n", reason);
2250 } else if (reason >= 0x8100 && reason <= 0x81FF) {
2251 reason = reason & 0x00FF;
2252 SLSI_INFO(sdev, "Received DEAUTH, reason = %d\n", reason);
2253 } else if (reason >= 0x8200 && reason <= 0x82FF) {
2254 reason = reason & 0x00FF;
2255 SLSI_INFO(sdev, "Received DISASSOC, reason = %d\n", reason);
2256 } else {
2257 SLSI_INFO(sdev, "Received DEAUTH, reason = Local Disconnect <%d>\n", reason);
2258 }
2259
2260 if (fapi_get_datalen(skb)) {
2261 struct ieee80211_mgmt *mgmt = fapi_get_mgmt(skb);
2262
2263 if (ieee80211_is_deauth(mgmt->frame_control)) {
2264 disassoc_rsp_ie = (char *)&mgmt->u.deauth.reason_code + 2;
2265 disassoc_rsp_ie_len = fapi_get_datalen(skb) -
2266 (u32)(disassoc_rsp_ie - (u8 *)fapi_get_data(skb));
2267 } else if (ieee80211_is_disassoc(mgmt->frame_control)) {
2268 disassoc_rsp_ie = (char *)&mgmt->u.disassoc.reason_code + 2;
2269 disassoc_rsp_ie_len = fapi_get_datalen(skb) -
2270 (u32)(disassoc_rsp_ie - (u8 *)fapi_get_data(skb));
2271 } else {
2272 SLSI_NET_DBG1(dev, SLSI_MLME, "Not a disassoc/deauth packet\n");
2273 }
2274 }
2275
2276 if (ndev_vif->vif_type == FAPI_VIFTYPE_AP) {
2277 if (fapi_get_u16(skb, u.mlme_disconnected_ind.reason_code) ==
2278 FAPI_REASONCODE_HOTSPOT_MAX_CLIENT_REACHED) {
2279 SLSI_NET_DBG1(dev, SLSI_MLME,
2280 "Sending max hotspot client reached notification to user space\n");
2281 cfg80211_conn_failed(dev, fapi_get_buff(skb, u.mlme_disconnected_ind.peer_sta_address),
2282 NL80211_CONN_FAIL_MAX_CLIENTS, GFP_KERNEL);
2283 goto exit;
2284 }
2285 }
2286
2287 slsi_handle_disconnect(sdev,
2288 dev,
2289 fapi_get_buff(skb, u.mlme_disconnected_ind.peer_sta_address),
2290 fapi_get_u16(skb, u.mlme_disconnected_ind.reason_code),
2291 disassoc_rsp_ie,
2292 disassoc_rsp_ie_len);
2293
2294 exit:
2295 SLSI_MUTEX_UNLOCK(ndev_vif->vif_mutex);
2296 slsi_kfree_skb(skb);
2297 return;
2298 }
2299
2300 /* Handle Procedure Started (Type = Device Discovered) indication for P2P */
2301 static void slsi_rx_p2p_device_discovered_ind(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb)
2302 {
2303 struct netdev_vif *ndev_vif = netdev_priv(dev);
2304 int mgmt_len;
2305
2306 SLSI_UNUSED_PARAMETER(sdev);
2307
2308 SLSI_NET_DBG2(dev, SLSI_CFG80211, "Freq = %d\n", ndev_vif->chan->center_freq);
2309
2310 /* Only Probe Request is expected as of now */
2311 mgmt_len = fapi_get_mgmtlen(skb);
2312 if (mgmt_len) {
2313 struct ieee80211_mgmt *mgmt = fapi_get_mgmt(skb);
2314
2315 if (ieee80211_is_mgmt(mgmt->frame_control)) {
2316 if (ieee80211_is_probe_req(mgmt->frame_control)) {
2317 SLSI_NET_DBG3(dev, SLSI_CFG80211, "Received Probe Request\n");
2318 #if (LINUX_VERSION_CODE >= KERNEL_VERSION(3, 10, 9))
2319 cfg80211_rx_mgmt(&ndev_vif->wdev, ndev_vif->chan->center_freq, 0, (const u8 *)mgmt, mgmt_len, GFP_ATOMIC);
2320 #else
2321 cfg80211_rx_mgmt(dev, ndev_vif->chan->center_freq, 0, (const u8 *)mgmt, mgmt_len, GFP_ATOMIC);
2322 #endif
2323 } else
2324 SLSI_NET_ERR(dev, "Ignore Indication - Not Probe Request frame\n");
2325 } else {
2326 SLSI_NET_ERR(dev, "Ignore Indication - Not Management frame\n");
2327 }
2328 }
2329 }
2330
2331 void slsi_rx_procedure_started_ind(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb)
