diff options
author | Johannes Berg <johannes@sipsolutions.net> | 2008-10-30 17:09:54 -0400 |
---|---|---|
committer | John W. Linville <linville@tuxdriver.com> | 2008-11-10 15:11:56 -0500 |
commit | 2c706002fc147decdba2658ea48e4436faca3af2 (patch) | |
tree | 3e515fa59e6f7de045579f103cba09cd05293de7 /drivers/net/wireless | |
parent | 9b1fbae4b242cf86a878771eb59dc600dde72ec8 (diff) |
don't use net/ieee80211.h
Convert all the drivers using net/ieee80211.h to use linux/ieee80211.h.
Contains a bugfix in libertas where the SSID parsing could overrun the
buffer when the AP sends invalid information.
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Acked-by: Dan Williams <dcbw@redhat.com> [airo, libertas]
Acked-by: Pavel Roskin <proski@gnu.org> [orinoco]
Acked-by: David Kilroy <kilroyd@googlemail.com> [orinoco]
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Diffstat (limited to 'drivers/net/wireless')
-rw-r--r-- | drivers/net/wireless/airo.c | 50 | ||||
-rw-r--r-- | drivers/net/wireless/atmel.c | 70 | ||||
-rw-r--r-- | drivers/net/wireless/libertas/assoc.c | 18 | ||||
-rw-r--r-- | drivers/net/wireless/libertas/cmd.c | 5 | ||||
-rw-r--r-- | drivers/net/wireless/libertas/dev.h | 7 | ||||
-rw-r--r-- | drivers/net/wireless/libertas/main.c | 3 | ||||
-rw-r--r-- | drivers/net/wireless/libertas/persistcfg.c | 2 | ||||
-rw-r--r-- | drivers/net/wireless/libertas/scan.c | 77 | ||||
-rw-r--r-- | drivers/net/wireless/libertas/scan.h | 4 | ||||
-rw-r--r-- | drivers/net/wireless/libertas/types.h | 5 | ||||
-rw-r--r-- | drivers/net/wireless/libertas/wext.c | 1 | ||||
-rw-r--r-- | drivers/net/wireless/orinoco.c | 30 | ||||
-rw-r--r-- | drivers/net/wireless/rndis_wlan.c | 24 | ||||
-rw-r--r-- | drivers/net/wireless/wl3501.h | 4 | ||||
-rw-r--r-- | drivers/net/wireless/zd1201.c | 4 |
15 files changed, 156 insertions, 148 deletions
diff --git a/drivers/net/wireless/airo.c b/drivers/net/wireless/airo.c index c8dc6568cec9..67d504e32290 100644 --- a/drivers/net/wireless/airo.c +++ b/drivers/net/wireless/airo.c | |||
@@ -47,10 +47,11 @@ | |||
47 | #include <linux/ioport.h> | 47 | #include <linux/ioport.h> |
48 | #include <linux/pci.h> | 48 | #include <linux/pci.h> |
49 | #include <asm/uaccess.h> | 49 | #include <asm/uaccess.h> |
50 | #include <net/ieee80211.h> | ||
51 | #include <linux/kthread.h> | 50 | #include <linux/kthread.h> |
52 | #include <linux/freezer.h> | 51 | #include <linux/freezer.h> |
53 | 52 | ||
53 | #include <linux/ieee80211.h> | ||
54 | |||
54 | #include "airo.h" | 55 | #include "airo.h" |
55 | 56 | ||
56 | #define DRV_NAME "airo" | 57 | #define DRV_NAME "airo" |
@@ -7265,56 +7266,53 @@ static inline char *airo_translate_scan(struct net_device *dev, | |||
7265 | if (test_bit(FLAG_WPA_CAPABLE, &ai->flags)) { | 7266 | if (test_bit(FLAG_WPA_CAPABLE, &ai->flags)) { |
7266 | unsigned int num_null_ies = 0; | 7267 | unsigned int num_null_ies = 0; |
7267 | u16 length = sizeof (bss->extra.iep); | 7268 | u16 length = sizeof (bss->extra.iep); |
7268 | struct ieee80211_info_element *info_element = | 7269 | u8 *ie = (void *)&bss->extra.iep; |
7269 | (struct ieee80211_info_element *) &bss->extra.iep; | ||
7270 | 7270 | ||
7271 | while ((length >= sizeof(*info_element)) && (num_null_ies < 2)) { | 7271 | while ((length >= 2) && (num_null_ies < 2)) { |
7272 | if (sizeof(*info_element) + info_element->len > length) { | 7272 | if (2 + ie[1] > length) { |
7273 | /* Invalid element, don't continue parsing IE */ | 7273 | /* Invalid element, don't continue parsing IE */ |
7274 | break; | 7274 | break; |
7275 | } | 7275 | } |
7276 | 7276 | ||
7277 | switch (info_element->id) { | 7277 | switch (ie[0]) { |
7278 | case MFIE_TYPE_SSID: | 7278 | case WLAN_EID_SSID: |
7279 | /* Two zero-length SSID elements | 7279 | /* Two zero-length SSID elements |
7280 | * mean we're done parsing elements */ | 7280 | * mean we're done parsing elements */ |
7281 | if (!info_element->len) | 7281 | if (!ie[1]) |
7282 | num_null_ies++; | 7282 | num_null_ies++; |
7283 | break; | 7283 | break; |
7284 | 7284 | ||
7285 | case MFIE_TYPE_GENERIC: | 7285 | case WLAN_EID_GENERIC: |
7286 | if (info_element->len >= 4 && | 7286 | if (ie[1] >= 4 && |
7287 | info_element->data[0] == 0x00 && | 7287 | ie[2] == 0x00 && |
7288 | info_element->data[1] == 0x50 && | 7288 | ie[3] == 0x50 && |
7289 | info_element->data[2] == 0xf2 && | 7289 | ie[4] == 0xf2 && |
7290 | info_element->data[3] == 0x01) { | 7290 | ie[5] == 0x01) { |
7291 | iwe.cmd = IWEVGENIE; | 7291 | iwe.cmd = IWEVGENIE; |
7292 | iwe.u.data.length = min(info_element->len + 2, | 7292 | /* 64 is an arbitrary cut-off */ |
7293 | MAX_WPA_IE_LEN); | 7293 | iwe.u.data.length = min(ie[1] + 2, |
7294 | 64); | ||
7294 | current_ev = iwe_stream_add_point( | 7295 | current_ev = iwe_stream_add_point( |
7295 | info, current_ev, | 7296 | info, current_ev, |
7296 | end_buf, &iwe, | 7297 | end_buf, &iwe, ie); |
7297 | (char *) info_element); | ||
7298 | } | 7298 | } |
7299 | break; | 7299 | break; |
7300 | 7300 | ||
7301 | case MFIE_TYPE_RSN: | 7301 | case WLAN_EID_RSN: |
7302 | iwe.cmd = IWEVGENIE; | 7302 | iwe.cmd = IWEVGENIE; |
7303 | iwe.u.data.length = min(info_element->len + 2, | 7303 | /* 64 is an arbitrary cut-off */ |
7304 | MAX_WPA_IE_LEN); | 7304 | iwe.u.data.length = min(ie[1] + 2, 64); |
7305 | current_ev = iwe_stream_add_point( | 7305 | current_ev = iwe_stream_add_point( |
7306 | info, current_ev, end_buf, | 7306 | info, current_ev, end_buf, |
7307 | &iwe, (char *) info_element); | 7307 | &iwe, ie); |
7308 | break; | 7308 | break; |
7309 | 7309 | ||
7310 | default: | 7310 | default: |
7311 | break; | 7311 | break; |
7312 | } | 7312 | } |
7313 | 7313 | ||
7314 | length -= sizeof(*info_element) + info_element->len; | 7314 | length -= 2 + ie[1]; |
7315 | info_element = | 7315 | ie += 2 + ie[1]; |
7316 | (struct ieee80211_info_element *)&info_element-> | ||
7317 | data[info_element->len]; | ||
7318 | } | 7316 | } |