2332 {
2333 struct netdev_vif *ndev_vif = netdev_priv(dev);
2334 struct slsi_peer *peer = NULL;
2335
2336 SLSI_MUTEX_LOCK(ndev_vif->vif_mutex);
2337
2338 SLSI_NET_DBG1(dev, SLSI_MLME, "mlme_procedure_started_ind(vif:%d, type:%d, aid:%d)\n",
2339 fapi_get_vif(skb),
2340 fapi_get_u16(skb, u.mlme_procedure_started_ind.procedure_type),
2341 fapi_get_u16(skb, u.mlme_procedure_started_ind.association_identifier));
2342 SLSI_INFO(sdev, "Send Association Request\n");
2343
2344 if (!ndev_vif->activated) {
2345 SLSI_NET_DBG1(dev, SLSI_MLME, "VIF not activated\n");
2346 goto exit_with_lock;
2347 }
2348
2349 switch (fapi_get_u16(skb, u.mlme_procedure_started_ind.procedure_type)) {
2350 case FAPI_PROCEDURETYPE_CONNECTION_STARTED:
2351 switch (ndev_vif->vif_type) {
2352 case FAPI_VIFTYPE_AP:
2353 {
2354 u16 aid = fapi_get_u16(skb, u.mlme_procedure_started_ind.association_identifier);
2355
2356 /* Check for MAX client */
2357 if ((ndev_vif->peer_sta_records + 1) > SLSI_AP_PEER_CONNECTIONS_MAX) {
2358 SLSI_NET_ERR(dev, "MAX Station limit reached. Ignore ind for aid:%d\n", aid);
2359 goto exit_with_lock;
2360 }
2361
2362 if (aid < SLSI_PEER_INDEX_MIN || aid > SLSI_PEER_INDEX_MAX) {
2363 SLSI_NET_ERR(dev, "Received incorrect aid: %d\n", aid);
2364 goto exit_with_lock;
2365 }
2366
2367 peer = slsi_peer_add(sdev, dev, (fapi_get_mgmt(skb))->sa, aid);
2368 if (!peer) {
2369 SLSI_NET_ERR(dev, "Peer NOT Created\n");
2370 goto exit_with_lock;
2371 }
2372 slsi_peer_update_assoc_req(sdev, dev, peer, skb);
2373 /* skb is consumed by slsi_peer_update_assoc_req. So do not access this anymore. */
2374 skb = NULL;
2375 peer->connected_state = SLSI_STA_CONN_STATE_CONNECTING;
2376
2377 if ((ndev_vif->iftype == NL80211_IFTYPE_P2P_GO) &&
2378 (peer->assoc_ie) &&
2379 (cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT, WLAN_OUI_TYPE_MICROSOFT_WPS, peer->assoc_ie->data, peer->assoc_ie->len))) {
2380 SLSI_NET_DBG2(dev, SLSI_MLME, "WPS IE is present. Setting peer->is_wps to TRUE\n");
2381 peer->is_wps = true;
2382 }
2383
2384 /* Take a wakelock to avoid platform suspend before EAPOL exchanges (to avoid connection delay) */
2385 slsi_wakelock_timeout(&sdev->wlan_wl_mlme, SLSI_WAKELOCK_TIME_MSEC_EAPOL);
2386 break;
2387 }
2388 case FAPI_VIFTYPE_STATION:
2389 {
2390 peer = slsi_get_peer_from_qs(sdev, dev, SLSI_STA_PEER_QUEUESET);
2391 if (WARN_ON(!peer)) {
2392 SLSI_NET_ERR(dev, "Peer NOT FOUND\n");
2393 goto exit_with_lock;
2394 }
2395 slsi_peer_update_assoc_req(sdev, dev, peer, skb);
2396 /* skb is consumed by slsi_peer_update_assoc_rsp. So do not access this anymore. */
2397 skb = NULL;
2398 break;
2399 }
2400 default:
2401 SLSI_NET_ERR(dev, "Incorrect vif type for proceduretype_connection_started\n");
2402 break;
2403 }
2404 break;
2405 case FAPI_PROCEDURETYPE_DEVICE_DISCOVERED:
2406 /* Expected only in P2P Device and P2P GO role */
2407 if (WARN_ON(!SLSI_IS_VIF_INDEX_P2P(ndev_vif) && (ndev_vif->iftype != NL80211_IFTYPE_P2P_GO)))
2408 goto exit_with_lock;
2409
2410 /* Send probe request to supplicant only if in listening state. Issues were seen earlier if
2411 * Probe request was sent to supplicant while waiting for GO Neg Req from peer.
2412 * Send Probe request to supplicant if received in GO mode
2413 */
2414 if ((sdev->p2p_state == P2P_LISTENING) || (ndev_vif->iftype == NL80211_IFTYPE_P2P_GO))
2415 slsi_rx_p2p_device_discovered_ind(sdev, dev, skb);
2416 break;
2417 case FAPI_PROCEDURETYPE_ROAMING_STARTED:
2418 {
2419 SLSI_NET_DBG1(dev, SLSI_MLME, "Roaming Procedure Starting with %pM\n", (fapi_get_mgmt(skb))->bssid);
2420 if (WARN_ON(ndev_vif->vif_type != FAPI_VIFTYPE_STATION))
2421 goto exit_with_lock;
2422 if (WARN_ON(!ndev_vif->peer_sta_record[SLSI_STA_PEER_QUEUESET] || !ndev_vif->peer_sta_record[SLSI_STA_PEER_QUEUESET]->valid))
2423 goto exit_with_lock;
2424 slsi_kfree_skb(ndev_vif->sta.roam_mlme_procedure_started_ind);
2425 ndev_vif->sta.roam_mlme_procedure_started_ind = skb;
2426 /* skb is consumed here. So remove reference to this.*/
2427 skb = NULL;
2428 break;
2429 }
2430 default:
2431 SLSI_NET_DBG1(dev, SLSI_MLME, "Unknown Procedure: %d\n", fapi_get_u16(skb, u.mlme_procedure_started_ind.procedure_type));
2432 goto exit_with_lock;
2433 }
2434
2435 exit_with_lock:
2436 SLSI_MUTEX_UNLOCK(ndev_vif->vif_mutex);
2437 slsi_kfree_skb(skb);
2438 }
2439
2440 void slsi_rx_frame_transmission_ind(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb)
2441 {
2442 struct netdev_vif *ndev_vif = netdev_priv(dev);
2443 struct slsi_peer *peer;
2444 u16 host_tag = fapi_get_u16(skb, u.mlme_frame_transmission_ind.host_tag);
2445 u16 tx_status = fapi_get_u16(skb, u.mlme_frame_transmission_ind.transmission_status);
2446 bool ack = true;
2447
2448 SLSI_MUTEX_LOCK(ndev_vif->vif_mutex);
2449
2450 SLSI_NET_DBG2(dev, SLSI_MLME, "mlme_frame_transmission_ind(vif:%d, host_tag:%d, transmission_status:%d)\n", fapi_get_vif(skb),
2451 host_tag,
2452 tx_status);
2453
2454 if (ndev_vif->mgmt_tx_data.host_tag == host_tag) {
2455 struct netdev_vif *ndev_vif_to_cfg = ndev_vif;
2456
2457 /* If frame tx failed allow del_vif work to take care of vif deletion.
2458 * This work would be queued as part of frame_tx with the wait duration
2459 */
2460 if (tx_status != FAPI_TRANSMISSIONSTATUS_SUCCESSFUL) {
2461 ack = false;
2462 if (SLSI_IS_VIF_INDEX_WLAN(ndev_vif)) {
2463 if (sdev->wlan_unsync_vif_state == WLAN_UNSYNC_VIF_TX)
2464 sdev->wlan_unsync_vif_state = WLAN_UNSYNC_VIF_ACTIVE; /*We wouldn't delete VIF*/
2465 } else {
2466 if (sdev->p2p_group_exp_frame != SLSI_P2P_PA_INVALID)
2467 slsi_clear_offchannel_data(sdev, false);
2468 else if (ndev_vif->mgmt_tx_data.exp_frame != SLSI_P2P_PA_INVALID)
2469 (void)slsi_mlme_reset_dwell_time(sdev, dev);
2470 ndev_vif->mgmt_tx_data.exp_frame = SLSI_P2P_PA_INVALID;
2471 }
2472 }
2473
2474 /* Change state if frame tx was in Listen as peer response is not expected */
2475 if (SLSI_IS_VIF_INDEX_P2P(ndev_vif) && (ndev_vif->mgmt_tx_data.exp_frame == SLSI_P2P_PA_INVALID)) {
2476 if (delayed_work_pending(&ndev_vif->unsync.roc_expiry_work))
2477 SLSI_P2P_STATE_CHANGE(sdev, P2P_LISTENING);
2478 else
2479 SLSI_P2P_STATE_CHANGE(sdev, P2P_IDLE_VIF_ACTIVE);
2480 } else if (SLSI_IS_VIF_INDEX_P2P_GROUP(sdev, ndev_vif)) {
2481 const struct ieee80211_mgmt *mgmt = (const struct ieee80211_mgmt *)ndev_vif->mgmt_tx_data.buf;
2482
2483 /* If frame transmission was initiated on P2P device vif by supplicant, then use the net_dev of that vif (i.e. p2p0) */
2484 if ((mgmt) && (memcmp(mgmt->sa, dev->dev_addr, ETH_ALEN) != 0)) {
2485 struct net_device *ndev = slsi_get_netdev(sdev, SLSI_NET_INDEX_P2P);
2486