7319 | } | 7317 | } |
7320 | return current_ev; | 7318 | return current_ev; |
diff --git a/drivers/net/wireless/atmel.c b/drivers/net/wireless/atmel.c index d16931589f81..3962b553fbf1 100644 --- a/drivers/net/wireless/atmel.c +++ b/drivers/net/wireless/atmel.c | |||
@@ -67,7 +67,7 @@ | |||
67 | #include <linux/moduleparam.h> | 67 | #include <linux/moduleparam.h> |
68 | #include <linux/firmware.h> | 68 | #include <linux/firmware.h> |
69 | #include <linux/jiffies.h> | 69 | #include <linux/jiffies.h> |
70 | #include <net/ieee80211.h> | 70 | #include <linux/ieee80211.h> |
71 | #include "atmel.h" | 71 | #include "atmel.h" |
72 | 72 | ||
73 | #define DRIVER_MAJOR 0 | 73 | #define DRIVER_MAJOR 0 |
@@ -569,7 +569,7 @@ static void atmel_wmem32(struct atmel_private *priv, u16 pos, u32 data); | |||
569 | static void atmel_command_irq(struct atmel_private *priv); | 569 | static void atmel_command_irq(struct atmel_private *priv); |
570 | static int atmel_validate_channel(struct atmel_private *priv, int channel); | 570 | static int atmel_validate_channel(struct atmel_private *priv, int channel); |
571 | static void atmel_management_frame(struct atmel_private *priv, | 571 | static void atmel_management_frame(struct atmel_private *priv, |
572 | struct ieee80211_hdr_4addr *header, | 572 | struct ieee80211_hdr *header, |
573 | u16 frame_len, u8 rssi); | 573 | u16 frame_len, u8 rssi); |
574 | static void atmel_management_timer(u_long a); | 574 | static void atmel_management_timer(u_long a); |
575 | static void atmel_send_command(struct atmel_private *priv, int command, | 575 | static void atmel_send_command(struct atmel_private *priv, int command, |
@@ -577,7 +577,7 @@ static void atmel_send_command(struct atmel_private *priv, int command, | |||
577 | static int atmel_send_command_wait(struct atmel_private *priv, int command, | 577 | static int atmel_send_command_wait(struct atmel_private *priv, int command, |
578 | void *cmd, int cmd_size); | 578 | void *cmd, int cmd_size); |
579 | static void atmel_transmit_management_frame(struct atmel_private *priv, | 579 | static void atmel_transmit_management_frame(struct atmel_private *priv, |
580 | struct ieee80211_hdr_4addr *header, | 580 | struct ieee80211_hdr *header, |
581 | u8 *body, int body_len); | 581 | u8 *body, int body_len); |
582 | 582 | ||
583 | static u8 atmel_get_mib8(struct atmel_private *priv, u8 type, u8 index); | 583 | static u8 atmel_get_mib8(struct atmel_private *priv, u8 type, u8 index); |
@@ -785,7 +785,7 @@ static int start_tx(struct sk_buff *skb, struct net_device *dev) | |||
785 | { | 785 | { |
786 | static const u8 SNAP_RFC1024[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 }; | 786 | static const u8 SNAP_RFC1024[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 }; |
787 | struct atmel_private *priv = netdev_priv(dev); | 787 | struct atmel_private *priv = netdev_priv(dev); |
788 | struct ieee80211_hdr_4addr header; | 788 | struct ieee80211_hdr header; |
789 | unsigned long flags; | 789 | unsigned long flags; |
790 | u16 buff, frame_ctl, len = (ETH_ZLEN < skb->len) ? skb->len : ETH_ZLEN; | 790 | u16 buff, frame_ctl, len = (ETH_ZLEN < skb->len) ? skb->len : ETH_ZLEN; |
791 | 791 | ||
@@ -823,7 +823,7 @@ static int start_tx(struct sk_buff *skb, struct net_device *dev) | |||
823 | 823 | ||
824 | frame_ctl = IEEE80211_FTYPE_DATA; | 824 | frame_ctl = IEEE80211_FTYPE_DATA; |
825 | header.duration_id = 0; | 825 | header.duration_id = 0; |
826 | header.seq_ctl = 0; | 826 | header.seq_ctrl = 0; |
827 | if (priv->wep_is_on) | 827 | if (priv->wep_is_on) |
828 | frame_ctl |= IEEE80211_FCTL_PROTECTED; | 828 | frame_ctl |= IEEE80211_FCTL_PROTECTED; |
829 | if (priv->operating_mode == IW_MODE_ADHOC) { | 829 | if (priv->operating_mode == IW_MODE_ADHOC) { |
@@ -840,7 +840,7 @@ static int start_tx(struct sk_buff *skb, struct net_device *dev) | |||
840 | if (priv->use_wpa) | 840 | if (priv->use_wpa) |
841 | memcpy(&header.addr4, SNAP_RFC1024, 6); | 841 | memcpy(&header.addr4, SNAP_RFC1024, 6); |
842 | 842 | ||
843 | header.frame_ctl = cpu_to_le16(frame_ctl); | 843 | header.frame_control = cpu_to_le16(frame_ctl); |
844 | /* Copy the wireless header into the card */ | 844 | /* Copy the wireless header into the card */ |
845 | atmel_copy_to_card(dev, buff, (unsigned char *)&header, DATA_FRAME_WS_HEADER_SIZE); | 845 | atmel_copy_to_card(dev, buff, (unsigned char *)&header, DATA_FRAME_WS_HEADER_SIZE); |
846 | /* Copy the packet sans its 802.3 header addresses which have been replaced */ | 846 | /* Copy the packet sans its 802.3 header addresses which have been replaced */ |
@@ -860,7 +860,7 @@ static int start_tx(struct sk_buff *skb, struct net_device *dev) | |||
860 | } | 860 | } |
861 | 861 | ||
862 | static void atmel_transmit_management_frame(struct atmel_private *priv, | 862 | static void atmel_transmit_management_frame(struct atmel_private *priv, |
863 | struct ieee80211_hdr_4addr *header, | 863 | struct ieee80211_hdr *header, |
864 | u8 *body, int body_len) | 864 | u8 *body, int body_len) |
865 | { | 865 | { |
866 | u16 buff; | 866 | u16 buff; |
@@ -876,7 +876,7 @@ static void atmel_transmit_management_frame(struct atmel_private *priv, | |||
876 | } | 876 | } |
877 | 877 | ||
878 | static void fast_rx_path(struct atmel_private *priv, | 878 | static void fast_rx_path(struct atmel_private *priv, |
879 | struct ieee80211_hdr_4addr *header, | 879 | struct ieee80211_hdr *header, |
880 | u16 msdu_size, u16 rx_packet_loc, u32 crc) | 880 | u16 msdu_size, u16 rx_packet_loc, u32 crc) |
881 | { | 881 | { |
882 | /* fast path: unfragmented packet copy directly into skbuf */ | 882 | /* fast path: unfragmented packet copy directly into skbuf */ |
@@ -914,7 +914,7 @@ static void fast_rx_path(struct atmel_private *priv, | |||
914 | } | 914 | } |
915 | 915 | ||
916 | memcpy(skbp, header->addr1, 6); /* destination address */ | 916 | memcpy(skbp, header->addr1, 6); /* destination address */ |