2487 SLSI_NET_DBG2(dev, SLSI_MLME, "Frame Tx was requested with device address - Change ndev_vif for tx_status\n");
2488
2489 ndev_vif_to_cfg = netdev_priv(ndev);
2490 if (!ndev_vif_to_cfg) {
2491 SLSI_NET_ERR(dev, "Getting P2P Index netdev failed\n");
2492 ndev_vif_to_cfg = ndev_vif;
2493 }
2494 }
2495 }
2496 #ifdef CONFIG_SCSC_WLAN_WES_NCHO
2497 if (!sdev->device_config.wes_mode) {
2498 #endif
2499 #if (LINUX_VERSION_CODE >= KERNEL_VERSION(3, 6, 0))
2500 cfg80211_mgmt_tx_status(&ndev_vif_to_cfg->wdev, ndev_vif->mgmt_tx_data.cookie, ndev_vif->mgmt_tx_data.buf, ndev_vif->mgmt_tx_data.buf_len, ack, GFP_KERNEL);
2501 #else
2502 cfg80211_mgmt_tx_status(ndev_vif_to_cfg->wdev.netdev, ndev_vif->mgmt_tx_data.cookie, ndev_vif->mgmt_tx_data.buf, ndev_vif->mgmt_tx_data.buf_len, ack, GFP_KERNEL);
2503 #endif
2504
2505 #ifdef CONFIG_SCSC_WLAN_WES_NCHO
2506 }
2507 #endif
2508 (void)slsi_set_mgmt_tx_data(ndev_vif, 0, 0, NULL, 0);
2509 }
2510
2511 if ((tx_status == FAPI_TRANSMISSIONSTATUS_SUCCESSFUL) || (tx_status == FAPI_TRANSMISSIONSTATUS_RETRY_LIMIT)) {
2512 #ifdef CONFIG_SCSC_WLAN_STA_ENHANCED_ARP_DETECT
2513 if (ndev_vif->enhanced_arp_detect_enabled && (ndev_vif->vif_type == FAPI_VIFTYPE_STATION)) {
2514 int i = 0;
2515
2516 for (i = 0; i < SLSI_MAX_ARP_SEND_FRAME; i++) {
2517 if (ndev_vif->enhanced_arp_host_tag[i] == host_tag) {
2518 ndev_vif->enhanced_arp_host_tag[i] = 0;
2519 ndev_vif->enhanced_arp_stats.arp_req_rx_count_by_lower_mac++;
2520 if (tx_status == FAPI_TRANSMISSIONSTATUS_SUCCESSFUL)
2521 ndev_vif->enhanced_arp_stats.arp_req_count_tx_success++;
2522 break;
2523 }
2524 }
2525 }
2526 #endif
2527 if ((ndev_vif->vif_type == FAPI_VIFTYPE_STATION) &&
2528 (ndev_vif->sta.m4_host_tag == host_tag)) {
2529 switch (ndev_vif->sta.resp_id) {
2530 case MLME_ROAMED_RES:
2531 slsi_mlme_roamed_resp(sdev, dev);
2532 peer = slsi_get_peer_from_qs(sdev, dev, SLSI_STA_PEER_QUEUESET);
2533 if (WARN_ON(!peer))
2534 break;
2535 slsi_ps_port_control(sdev, dev, peer, SLSI_STA_CONN_STATE_CONNECTED);
2536 cac_update_roam_traffic_params(sdev, dev);
2537 break;
2538 case MLME_CONNECT_RES:
2539 slsi_mlme_connect_resp(sdev, dev);
2540 slsi_set_packet_filters(sdev, dev);
2541 peer = slsi_get_peer_from_qs(sdev, dev, SLSI_STA_PEER_QUEUESET);
2542 if (WARN_ON(!peer))
2543 break;
2544 slsi_ps_port_control(sdev, dev, peer, SLSI_STA_CONN_STATE_CONNECTED);
2545 break;
2546 case MLME_REASSOCIATE_RES:
2547 slsi_mlme_reassociate_resp(sdev, dev);
2548 break;
2549 default:
2550 break;
2551 }
2552 ndev_vif->sta.m4_host_tag = 0;
2553 ndev_vif->sta.resp_id = 0;
2554 }
2555 if (tx_status == FAPI_TRANSMISSIONSTATUS_RETRY_LIMIT) {
2556 if ((ndev_vif->iftype == NL80211_IFTYPE_STATION) &&
2557 (ndev_vif->sta.eap_hosttag == host_tag)) {
2558 if (ndev_vif->sta.sta_bss) {
2559 SLSI_NET_WARN(dev, "Disconnect as EAP frame transmission failed\n");
2560 slsi_mlme_disconnect(sdev, dev, ndev_vif->sta.sta_bss->bssid, FAPI_REASONCODE_UNSPECIFIED_REASON, false);
2561 } else {
2562 SLSI_NET_WARN(dev, "EAP frame transmission failed, sta_bss not available\n");
2563 }
2564 }
2565 ndev_vif->stats.tx_errors++;
2566 }
2567 } else {
2568 ndev_vif->stats.tx_errors++;
2569 }
2570 SLSI_MUTEX_UNLOCK(ndev_vif->vif_mutex);
2571 slsi_kfree_skb(skb);
2572 }
2573
2574 void slsi_rx_received_frame_ind(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb)
2575 {
2576 struct netdev_vif *ndev_vif = netdev_priv(dev);