917 | if (le16_to_cpu(header->frame_ctl) & IEEE80211_FCTL_FROMDS) | 917 | if (le16_to_cpu(header->frame_control) & IEEE80211_FCTL_FROMDS) |
918 | memcpy(&skbp[6], header->addr3, 6); | 918 | memcpy(&skbp[6], header->addr3, 6); |
919 | else | 919 | else |
920 | memcpy(&skbp[6], header->addr2, 6); /* source address */ | 920 | memcpy(&skbp[6], header->addr2, 6); /* source address */ |
@@ -949,7 +949,7 @@ static int probe_crc(struct atmel_private *priv, u16 packet_loc, u16 msdu_size) | |||
949 | } | 949 | } |
950 | 950 | ||
951 | static void frag_rx_path(struct atmel_private *priv, | 951 | static void frag_rx_path(struct atmel_private *priv, |
952 | struct ieee80211_hdr_4addr *header, | 952 | struct ieee80211_hdr *header, |
953 | u16 msdu_size, u16 rx_packet_loc, u32 crc, u16 seq_no, | 953 | u16 msdu_size, u16 rx_packet_loc, u32 crc, u16 seq_no, |
954 | u8 frag_no, int more_frags) | 954 | u8 frag_no, int more_frags) |
955 | { | 955 | { |
@@ -957,7 +957,7 @@ static void frag_rx_path(struct atmel_private *priv, | |||
957 | u8 source[6]; | 957 | u8 source[6]; |
958 | struct sk_buff *skb; | 958 | struct sk_buff *skb; |
959 | 959 | ||
960 | if (le16_to_cpu(header->frame_ctl) & IEEE80211_FCTL_FROMDS) | 960 | if (le16_to_cpu(header->frame_control) & IEEE80211_FCTL_FROMDS) |
961 | memcpy(source, header->addr3, 6); | 961 | memcpy(source, header->addr3, 6); |
962 | else | 962 | else |
963 | memcpy(source, header->addr2, 6); | 963 | memcpy(source, header->addr2, 6); |
@@ -1039,7 +1039,7 @@ static void frag_rx_path(struct atmel_private *priv, | |||
1039 | static void rx_done_irq(struct atmel_private *priv) | 1039 | static void rx_done_irq(struct atmel_private *priv) |
1040 | { | 1040 | { |
1041 | int i; | 1041 | int i; |
1042 | struct ieee80211_hdr_4addr header; | 1042 | struct ieee80211_hdr header; |
1043 | 1043 | ||
1044 | for (i = 0; | 1044 | for (i = 0; |
1045 | atmel_rmem8(priv, atmel_rx(priv, RX_DESC_FLAGS_OFFSET, priv->rx_desc_head)) == RX_DESC_FLAG_VALID && | 1045 | atmel_rmem8(priv, atmel_rx(priv, RX_DESC_FLAGS_OFFSET, priv->rx_desc_head)) == RX_DESC_FLAG_VALID && |
@@ -1066,10 +1066,10 @@ static void rx_done_irq(struct atmel_private *priv) | |||
1066 | goto next; | 1066 | goto next; |
1067 | } | 1067 | } |
1068 | 1068 | ||
1069 | /* Get header as far as end of seq_ctl */ | 1069 | /* Get header as far as end of seq_ctrl */ |
1070 | atmel_copy_to_host(priv->dev, (char *)&header, rx_packet_loc, 24); | 1070 | atmel_copy_to_host(priv->dev, (char *)&header, rx_packet_loc, 24); |
1071 | frame_ctl = le16_to_cpu(header.frame_ctl); | 1071 | frame_ctl = le16_to_cpu(header.frame_control); |
1072 | seq_control = le16_to_cpu(header.seq_ctl); | 1072 | seq_control = le16_to_cpu(header.seq_ctrl); |
1073 | 1073 | ||
1074 | /* probe for CRC use here if needed once five packets have | 1074 | /* probe for CRC use here if needed once five packets have |
1075 | arrived with the same crc status, we assume we know what's | 1075 | arrived with the same crc status, we assume we know what's |
@@ -1819,7 +1819,7 @@ static int atmel_set_encodeext(struct net_device *dev, | |||
1819 | /* Determine and validate the key index */ | 1819 | /* Determine and validate the key index */ |
1820 | idx = encoding->flags & IW_ENCODE_INDEX; | 1820 | idx = encoding->flags & IW_ENCODE_INDEX; |
1821 | if (idx) { | 1821 | if (idx) { |
1822 | if (idx < 1 || idx > WEP_KEYS) | 1822 | if (idx < 1 || idx > 4) |
1823 | return -EINVAL; | 1823 | return -EINVAL; |
1824 | idx--; | 1824 | idx--; |
1825 | } else | 1825 | } else |
@@ -1882,7 +1882,7 @@ static int atmel_get_encodeext(struct net_device *dev, | |||
1882 | 1882 | ||
1883 | idx = encoding->flags & IW_ENCODE_INDEX; | 1883 | idx = encoding->flags & IW_ENCODE_INDEX; |
1884 | if (idx) { | 1884 | if (idx) { |
1885 | if (idx < 1 || idx > WEP_KEYS) | 1885 | if (idx < 1 || idx > 4) |
1886 | return -EINVAL; | 1886 | return -EINVAL; |
1887 | idx--; | 1887 | idx--; |
1888 | } else | 1888 | } else |
@@ -2797,7 +2797,7 @@ static void handle_beacon_probe(struct atmel_private *priv, u16 capability, | |||
2797 | u8 channel) | 2797 | u8 channel) |
2798 | { | 2798 | { |
2799 | int rejoin = 0; | 2799 | int rejoin = 0; |
2800 | int new = capability & MFIE_TYPE_POWER_CONSTRAINT ? | 2800 | int new = capability & WLAN_CAPABILITY_SHORT_PREAMBLE ? |
2801 | SHORT_PREAMBLE : LONG_PREAMBLE; | 2801 | SHORT_PREAMBLE : LONG_PREAMBLE; |
2802 | 2802 | ||
2803 | if (priv->preamble != new) { | 2803 | if (priv->preamble != new) { |
@@ -2826,19 +2826,19 @@ static void handle_beacon_probe(struct atmel_private *priv, u16 capability, | |||
2826 | static void send_authentication_request(struct atmel_private *priv, u16 system, | 2826 | static void send_authentication_request(struct atmel_private *priv, u16 system, |
2827 | u8 *challenge, int challenge_len) | 2827 | u8 *challenge, int challenge_len) |
2828 | { | 2828 | { |
2829 | struct ieee80211_hdr_4addr header; | 2829 | struct ieee80211_hdr header; |
2830 | struct auth_body auth; | 2830 | struct auth_body auth; |
2831 | 2831 | ||
2832 | header.frame_ctl = cpu_to_le16(IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_AUTH); | 2832 | header.frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_AUTH); |
2833 | header.duration_id = cpu_to_le16(0x8000); | 2833 | header.duration_id = cpu_to_le16(0x8000); |
2834 | header.seq_ctl = 0; | 2834 | header.seq_ctrl = 0; |
2835 | memcpy(header.addr1, priv->CurrentBSSID, 6); | 2835 | memcpy(header.addr1, priv->CurrentBSSID, 6); |
2836 | memcpy(header.addr2, priv->dev->dev_addr, 6); | 2836 | memcpy(header.addr2, priv->dev->dev_addr, 6); |
2837 | memcpy(header.addr3, priv->CurrentBSSID, 6); | 2837 | memcpy(header.addr3, priv->CurrentBSSID, 6); |
2838 | 2838 | ||
2839 | if (priv->wep_is_on && priv->CurrentAuthentTransactionSeqNum != 1) | 2839 | if (priv->wep_is_on && priv->CurrentAuthentTransactionSeqNum != 1) |
2840 | /* no WEP for authentication frames with TrSeqNo 1 */ | 2840 | /* no WEP for authentication frames with TrSeqNo 1 */ |
2841 | header.frame_ctl |= cpu_to_le16(IEEE80211_FCTL_PROTECTED); | 2841 | header.frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED); |
2842 | 2842 | ||
2843 | auth.alg = cpu_to_le16(system); | 2843 | auth.alg = cpu_to_le16(system); |
2844 | 2844 | ||
@@ -2861,7 +2861,7 @@ static void send_association_request(struct atmel_private *priv, int is_reassoc) | |||
2861 | { | 2861 | { |
2862 | u8 *ssid_el_p; | 2862 | u8 *ssid_el_p; |
2863 | int bodysize; | 2863 | int bodysize; |
2864 | struct ieee80211_hdr_4addr header; | 2864 | struct ieee80211_hdr header; |
2865 | struct ass_req_format { | 2865 | struct ass_req_format { |
2866 | __le16 capability; | 2866 | __le16 capability; |
2867 | __le16 listen_interval; | 2867 | __le16 listen_interval; |
@@ -2874,10 +2874,10 @@ static void send_association_request(struct atmel_private *priv, int is_reassoc) | |||
2874 | u8 rates[4]; | 2874 | u8 rates[4]; |
2875 | } body; | 2875 | } body; |
2876 | 2876 | ||
2877 | header.frame_ctl = cpu_to_le16(IEEE80211_FTYPE_MGMT | | 2877 | header.frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | |
2878 | (is_reassoc ? IEEE80211_STYPE_REASSOC_REQ : IEEE80211_STYPE_ASSOC_REQ)); | 2878 | (is_reassoc ? IEEE80211_STYPE_REASSOC_REQ : IEEE80211_STYPE_ASSOC_REQ)); |
2879 | header.duration_id = cpu_to_le16(0x8000); | 2879 | header.duration_id = cpu_to_le16(0x8000); |
2880 | header.seq_ctl = 0; | 2880 | header.seq_ctrl = 0; |
2881 | 2881 | ||
2882 | memcpy(header.addr1, priv->CurrentBSSID, 6); | 2882 | memcpy(header.addr1, priv->CurrentBSSID, 6); |
2883 | memcpy(header.addr2, priv->dev->dev_addr, 6); | 2883 | memcpy(header.addr2, priv->dev->dev_addr, 6); |
@@ -2887,7 +2887,7 @@ static void send_association_request(struct atmel_private *priv, int is_reassoc) | |||
2887 | if (priv->wep_is_on) | 2887 | if (priv->wep_is_on) |
2888 | body.capability |= cpu_to_le16(WLAN_CAPABILITY_PRIVACY); | 2888 | body.capability |= cpu_to_le16(WLAN_CAPABILITY_PRIVACY); |
2889 | if (priv->preamble == SHORT_PREAMBLE) | 2889 | if (priv->preamble == SHORT_PREAMBLE) |
2890 | body.capability |= cpu_to_le16(MFIE_TYPE_POWER_CONSTRAINT); | 2890 | body.capability |= cpu_to_le16(WLAN_CAPABILITY_SHORT_PREAMBLE); |
2891 | 2891 | ||
2892 | body.listen_interval = cpu_to_le16(priv->listen_interval * priv->beacon_period); | 2892 | body.listen_interval = cpu_to_le16(priv->listen_interval * priv->beacon_period); |
2893 | 2893 | ||
@@ -2901,10 +2901,10 @@ static void send_association_request(struct atmel_private *priv, int is_reassoc) | |||
2901 | bodysize = 12 + priv->SSID_size; | 2901 | bodysize = 12 + priv->SSID_size; |
2902 | } | 2902 | } |
2903 | 2903 | ||
2904 | ssid_el_p[0] = MFIE_TYPE_SSID; | 2904 | ssid_el_p[0] = WLAN_EID_SSID; |
2905 | ssid_el_p[1] = priv->SSID_size; | 2905 | ssid_el_p[1] = priv->SSID_size; |
2906 | memcpy(ssid_el_p + 2, priv->SSID, priv->SSID_size); | 2906 | memcpy(ssid_el_p + 2, priv->SSID, priv->SSID_size); |
2907 | ssid_el_p[2 + priv->SSID_size] = MFIE_TYPE_RATES; | 2907 | ssid_el_p[2 + priv->SSID_size] = WLAN_EID_SUPP_RATES; |
2908 | ssid_el_p[3 + priv->SSID_size] = 4; /* len of suported rates */ | 2908 | ssid_el_p[3 + priv->SSID_size] = 4; /* len of suported rates */ |
2909 | memcpy(ssid_el_p + 4 + priv->SSID_size, atmel_basic_rates, 4); | 2909 | memcpy(ssid_el_p + 4 + priv->SSID_size, atmel_basic_rates, 4); |
2910 | 2910 | ||
@@ -2912,9 +2912,9 @@ static void send_association_request(struct atmel_private *priv, int is_reassoc) | |||
2912 | } | 2912 | } |
2913 | 2913 | ||
2914 | static int is_frame_from_current_bss(struct atmel_private *priv, | 2914 | static int is_frame_from_current_bss(struct atmel_private *priv, |
2915 | struct ieee80211_hdr_4addr *header) | 2915 | struct ieee80211_hdr *header) |
2916 | { | 2916 | { |
2917 | if (le16_to_cpu(header->frame_ctl) & IEEE80211_FCTL_FROMDS) | 2917 | if (le16_to_cpu(header->frame_control) & IEEE80211_FCTL_FROMDS) |
2918 | return memcmp(header->addr3, priv->CurrentBSSID, 6) == 0; | 2918 | return memcmp(header->addr3, priv->CurrentBSSID, 6) == 0; |
2919 | else | 2919 | else |
2920 | return memcmp(header->addr2, priv->CurrentBSSID, 6) == 0; | 2920 | return memcmp(header->addr2, priv->CurrentBSSID, 6) == 0; |
@@ -2962,7 +2962,7 @@ static int retrieve_bss(struct atmel_private *priv) | |||
2962 | } | 2962 | } |
2963 | 2963 | ||
2964 | static void store_bss_info(struct atmel_private *priv, | 2964 | static void store_bss_info(struct atmel_private *priv, |
2965 | struct ieee80211_hdr_4addr *header, u16 capability, | 2965 | struct ieee80211_hdr *header, u16 capability, |
2966 | u16 beacon_period, u8 channel, u8 rssi, u8 ssid_len, | 2966 | u16 beacon_period, u8 channel, u8 rssi, u8 ssid_len, |
2967 | u8 *ssid, int is_beacon) | 2967 | u8 *ssid, int is_beacon) |
2968 | { | 2968 | { |
@@ -3001,7 +3001,7 @@ static void store_bss_info(struct atmel_private *priv, | |||
3001 | else if (capability & WLAN_CAPABILITY_ESS) | 3001 | else if (capability & WLAN_CAPABILITY_ESS) |
3002 | priv->BSSinfo[index].BSStype =IW_MODE_INFRA; | 3002 | priv->BSSinfo[index].BSStype =IW_MODE_INFRA; |
3003 | 3003 | ||
3004 | priv->BSSinfo[index].preamble = capability & MFIE_TYPE_POWER_CONSTRAINT ? | 3004 | priv->BSSinfo[index].preamble = capability & WLAN_CAPABILITY_SHORT_PREAMBLE ? |
3005 | SHORT_PREAMBLE : LONG_PREAMBLE; | 3005 | SHORT_PREAMBLE : LONG_PREAMBLE; |
3006 | } | 3006 | } |
3007 | 3007 | ||
@@ -3037,7 +3037,7 @@ static void authenticate(struct atmel_private *priv, u16 frame_len) | |||
3037 | } | 3037 | } |
3038 | } else if (system == WLAN_AUTH_SHARED_KEY) { | 3038 | } else if (system == WLAN_AUTH_SHARED_KEY) { |
3039 | if (trans_seq_no == 0x0002 && | 3039 | if (trans_seq_no == 0x0002 && |
3040 | auth->el_id == MFIE_TYPE_CHALLENGE) { | 3040 | auth->el_id == WLAN_EID_CHALLENGE) { |