2577 u16 data_unit_descriptor = fapi_get_u16(skb, u.mlme_received_frame_ind.data_unit_descriptor);
2578 u16 frequency = SLSI_FREQ_FW_TO_HOST(fapi_get_u16(skb, u.mlme_received_frame_ind.channel_frequency));
2579 u8 *eapol = NULL;
2580 u8 *eap = NULL;
2581 u16 protocol = 0;
2582 u32 dhcp_message_type = SLSI_DHCP_MESSAGE_TYPE_INVALID;
2583 u16 eap_length = 0;
2584
2585 SLSI_NET_DBG2(dev, SLSI_MLME, "mlme_received_frame_ind(vif:%d, data descriptor:%d, freq:%d)\n",
2586 fapi_get_vif(skb),
2587 data_unit_descriptor,
2588 frequency);
2589
2590 SLSI_MUTEX_LOCK(ndev_vif->vif_mutex);
2591 if (data_unit_descriptor == FAPI_DATAUNITDESCRIPTOR_IEEE802_11_FRAME) {
2592 struct ieee80211_mgmt *mgmt;
2593 int mgmt_len;
2594
2595 mgmt_len = fapi_get_mgmtlen(skb);
2596 if (!mgmt_len)
2597 goto exit;
2598 mgmt = fapi_get_mgmt(skb);
2599 if (ieee80211_is_auth(mgmt->frame_control)) {
2600 cfg80211_rx_mgmt(&ndev_vif->wdev, frequency, 0, (const u8 *)mgmt, mgmt_len, GFP_ATOMIC);
2601 goto exit;
2602 }
2603 #ifdef CONFIG_SLSI_WLAN_STA_FWD_BEACON
2604 if (ndev_vif->is_wips_running && ieee80211_is_beacon(mgmt->frame_control) &&
2605 SLSI_IS_VIF_INDEX_WLAN(ndev_vif)) {
2606 slsi_handle_wips_beacon(sdev, dev, skb, mgmt, mgmt_len);
2607 goto exit;
2608 }
2609 #endif
2610 if (WARN_ON(!(ieee80211_is_action(mgmt->frame_control))))
2611 goto exit;
2612 if (SLSI_IS_VIF_INDEX_WLAN(ndev_vif)) {
2613 #ifdef CONFIG_SCSC_WLAN_WES_NCHO
2614 if (slsi_is_wes_action_frame(mgmt)) {
2615 SLSI_NET_DBG1(dev, SLSI_CFG80211, "Received NCHO WES VS action frame\n");
2616 if (!sdev->device_config.wes_mode)
2617 goto exit;
2618 } else {
2619 #endif
2620 if (mgmt->u.action.category == WLAN_CATEGORY_WMM) {
2621 cac_rx_wmm_action(sdev, dev, mgmt, mgmt_len);
2622 } else {
2623 slsi_wlan_dump_public_action_subtype(sdev, mgmt, false);
2624 if (sdev->wlan_unsync_vif_state == WLAN_UNSYNC_VIF_TX)
2625 sdev->wlan_unsync_vif_state = WLAN_UNSYNC_VIF_ACTIVE;
2626 }
2627 #ifdef CONFIG_SCSC_WLAN_WES_NCHO
2628 }
2629 #endif
2630 } else {
2631 int subtype = slsi_p2p_get_public_action_subtype(mgmt);
2632
2633 SLSI_NET_DBG2(dev, SLSI_CFG80211, "Received action frame (%s)\n", slsi_p2p_pa_subtype_text(subtype));
2634
2635 if (SLSI_IS_P2P_UNSYNC_VIF(ndev_vif) && (ndev_vif->mgmt_tx_data.exp_frame != SLSI_P2P_PA_INVALID) && (subtype == ndev_vif->mgmt_tx_data.exp_frame)) {
2636 if (sdev->p2p_state == P2P_LISTENING)
2637 SLSI_NET_WARN(dev, "Driver in incorrect P2P state (P2P_LISTENING)");
2638
2639 cancel_delayed_work(&ndev_vif->unsync.del_vif_work);
2640 /* Sending down the Unset channel is delayed when listen work expires in
2641 * middle of P2P procedure. For example,When Listen Work expires after
2642 * sending provision discovery req,unset channel is not sent to FW.
2643 * After Receiving the PROV_DISC_RESP, if listen work is not present
2644 * Unset channel to be sent down.Similarly During P2P Negotiation procedure,
2645 * Unset channel is not sent to FW.Once Negotiation is complete,
2646 * if listen work is not present Unset channel to be sent down.
2647 */
2648 if ((subtype == SLSI_P2P_PA_GO_NEG_CFM) || (subtype == SLSI_P2P_PA_PROV_DISC_RSP)) {
2649 ndev_vif->drv_in_p2p_procedure = false;
2650 if (!delayed_work_pending(&ndev_vif->unsync.roc_expiry_work)) {
2651 slsi_mlme_unset_channel_req(ndev_vif->sdev, ndev_vif->wdev.netdev);
2652 ndev_vif->driver_channel = 0;
2653 }
2654 }
2655
2656 ndev_vif->mgmt_tx_data.exp_frame = SLSI_P2P_PA_INVALID;