3041 | send_authentication_request(priv, system, auth->chall_text, auth->chall_text_len); | 3041 | send_authentication_request(priv, system, auth->chall_text, auth->chall_text_len); |
3042 | return; | 3042 | return; |
3043 | } else if (trans_seq_no == 0x0004) { | 3043 | } else if (trans_seq_no == 0x0004) { |
@@ -3288,12 +3288,12 @@ static void atmel_smooth_qual(struct atmel_private *priv) | |||
3288 | 3288 | ||
3289 | /* deals with incoming managment frames. */ | 3289 | /* deals with incoming managment frames. */ |
3290 | static void atmel_management_frame(struct atmel_private *priv, | 3290 | static void atmel_management_frame(struct atmel_private *priv, |
3291 | struct ieee80211_hdr_4addr *header, | 3291 | struct ieee80211_hdr *header, |
3292 | u16 frame_len, u8 rssi) | 3292 | u16 frame_len, u8 rssi) |
3293 | { | 3293 | { |
3294 | u16 subtype; | 3294 | u16 subtype; |
3295 | 3295 | ||
3296 | subtype = le16_to_cpu(header->frame_ctl) & IEEE80211_FCTL_STYPE; | 3296 | subtype = le16_to_cpu(header->frame_control) & IEEE80211_FCTL_STYPE; |
3297 | switch (subtype) { | 3297 | switch (subtype) { |
3298 | case IEEE80211_STYPE_BEACON: | 3298 | case IEEE80211_STYPE_BEACON: |
3299 | case IEEE80211_STYPE_PROBE_RESP: | 3299 | case IEEE80211_STYPE_PROBE_RESP: |
diff --git a/drivers/net/wireless/libertas/assoc.c b/drivers/net/wireless/libertas/assoc.c index 92863780286f..a0e440cd8967 100644 --- a/drivers/net/wireless/libertas/assoc.c +++ b/drivers/net/wireless/libertas/assoc.c | |||
@@ -2,6 +2,8 @@ | |||
2 | 2 | ||
3 | #include <linux/types.h> | 3 | #include <linux/types.h> |
4 | #include <linux/etherdevice.h> | 4 | #include <linux/etherdevice.h> |
5 | #include <linux/ieee80211.h> | ||
6 | #include <linux/if_arp.h> | ||
5 | #include <net/lib80211.h> | 7 | #include <net/lib80211.h> |
6 | 8 | ||
7 | #include "assoc.h" | 9 | #include "assoc.h" |
@@ -341,12 +343,12 @@ static int lbs_adhoc_start(struct lbs_private *priv, | |||
341 | WARN_ON(!assoc_req->channel); | 343 | WARN_ON(!assoc_req->channel); |
342 | 344 | ||
343 | /* set Physical parameter set */ | 345 | /* set Physical parameter set */ |
344 | cmd.phyparamset.dsparamset.elementid = MFIE_TYPE_DS_SET; | 346 | cmd.phyparamset.dsparamset.elementid = WLAN_EID_DS_PARAMS; |
345 | cmd.phyparamset.dsparamset.len = 1; | 347 | cmd.phyparamset.dsparamset.len = 1; |
346 | cmd.phyparamset.dsparamset.currentchan = assoc_req->channel; | 348 | cmd.phyparamset.dsparamset.currentchan = assoc_req->channel; |
347 | 349 | ||
348 | /* set IBSS parameter set */ | 350 | /* set IBSS parameter set */ |
349 | cmd.ssparamset.ibssparamset.elementid = MFIE_TYPE_IBSS_SET; | 351 | cmd.ssparamset.ibssparamset.elementid = WLAN_EID_IBSS_PARAMS; |
350 | cmd.ssparamset.ibssparamset.len = 2; | 352 | cmd.ssparamset.ibssparamset.len = 2; |
351 | cmd.ssparamset.ibssparamset.atimwindow = 0; | 353 | cmd.ssparamset.ibssparamset.atimwindow = 0; |
352 | 354 | ||
@@ -430,8 +432,8 @@ static inline int match_bss_no_security(struct lbs_802_11_security *secinfo, | |||
430 | { | 432 | { |
431 | if (!secinfo->wep_enabled && !secinfo->WPAenabled | 433 | if (!secinfo->wep_enabled && !secinfo->WPAenabled |
432 | && !secinfo->WPA2enabled | 434 | && !secinfo->WPA2enabled |
433 | && match_bss->wpa_ie[0] != MFIE_TYPE_GENERIC | 435 | && match_bss->wpa_ie[0] != WLAN_EID_GENERIC |
434 | && match_bss->rsn_ie[0] != MFIE_TYPE_RSN | 436 | && match_bss->rsn_ie[0] != WLAN_EID_RSN |
435 | && !(match_bss->capability & WLAN_CAPABILITY_PRIVACY)) | 437 | && !(match_bss->capability & WLAN_CAPABILITY_PRIVACY)) |
436 | return 1; | 438 | return 1; |
437 | else | 439 | else |
@@ -453,7 +455,7 @@ static inline int match_bss_wpa(struct lbs_802_11_security *secinfo, | |||
453 | struct bss_descriptor *match_bss) | 455 | struct bss_descriptor *match_bss) |
454 | { | 456 | { |
455 | if (!secinfo->wep_enabled && secinfo->WPAenabled | 457 | if (!secinfo->wep_enabled && secinfo->WPAenabled |
456 | && (match_bss->wpa_ie[0] == MFIE_TYPE_GENERIC) | 458 | && (match_bss->wpa_ie[0] == WLAN_EID_GENERIC) |
457 | /* privacy bit may NOT be set in some APs like LinkSys WRT54G | 459 | /* privacy bit may NOT be set in some APs like LinkSys WRT54G |
458 | && (match_bss->capability & WLAN_CAPABILITY_PRIVACY) */ | 460 | && (match_bss->capability & WLAN_CAPABILITY_PRIVACY) */ |
459 | ) | 461 | ) |
@@ -466,7 +468,7 @@ static inline int match_bss_wpa2(struct lbs_802_11_security *secinfo, | |||
466 | struct bss_descriptor *match_bss) | 468 | struct bss_descriptor *match_bss) |
467 | { | 469 | { |
468 | if (!secinfo->wep_enabled && secinfo->WPA2enabled && | 470 | if (!secinfo->wep_enabled && secinfo->WPA2enabled && |
469 | (match_bss->rsn_ie[0] == MFIE_TYPE_RSN) | 471 | (match_bss->rsn_ie[0] == WLAN_EID_RSN) |
470 | /* privacy bit may NOT be set in some APs like LinkSys WRT54G | 472 | /* privacy bit may NOT be set in some APs like LinkSys WRT54G |
471 | (match_bss->capability & WLAN_CAPABILITY_PRIVACY) */ | 473 | (match_bss->capability & WLAN_CAPABILITY_PRIVACY) */ |
472 | ) | 474 | ) |
@@ -480,8 +482,8 @@ static inline int match_bss_dynamic_wep(struct lbs_802_11_security *secinfo, | |||
480 | { | 482 | { |
481 | if (!secinfo->wep_enabled && !secinfo->WPAenabled | 483 | if (!secinfo->wep_enabled && !secinfo->WPAenabled |
482 | && !secinfo->WPA2enabled | 484 | && !secinfo->WPA2enabled |
483 | && (match_bss->wpa_ie[0] != MFIE_TYPE_GENERIC) | 485 | && (match_bss->wpa_ie[0] != WLAN_EID_GENERIC) |
484 | && (match_bss->rsn_ie[0] != MFIE_TYPE_RSN) | 486 | && (match_bss->rsn_ie[0] != WLAN_EID_RSN) |
485 | && (match_bss->capability & WLAN_CAPABILITY_PRIVACY)) | 487 | && (match_bss->capability & WLAN_CAPABILITY_PRIVACY)) |
486 | return 1; | 488 | return 1; |
487 | else | 489 | else |
diff --git a/drivers/net/wireless/libertas/cmd.c b/drivers/net/wireless/libertas/cmd.c index 38843c8b919c..957fd5a10a8d 100644 --- a/drivers/net/wireless/libertas/cmd.c +++ b/drivers/net/wireless/libertas/cmd.c | |||
@@ -5,7 +5,6 @@ | |||
5 | 5 | ||