2657 (void)slsi_mlme_reset_dwell_time(sdev, dev);
2658 if (delayed_work_pending(&ndev_vif->unsync.roc_expiry_work)) {
2659 SLSI_P2P_STATE_CHANGE(sdev, P2P_LISTENING);
2660 } else {
2661 queue_delayed_work(sdev->device_wq, &ndev_vif->unsync.del_vif_work,
2662 msecs_to_jiffies(SLSI_P2P_UNSYNC_VIF_EXTRA_MSEC));
2663 SLSI_P2P_STATE_CHANGE(sdev, P2P_IDLE_VIF_ACTIVE);
2664 }
2665 } else if ((sdev->p2p_group_exp_frame != SLSI_P2P_PA_INVALID) && (sdev->p2p_group_exp_frame == subtype)) {
2666 SLSI_NET_DBG2(dev, SLSI_MLME, "Expected action frame (%s) received on Group VIF\n", slsi_p2p_pa_subtype_text(subtype));
2667 slsi_clear_offchannel_data(sdev,
2668 (!SLSI_IS_VIF_INDEX_P2P_GROUP(sdev,
2669 ndev_vif)) ? true : false);
2670 }
2671 }
2672
2673 #if (LINUX_VERSION_CODE >= KERNEL_VERSION(3, 10, 9))
2674 cfg80211_rx_mgmt(&ndev_vif->wdev, frequency, 0, (const u8 *)mgmt, mgmt_len, GFP_ATOMIC);
2675 #else
2676 cfg80211_rx_mgmt(dev, frequency, 0, (const u8 *)mgmt, mgmt_len, GFP_ATOMIC);
2677 #endif
2678 } else if (data_unit_descriptor == FAPI_DATAUNITDESCRIPTOR_IEEE802_3_FRAME) {
2679 struct slsi_peer *peer = NULL;
2680 struct ethhdr *ehdr = (struct ethhdr *)fapi_get_data(skb);
2681
2682 peer = slsi_get_peer_from_mac(sdev, dev, ehdr->h_source);
2683 if (!peer) {
2684 SLSI_DBG1(sdev, SLSI_RX, "drop packet as No peer found\n");
2685 goto exit;
2686 }
2687
2688 /* strip signal and any signal/bulk roundings/offsets */
2689 skb_pull(skb, fapi_get_siglen(skb));
2690
2691 skb->dev = dev;
2692 skb->ip_summed = CHECKSUM_NONE;
2693
2694 ndev_vif->stats.rx_packets++;
2695 ndev_vif->stats.rx_bytes += skb->len;
2696 #if (LINUX_VERSION_CODE <= KERNEL_VERSION(4, 10, 0))
2697 dev->last_rx = jiffies;
2698 #endif
2699 /* Storing Data for Logging Information */
2700 if ((skb->len - sizeof(struct ethhdr)) >= 99)
2701 eapol = skb->data + sizeof(struct ethhdr);
2702
2703 if ((skb->len - sizeof(struct ethhdr)) >= 9) {
2704 eap_length = (skb->len - sizeof(struct ethhdr)) - 4;
2705 eap = skb->data + sizeof(struct ethhdr);
2706 }
2707 if (skb->len >= 285 && slsi_is_dhcp_packet(skb->data) != SLSI_TX_IS_NOT_DHCP)
2708 dhcp_message_type = skb->data[284];
2709
2710 skb->protocol = eth_type_trans(skb, dev);
2711 protocol = ntohs(skb->protocol);
2712 if (protocol == ETH_P_PAE) {
2713 if (eapol && eapol[SLSI_EAPOL_IEEE8021X_TYPE_POS] == SLSI_IEEE8021X_TYPE_EAPOL_KEY) {
2714 if ((eapol[SLSI_EAPOL_TYPE_POS] == SLSI_EAPOL_TYPE_RSN_KEY ||
2715 eapol[SLSI_EAPOL_TYPE_POS] == SLSI_EAPOL_TYPE_WPA_KEY) &&
2716 (eapol[SLSI_EAPOL_KEY_INFO_LOWER_BYTE_POS] &
2717 SLSI_EAPOL_KEY_INFO_KEY_TYPE_BIT_IN_LOWER_BYTE) &&
2718 (eapol[SLSI_EAPOL_KEY_INFO_HIGHER_BYTE_POS] &
2719 SLSI_EAPOL_KEY_INFO_MIC_BIT_IN_HIGHER_BYTE) &&
2720 (eapol[SLSI_EAPOL_KEY_DATA_LENGTH_HIGHER_BYTE_POS] == 0) &&
2721 (eapol[SLSI_EAPOL_KEY_DATA_LENGTH_LOWER_BYTE_POS] == 0)) {
2722 SLSI_INFO(sdev, "Received 4way-H/S, M4\n");
2723 } else if (!(eapol[SLSI_EAPOL_KEY_INFO_HIGHER_BYTE_POS] &
2724 SLSI_EAPOL_KEY_INFO_MIC_BIT_IN_HIGHER_BYTE)) {
2725 SLSI_INFO(sdev, "Received 4way-H/S, M1\n");
2726 } else if (eapol[SLSI_EAPOL_KEY_INFO_HIGHER_BYTE_POS] &
2727 SLSI_EAPOL_KEY_INFO_SECURE_BIT_IN_HIGHER_BYTE) {
2728 SLSI_INFO(sdev, "Received 4way-H/S, M3\n");
2729 } else {
2730 SLSI_INFO(sdev, "Received 4way-H/S, M2\n");
2731 }
2732 } else if (eap && eap[SLSI_EAPOL_IEEE8021X_TYPE_POS] == SLSI_IEEE8021X_TYPE_EAP_PACKET) {
2733 if (eap[SLSI_EAP_CODE_POS] == SLSI_EAP_PACKET_REQUEST)