6 | #include <net/iw_handler.h> | 6 | #include <net/iw_handler.h> |
7 | #include <net/lib80211.h> | 7 | #include <net/lib80211.h> |
8 | #include <net/ieee80211.h> | ||
9 | #include <linux/kfifo.h> | 8 | #include <linux/kfifo.h> |
10 | #include "host.h" | 9 | #include "host.h" |
11 | #include "hostcmd.h" | 10 | #include "hostcmd.h" |
@@ -1071,7 +1070,7 @@ int lbs_mesh_config(struct lbs_private *priv, uint16_t action, uint16_t chan) | |||
1071 | 1070 | ||
1072 | switch (action) { | 1071 | switch (action) { |
1073 | case CMD_ACT_MESH_CONFIG_START: | 1072 | case CMD_ACT_MESH_CONFIG_START: |
1074 | ie->hdr.id = MFIE_TYPE_GENERIC; | 1073 | ie->id = WLAN_EID_GENERIC; |
1075 | ie->val.oui[0] = 0x00; | 1074 | ie->val.oui[0] = 0x00; |
1076 | ie->val.oui[1] = 0x50; | 1075 | ie->val.oui[1] = 0x50; |
1077 | ie->val.oui[2] = 0x43; | 1076 | ie->val.oui[2] = 0x43; |
@@ -1083,7 +1082,7 @@ int lbs_mesh_config(struct lbs_private *priv, uint16_t action, uint16_t chan) | |||
1083 | ie->val.mesh_capability = MARVELL_MESH_CAPABILITY; | 1082 | ie->val.mesh_capability = MARVELL_MESH_CAPABILITY; |
1084 | ie->val.mesh_id_len = priv->mesh_ssid_len; | 1083 | ie->val.mesh_id_len = priv->mesh_ssid_len; |
1085 | memcpy(ie->val.mesh_id, priv->mesh_ssid, priv->mesh_ssid_len); | 1084 | memcpy(ie->val.mesh_id, priv->mesh_ssid, priv->mesh_ssid_len); |
1086 | ie->hdr.len = sizeof(struct mrvl_meshie_val) - | 1085 | ie->len = sizeof(struct mrvl_meshie_val) - |
1087 | IW_ESSID_MAX_SIZE + priv->mesh_ssid_len; | 1086 | IW_ESSID_MAX_SIZE + priv->mesh_ssid_len; |
1088 | cmd.length = cpu_to_le16(sizeof(struct mrvl_meshie_val)); | 1087 | cmd.length = cpu_to_le16(sizeof(struct mrvl_meshie_val)); |
1089 | break; | 1088 | break; |
diff --git a/drivers/net/wireless/libertas/dev.h b/drivers/net/wireless/libertas/dev.h index f6f3753da303..dd682c4cfde8 100644 --- a/drivers/net/wireless/libertas/dev.h +++ b/drivers/net/wireless/libertas/dev.h | |||
@@ -10,7 +10,6 @@ | |||
10 | #include <linux/wireless.h> | 10 | #include <linux/wireless.h> |
11 | #include <linux/ethtool.h> | 11 | #include <linux/ethtool.h> |
12 | #include <linux/debugfs.h> | 12 | #include <linux/debugfs.h> |
13 | #include <net/ieee80211.h> | ||
14 | 13 | ||
15 | #include "defs.h" | 14 | #include "defs.h" |
16 | #include "hostcmd.h" | 15 | #include "hostcmd.h" |
@@ -278,6 +277,12 @@ struct lbs_private { | |||
278 | struct enc_key wpa_mcast_key; | 277 | struct enc_key wpa_mcast_key; |
279 | struct enc_key wpa_unicast_key; | 278 | struct enc_key wpa_unicast_key; |
280 | 279 | ||
280 | /* | ||
281 | * In theory, the IE is limited to the IE length, 255, | ||
282 | * but in practice 64 bytes are enough. | ||
283 | */ | ||
284 | #define MAX_WPA_IE_LEN 64 | ||
285 | |||
281 | /** WPA Information Elements*/ | 286 | /** WPA Information Elements*/ |
282 | u8 wpa_ie[MAX_WPA_IE_LEN]; | 287 | u8 wpa_ie[MAX_WPA_IE_LEN]; |
283 | u8 wpa_ie_len; | 288 | u8 wpa_ie_len; |
diff --git a/drivers/net/wireless/libertas/main.c b/drivers/net/wireless/libertas/main.c index 7a1e8b62abf4..241af7fe44bb 100644 --- a/drivers/net/wireless/libertas/main.c +++ b/drivers/net/wireless/libertas/main.c | |||
@@ -12,9 +12,8 @@ | |||
12 | #include <linux/kthread.h> | 12 | #include <linux/kthread.h> |
13 | #include <linux/kfifo.h> | 13 | #include <linux/kfifo.h> |
14 | #include <linux/stddef.h> | 14 | #include <linux/stddef.h> |
15 | 15 | #include <linux/ieee80211.h> | |
16 | #include <net/iw_handler.h> | 16 | #include <net/iw_handler.h> |
17 | #include <net/ieee80211.h> | ||
18 | 17 | ||
19 | #include "host.h" | 18 | #include "host.h" |
20 | #include "decl.h" | 19 | #include "decl.h" |
diff --git a/drivers/net/wireless/libertas/persistcfg.c b/drivers/net/wireless/libertas/persistcfg.c index 3309a9c3cfef..56e2401cc768 100644 --- a/drivers/net/wireless/libertas/persistcfg.c +++ b/drivers/net/wireless/libertas/persistcfg.c | |||
@@ -233,7 +233,7 @@ static ssize_t mesh_id_set(struct device *dev, struct device_attribute *attr, | |||
233 | /* SSID len */ | 233 | /* SSID len */ |
234 | ie->val.mesh_id_len = len; | 234 | ie->val.mesh_id_len = len; |
235 | /* IE len */ | 235 | /* IE len */ |
236 | ie->hdr.len = sizeof(struct mrvl_meshie_val) - IW_ESSID_MAX_SIZE + len; | 236 | ie->len = sizeof(struct mrvl_meshie_val) - IW_ESSID_MAX_SIZE + len; |
237 | 237 | ||
238 | ret = lbs_mesh_config_send(priv, &cmd, CMD_ACT_MESH_CONFIG_SET, | 238 | ret = lbs_mesh_config_send(priv, &cmd, CMD_ACT_MESH_CONFIG_SET, |
239 | CMD_TYPE_MESH_SET_MESH_IE); | 239 | CMD_TYPE_MESH_SET_MESH_IE); |
diff --git a/drivers/net/wireless/libertas/scan.c b/drivers/net/wireless/libertas/scan.c index 5c34ac588189..93f74763a010 100644 --- a/drivers/net/wireless/libertas/scan.c +++ b/drivers/net/wireless/libertas/scan.c | |||
@@ -6,8 +6,8 @@ | |||
6 | */ | 6 | */ |
7 | #include <linux/types.h> | 7 | #include <linux/types.h> |
8 | #include <linux/etherdevice.h> | 8 | #include <linux/etherdevice.h> |
9 | #include <linux/if_arp.h> | ||
9 | #include <asm/unaligned.h> | 10 | #include <asm/unaligned.h> |
10 | |||
11 | #include <net/lib80211.h> | 11 | #include <net/lib80211.h> |
12 | 12 | ||
13 | #include "host.h" | 13 | #include "host.h" |
@@ -55,6 +55,8 @@ | |||
55 | //! Scan time specified in the channel TLV for each channel for active scans | 55 | //! Scan time specified in the channel TLV for each channel for active scans |
56 | #define MRVDRV_ACTIVE_SCAN_CHAN_TIME 100 | 56 | #define MRVDRV_ACTIVE_SCAN_CHAN_TIME 100 |
57 | 57 | ||
58 | #define DEFAULT_MAX_SCAN_AGE (15 * HZ) | ||
59 | |||
58 | static int lbs_ret_80211_scan(struct lbs_private *priv, unsigned long dummy, | 60 | static int lbs_ret_80211_scan(struct lbs_private *priv, unsigned long dummy, |
59 | struct cmd_header *resp); | 61 | struct cmd_header *resp); |
60 | 62 | ||
@@ -591,38 +593,36 @@ static int lbs_process_bss(struct bss_descriptor *bss, | |||
591 | 593 | ||
592 | /* process variable IE */ | 594 | /* process variable IE */ |
593 | while (pos <= end - 2) { | 595 | while (pos <= end - 2) { |
594 | struct ieee80211_info_element * elem = (void *)pos; | 596 | if (pos + pos[1] > end) { |
595 | |||
596 | if (pos + elem->len > end) { | ||
597 | lbs_deb_scan("process_bss: error in processing IE, " | 597 | lbs_deb_scan("process_bss: error in processing IE, " |
598 | "bytes left < IE length\n"); | 598 | "bytes left < IE length\n"); |
599 | break; | 599 | break; |
600 | } | 600 | } |
601 | 601 | ||
602 | switch (elem->id) { | 602 | switch (pos[0]) { |
603 | case MFIE_TYPE_SSID: | 603 | case WLAN_EID_SSID: |
604 | bss->ssid_len = min_t(int, 32, elem->len); | 604 | bss->ssid_len = min_t(int, IEEE80211_MAX_SSID_LEN, pos[1]); |
605 | memcpy(bss->ssid, elem->data, bss->ssid_len); | 605 | memcpy(bss->ssid, pos + 2, bss->ssid_len); |
606 | lbs_deb_scan("got SSID IE: '%s', len %u\n", | 606 | lbs_deb_scan("got SSID IE: '%s', len %u\n", |
607 | print_ssid(ssid, bss->ssid, bss->ssid_len), | 607 | print_ssid(ssid, bss->ssid, bss->ssid_len), |
608 | bss->ssid_len); | 608 | bss->ssid_len); |
609 | break; | 609 | break; |
610 | 610 | ||
611 | case MFIE_TYPE_RATES: | 611 | case WLAN_EID_SUPP_RATES: |
612 | n_basic_rates = min_t(uint8_t, MAX_RATES, elem->len); | 612 | n_basic_rates = min_t(uint8_t, MAX_RATES, pos[1]); |
613 | memcpy(bss->rates, elem->data, n_basic_rates); | 613 | memcpy(bss->rates, pos + 2, n_basic_rates); |
614 | got_basic_rates = 1; | 614 | got_basic_rates = 1; |
615 | lbs_deb_scan("got RATES IE\n"); | 615 | lbs_deb_scan("got RATES IE\n"); |
616 | break; | 616 | break; |
617 | 617 | ||
618 | case MFIE_TYPE_FH_SET: | 618 | case WLAN_EID_FH_PARAMS: |
619 | pFH = (struct ieeetypes_fhparamset *) pos; | 619 | pFH = (struct ieeetypes_fhparamset *) pos; |
620 | memmove(&bss->phyparamset.fhparamset, pFH, | 620 | memmove(&bss->phyparamset.fhparamset, pFH, |
621 | sizeof(struct ieeetypes_fhparamset)); | 621 | sizeof(struct ieeetypes_fhparamset)); |
622 | lbs_deb_scan("got FH IE\n"); | 622 | lbs_deb_scan("got FH IE\n"); |
623 | break; | 623 | break; |
624 | 624 | ||
625 | case MFIE_TYPE_DS_SET: | 625 | case WLAN_EID_DS_PARAMS: |
626 | pDS = (struct ieeetypes_dsparamset *) pos; | 626 | pDS = (struct ieeetypes_dsparamset *) pos; |
627 | bss->channel = pDS->currentchan; | 627 | bss->channel = pDS->currentchan; |
628 | memcpy(&bss->phyparamset.dsparamset, pDS, | 628 | memcpy(&bss->phyparamset.dsparamset, pDS, |
@@ -630,14 +630,14 @@ static int lbs_process_bss(struct bss_descriptor *bss, | |||
630 | lbs_deb_scan("got DS IE, channel %d\n", bss->channel); | 630 | lbs_deb_scan("got DS IE, channel %d\n", bss->channel); |
631 | break; | 631 | break; |
632 | 632 | ||
633 | case MFIE_TYPE_CF_SET: | 633 | case WLAN_EID_CF_PARAMS: |
634 | pCF = (struct ieeetypes_cfparamset *) pos; | 634 | pCF = (struct ieeetypes_cfparamset *) pos; |
635 | memcpy(&bss->ssparamset.cfparamset, pCF, | 635 | memcpy(&bss->ssparamset.cfparamset, pCF, |
636 | sizeof(struct ieeetypes_cfparamset)); | 636 | sizeof(struct ieeetypes_cfparamset)); |
637 | lbs_deb_scan("got CF IE\n"); | 637 | lbs_deb_scan("got CF IE\n"); |
638 | break; | 638 | break; |
639 | 639 | ||
640 | case MFIE_TYPE_IBSS_SET: | 640 | case WLAN_EID_IBSS_PARAMS: |
641 | pibss = (struct ieeetypes_ibssparamset *) pos; | 641 | pibss = (struct ieeetypes_ibssparamset *) pos; |
642 | bss->atimwindow = le16_to_cpu(pibss->atimwindow); | 642 | bss->atimwindow = le16_to_cpu(pibss->atimwindow); |
643 | memmove(&bss->ssparamset.ibssparamset, pibss, | 643 | memmove(&bss->ssparamset.ibssparamset, pibss, |
@@ -645,7 +645,7 @@ static int lbs_process_bss(struct bss_descriptor *bss, | |||
645 | lbs_deb_scan("got IBSS IE\n"); | 645 | lbs_deb_scan("got IBSS IE\n"); |
646 | break; | 646 | break; |
647 | 647 | ||
648 | case MFIE_TYPE_COUNTRY: | 648 | case WLAN_EID_COUNTRY: |
649 | pcountryinfo = (struct ieeetypes_countryinfoset *) pos; | 649 | pcountryinfo = (struct ieeetypes_countryinfoset *) pos; |
650 | lbs_deb_scan("got COUNTRY IE\n"); | 650 | lbs_deb_scan("got COUNTRY IE\n"); |
651 | if (pcountryinfo->len < sizeof(pcountryinfo->countrycode) | 651 | if (pcountryinfo->len < sizeof(pcountryinfo->countrycode) |
@@ -662,7 +662,7 @@ static int lbs_process_bss(struct bss_descriptor *bss, | |||
662 | (int) (pcountryinfo->len + 2)); | 662 | (int) (pcountryinfo->len + 2)); |
663 | break; | 663 | break; |
664 | 664 | ||
665 | case MFIE_TYPE_RATES_EX: | 665 | case WLAN_EID_EXT_SUPP_RATES: |
666 | /* only process extended supported rate if data rate is | 666 | /* only process extended supported rate if data rate is |
667 | * already found. Data rate IE should come before | 667 | * already found. Data rate IE should come before |
668 | * extended supported rate IE | 668 | * extended supported rate IE |
@@ -673,50 +673,51 @@ static int lbs_process_bss(struct bss_descriptor *bss, | |||
673 | break; | 673 | break; |
674 | } | 674 | } |
675 | 675 | ||
676 | n_ex_rates = elem->len; | 676 | n_ex_rates = pos[1]; |
677 | if (n_basic_rates + n_ex_rates > MAX_RATES) | 677 | if (n_basic_rates + n_ex_rates > MAX_RATES) |
678 | n_ex_rates = MAX_RATES - n_basic_rates; | 678 | n_ex_rates = MAX_RATES - n_basic_rates; |
679 | 679 | ||
680 | p = bss->rates + n_basic_rates; | 680 | p = bss->rates + n_basic_rates; |
681 | memcpy(p, elem->data, n_ex_rates); | 681 | memcpy(p, pos + 2, n_ex_rates); |
682 | break; | 682 | break; |
683 | 683 | ||
684 | case MFIE_TYPE_GENERIC: | 684 | case WLAN_EID_GENERIC: |
685 | if (elem->len >= 4 && | 685 | if (pos[1] >= 4 && |
686 | elem->data[0] == 0x00 && elem->data[1] == 0x50 && | 686 | pos[2] == 0x00 && pos[3] == 0x50 && |
687 | elem->data[2] == 0xf2 && elem->data[3] == 0x01) { | 687 | pos[4] == 0xf2 && pos[5] == 0x01) { |
688 | bss->wpa_ie_len = min(elem->len + 2, MAX_WPA_IE_LEN); | 688 | bss->wpa_ie_len = min(pos[1] + 2, MAX_WPA_IE_LEN); |
689 | memcpy(bss->wpa_ie, elem, bss->wpa_ie_len); | 689 | memcpy(bss->wpa_ie, pos, bss->wpa_ie_len); |