2734 SLSI_INFO(sdev, "Received EAP-Request (%d)\n", eap_length);
2735 else if (eap[SLSI_EAP_CODE_POS] == SLSI_EAP_PACKET_RESPONSE)
2736 SLSI_INFO(sdev, "Received EAP-Response (%d)\n", eap_length);
2737 else if (eap[SLSI_EAP_CODE_POS] == SLSI_EAP_PACKET_SUCCESS)
2738 SLSI_INFO(sdev, "Received EAP-Success (%d)\n", eap_length);
2739 else if (eap[SLSI_EAP_CODE_POS] == SLSI_EAP_PACKET_FAILURE)
2740 SLSI_INFO(sdev, "Received EAP-Failure (%d)\n", eap_length);
2741 }
2742 } else if (protocol == ETH_P_IP) {
2743 if (dhcp_message_type == SLSI_DHCP_MESSAGE_TYPE_DISCOVER)
2744 SLSI_INFO(sdev, "Received DHCP [DISCOVER]\n");
2745 else if (dhcp_message_type == SLSI_DHCP_MESSAGE_TYPE_OFFER)
2746 SLSI_INFO(sdev, "Received DHCP [OFFER]\n");
2747 else if (dhcp_message_type == SLSI_DHCP_MESSAGE_TYPE_REQUEST)
2748 SLSI_INFO(sdev, "Received DHCP [REQUEST]\n");
2749 else if (dhcp_message_type == SLSI_DHCP_MESSAGE_TYPE_DECLINE)
2750 SLSI_INFO(sdev, "Received DHCP [DECLINE]\n");
2751 else if (dhcp_message_type == SLSI_DHCP_MESSAGE_TYPE_ACK)
2752 SLSI_INFO(sdev, "Received DHCP [ACK]\n");
2753 else if (dhcp_message_type == SLSI_DHCP_MESSAGE_TYPE_NAK)
2754 SLSI_INFO(sdev, "Received DHCP [NAK]\n");
2755 else if (dhcp_message_type == SLSI_DHCP_MESSAGE_TYPE_RELEASE)
2756 SLSI_INFO(sdev, "Received DHCP [RELEASE]\n");
2757 else if (dhcp_message_type == SLSI_DHCP_MESSAGE_TYPE_INFORM)
2758 SLSI_INFO(sdev, "Received DHCP [INFORM]\n");
2759 else if (dhcp_message_type == SLSI_DHCP_MESSAGE_TYPE_FORCERENEW)
2760 SLSI_INFO(sdev, "Received DHCP [FORCERENEW]\n");
2761 else
2762 SLSI_INFO(sdev, "Received DHCP [INVALID]\n");
2763 }
2764 slsi_dbg_untrack_skb(skb);
2765 SLSI_MUTEX_UNLOCK(ndev_vif->vif_mutex);
2766 SLSI_DBG2(sdev, SLSI_MLME, "pass %u bytes up (proto:%d)\n", skb->len, ntohs(skb->protocol));
2767 netif_rx_ni(skb);
2768 slsi_wakelock_timeout(&sdev->wlan_wl_mlme, SLSI_WAKELOCK_TIME_MSEC_EAPOL);
2769 return;
2770 }
2771 exit:
2772 SLSI_MUTEX_UNLOCK(ndev_vif->vif_mutex);
2773 slsi_kfree_skb(skb);
2774 }
2775
2776 void slsi_rx_mic_failure_ind(struct slsi_dev *sdev, struct net_device *dev, struct sk_buff *skb)
2777 {
2778 struct netdev_vif *ndev_vif = netdev_priv(dev);
2779 u8 *mac_addr;
2780 u16 key_type, key_id;
2781 enum nl80211_key_type nl_key_type;
2782
2783 SLSI_UNUSED_PARAMETER(sdev);
2784
2785 SLSI_MUTEX_LOCK(ndev_vif->vif_mutex);
2786
2787 mac_addr = fapi_get_buff(skb, u.mlme_disconnected_ind.peer_sta_address);
2788 key_type = fapi_get_u16(skb, u.mlme_mic_failure_ind.key_type);
2789 key_id = fapi_get_u16(skb, u.mlme_mic_failure_ind.key_id);
2790
2791 SLSI_NET_DBG1(dev, SLSI_MLME, "mlme_mic_failure_ind(vif:%d, MAC:%pM, key_type:%d, key_id:%d)\n",
2792 fapi_get_vif(skb), mac_addr, key_type, key_id);
2793
2794 if (WARN_ON((key_type != FAPI_KEYTYPE_GROUP) && (key_type != FAPI_KEYTYPE_PAIRWISE)))
2795 goto exit;
2796
2797 nl_key_type = (key_type == FAPI_KEYTYPE_GROUP) ? NL80211_KEYTYPE_GROUP : NL80211_KEYTYPE_PAIRWISE;
2798
2799 cfg80211_michael_mic_failure(dev, mac_addr, nl_key_type, key_id, NULL, GFP_KERNEL);
2800
2801 exit:
2802 SLSI_MUTEX_UNLOCK(ndev_vif->vif_mutex);
2803 slsi_kfree_skb(skb);
2804 }
2805
2806 /**
2807 * Handler for mlme_listen_end_ind.
2808 * The listen_end_ind would be received when the total Listen Offloading time is over.
2809 * Indicate completion of Listen Offloading to supplicant by sending Cancel-ROC event
2810 * with cookie 0xffff. Queue delayed work for unsync vif deletion.
2811 */
2812 void slsi_rx_listen_end_ind(struct net_device *dev, struct sk_buff *skb)
2813 {
2814 struct netdev_vif *ndev_vif = netdev_priv(dev);
2815
2816 SLSI_MUTEX_LOCK(ndev_vif->vif_mutex);
2817
2818 SLSI_NET_DBG2(dev, SLSI_CFG80211, "Inform completion of P2P Listen Offloading\n");
2819
2820 #if (LINUX_VERSION_CODE >= KERNEL_VERSION(3, 10, 9))
2821 cfg80211_remain_on_channel_expired(&ndev_vif->wdev, 0xffff, ndev_vif->chan, GFP_KERNEL);
2822 #else
2823 cfg80211_remain_on_channel_expired(ndev_vif->wdev.netdev, 0xffff, ndev_vif->chan, ndev_vif->channel_type, GFP_KERNEL);
2824 #endif
2825
2826 ndev_vif->unsync.listen_offload = false;
2827
2828 slsi_p2p_queue_unsync_vif_del_work(ndev_vif, SLSI_P2P_UNSYNC_VIF_EXTRA_MSEC);
2829
2830 SLSI_P2P_STATE_CHANGE(ndev_vif->sdev, P2P_IDLE_VIF_ACTIVE);
2831
2832 SLSI_MUTEX_UNLOCK(ndev_vif->vif_mutex);
2833 slsi_kfree_skb(skb);
2834 }
2835
2836 static int slsi_rx_wait_ind_match(u16 recv_id, u16 wait_id)
2837 {
2838 if (recv_id == wait_id)
2839 return 1;
2840 if (wait_id == MLME_DISCONNECT_IND && recv_id == MLME_DISCONNECTED_IND)
2841 return 1;
2842 return 0;
2843 }
2844
2845 int slsi_rx_blocking_signals(struct slsi_dev *sdev, struct sk_buff *skb)
2846 {
2847 u16 pid, id;
2848 struct slsi_sig_send *sig_wait;
2849 u16 vif = fapi_get_vif(skb);
2850
2851 sig_wait = &sdev->sig_wait;
2852 id = fapi_get_sigid(skb);
2853 pid = fapi_get_u16(skb, receiver_pid);
2854
2855 /* ALL mlme cfm signals MUST have blocking call waiting for it (Per Vif or Global) */
2856 if (fapi_is_cfm(skb)) {
2857 struct net_device *dev;
2858 struct netdev_vif *ndev_vif;
2859
2860 rcu_read_lock();
2861 dev = slsi_get_netdev_rcu(sdev, vif);
2862 if (dev) {
2863 ndev_vif = netdev_priv(dev);
2864 sig_wait = &ndev_vif->sig_wait;
2865 }
2866 spin_lock_bh(&sig_wait->send_signal_lock);
2867 if (id == sig_wait->cfm_id && pid == sig_wait->process_id) {
2868 if (WARN_ON(sig_wait->cfm))
2869 slsi_kfree_skb(sig_wait->cfm);
2870 sig_wait->cfm = skb;
2871 spin_unlock_bh(&sig_wait->send_signal_lock);
2872 complete(&sig_wait->completion);
2873 rcu_read_unlock();
2874 return 0;
2875 }
2876 /**
2877 * Important data frames such as EAPOL, ARP, DHCP are send
2878 * over MLME. For these frames driver does not block on confirms.
2879 * So there can be unexpected confirms here for such data frames.
2880 * These confirms are treated as normal and is silently dropped
2881 * here
2882 */
2883 if (id == MLME_SEND_FRAME_CFM) {
2884 spin_unlock_bh(&sig_wait->send_signal_lock);
2885 rcu_read_unlock();
2886 slsi_kfree_skb(skb);
2887 return 0;
2888 }
2889
2890 SLSI_DBG1(sdev, SLSI_MLME, "Unexpected cfm(0x%.4x, pid:0x%.4x, vif:%d)\n", id, pid, vif);
2891 spin_unlock_bh(&sig_wait->send_signal_lock);
2892 rcu_read_unlock();
2893 return -EINVAL;
2894 }
2895 /* Some mlme ind signals have a blocking call waiting (Per Vif or Global) */
2896 if (fapi_is_ind(skb)) {
2897 struct net_device *dev;
2898 struct netdev_vif *ndev_vif;
2899
2900 rcu_read_lock();
2901 dev = slsi_get_netdev_rcu(sdev, vif);
2902 if (dev) {
2903 ndev_vif = netdev_priv(dev);
2904 sig_wait = &ndev_vif->sig_wait;
2905 }
2906 spin_lock_bh(&sig_wait->send_signal_lock);
2907 if (slsi_rx_wait_ind_match(id, sig_wait->ind_id) && pid == sig_wait->process_id) {
2908 if (WARN_ON(sig_wait->ind))
2909 slsi_kfree_skb(sig_wait->ind);
2910 sig_wait->ind = skb;
2911 spin_unlock_bh(&sig_wait->send_signal_lock);
2912 complete(&sig_wait->completion);
2913 rcu_read_unlock();
2914 return 0;
2915 }
2916 spin_unlock_bh(&sig_wait->send_signal_lock);
2917 rcu_read_unlock();
2918 }
2919 return -EINVAL;
2920 }