690 | lbs_deb_scan("got WPA IE\n"); | 690 | lbs_deb_scan("got WPA IE\n"); |
691 | lbs_deb_hex(LBS_DEB_SCAN, "WPA IE", bss->wpa_ie, elem->len); | 691 | lbs_deb_hex(LBS_DEB_SCAN, "WPA IE", bss->wpa_ie, |
692 | } else if (elem->len >= MARVELL_MESH_IE_LENGTH && | 692 | bss->wpa_ie_len); |
693 | elem->data[0] == 0x00 && elem->data[1] == 0x50 && | 693 | } else if (pos[1] >= MARVELL_MESH_IE_LENGTH && |
694 | elem->data[2] == 0x43 && elem->data[3] == 0x04) { | 694 | pos[2] == 0x00 && pos[3] == 0x50 && |
695 | pos[4] == 0x43 && pos[4] == 0x04) { | ||
695 | lbs_deb_scan("got mesh IE\n"); | 696 | lbs_deb_scan("got mesh IE\n"); |
696 | bss->mesh = 1; | 697 | bss->mesh = 1; |
697 | } else { | 698 | } else { |
698 | lbs_deb_scan("got generic IE: %02x:%02x:%02x:%02x, len %d\n", | 699 | lbs_deb_scan("got generic IE: %02x:%02x:%02x:%02x, len %d\n", |
699 | elem->data[0], elem->data[1], | 700 | pos[2], pos[3], |
700 | elem->data[2], elem->data[3], | 701 | pos[4], pos[5], |
701 | elem->len); | 702 | pos[1]); |
702 | } | 703 | } |
703 | break; | 704 | break; |
704 | 705 | ||
705 | case MFIE_TYPE_RSN: | 706 | case WLAN_EID_RSN: |
706 | lbs_deb_scan("got RSN IE\n"); | 707 | lbs_deb_scan("got RSN IE\n"); |
707 | bss->rsn_ie_len = min(elem->len + 2, MAX_WPA_IE_LEN); | 708 | bss->rsn_ie_len = min(pos[1] + 2, MAX_WPA_IE_LEN); |
708 | memcpy(bss->rsn_ie, elem, bss->rsn_ie_len); | 709 | memcpy(bss->rsn_ie, pos, bss->rsn_ie_len); |
709 | lbs_deb_hex(LBS_DEB_SCAN, "process_bss: RSN_IE", | 710 | lbs_deb_hex(LBS_DEB_SCAN, "process_bss: RSN_IE", |
710 | bss->rsn_ie, elem->len); | 711 | bss->rsn_ie, bss->rsn_ie_len); |
711 | break; | 712 | break; |
712 | 713 | ||
713 | default: | 714 | default: |
714 | lbs_deb_scan("got IE 0x%04x, len %d\n", | 715 | lbs_deb_scan("got IE 0x%04x, len %d\n", |
715 | elem->id, elem->len); | 716 | pos[0], pos[1]); |
716 | break; | 717 | break; |
717 | } | 718 | } |
718 | 719 | ||
719 | pos += elem->len + 2; | 720 | pos += pos[1] + 2; |
720 | } | 721 | } |
721 | 722 | ||
722 | /* Timestamp */ | 723 | /* Timestamp */ |
diff --git a/drivers/net/wireless/libertas/scan.h b/drivers/net/wireless/libertas/scan.h index 9e07b0464a8e..fab7d5d097fc 100644 --- a/drivers/net/wireless/libertas/scan.h +++ b/drivers/net/wireless/libertas/scan.h | |||
@@ -7,6 +7,10 @@ | |||
7 | #ifndef _LBS_SCAN_H | 7 | #ifndef _LBS_SCAN_H |
8 | #define _LBS_SCAN_H | 8 | #define _LBS_SCAN_H |
9 | 9 | ||
10 | #include <net/iw_handler.h> | ||
11 | |||
12 | #define MAX_NETWORK_COUNT 128 | ||
13 | |||
10 | /** | 14 | /** |
11 | * @brief Maximum number of channels that can be sent in a setuserscan ioctl | 15 | * @brief Maximum number of channels that can be sent in a setuserscan ioctl |
12 | */ | 16 | */ |
diff --git a/drivers/net/wireless/libertas/types.h b/drivers/net/wireless/libertas/types.h index e0c2599da92f..fb7a2d1a2525 100644 --- a/drivers/net/wireless/libertas/types.h +++ b/drivers/net/wireless/libertas/types.h | |||
@@ -7,7 +7,6 @@ | |||
7 | #include <linux/if_ether.h> | 7 | #include <linux/if_ether.h> |
8 | #include <asm/byteorder.h> | 8 | #include <asm/byteorder.h> |
9 | #include <linux/wireless.h> | 9 | #include <linux/wireless.h> |
10 | #include <net/ieee80211.h> | ||
11 | 10 | ||
12 | struct ieeetypes_cfparamset { | 11 | struct ieeetypes_cfparamset { |
13 | u8 elementid; | 12 | u8 elementid; |
@@ -258,7 +257,7 @@ struct mrvlietypes_ledbhv { | |||
258 | * Note that the len member of the ieee80211_info_element varies depending on | 257 | * Note that the len member of the ieee80211_info_element varies depending on |
259 | * the mesh_id_len */ | 258 | * the mesh_id_len */ |
260 | struct mrvl_meshie_val { | 259 | struct mrvl_meshie_val { |
261 | uint8_t oui[P80211_OUI_LEN]; | 260 | uint8_t oui[3]; |
262 | uint8_t type; | 261 | uint8_t type; |
263 | uint8_t subtype; | 262 | uint8_t subtype; |
264 | uint8_t version; | 263 | uint8_t version; |
@@ -270,7 +269,7 @@ struct mrvl_meshie_val { | |||
270 | } __attribute__ ((packed)); | 269 | } __attribute__ ((packed)); |
271 | 270 | ||
272 | struct mrvl_meshie { | 271 | struct mrvl_meshie { |
273 | struct ieee80211_info_element hdr; | 272 | u8 id, len; |
274 | struct mrvl_meshie_val val; | 273 | struct mrvl_meshie_val val; |
275 | } __attribute__ ((packed)); | 274 | } __attribute__ ((packed)); |
276 | 275 | ||
diff --git a/drivers/net/wireless/libertas/wext.c b/drivers/net/wireless/libertas/wext.c index d4c6a659b562..fe7498f12147 100644 --- a/drivers/net/wireless/libertas/wext.c +++ b/drivers/net/wireless/libertas/wext.c | |||
@@ -9,7 +9,6 @@ | |||
9 | #include <linux/bitops.h> | 9 | #include <linux/bitops.h> |
10 | 10 | ||
11 | #include <net/lib80211.h> | 11 | #include <net/lib80211.h> |
12 | #include <net/ieee80211.h> | ||
13 | #include <net/iw_handler.h> | 12 | #include <net/iw_handler.h> |
14 | 13 | ||
15 | #include "host.h" | 14 | #include "host.h" |
diff --git a/drivers/net/wireless/orinoco.c b/drivers/net/wireless/orinoco.c index b657a916b1d7..f4ea08f96970 100644 --- a/drivers/net/wireless/orinoco.c +++ b/drivers/net/wireless/orinoco.c | |||
@@ -86,8 +86,8 @@ | |||
86 | #include <linux/firmware.h> | 86 | #include <linux/firmware.h> |
87 | #include <linux/if_arp.h> | 87 | #include <linux/if_arp.h> |
88 | #include <linux/wireless.h> | 88 | #include <linux/wireless.h> |
89 | #include <linux/ieee80211.h> | ||
89 | #include <net/iw_handler.h> | 90 | #include <net/iw_handler.h> |
90 | #include <net/ieee80211.h> | ||
91 | 91 | ||
92 | #include <linux/scatterlist.h> | 92 | #include <linux/scatterlist.h> |
93 | #include <linux/crypto.h> | 93 | #include <linux/crypto.h> |
@@ -143,7 +143,7 @@ static const u8 encaps_hdr[] = {0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00}; | |||
143 | #define ENCAPS_OVERHEAD (sizeof(encaps_hdr) + 2) | 143 | #define ENCAPS_OVERHEAD (sizeof(encaps_hdr) + 2) |
144 | 144 | ||
145 | #define ORINOCO_MIN_MTU 256 | 145 | #define ORINOCO_MIN_MTU 256 |
146 | #define ORINOCO_MAX_MTU (IEEE80211_DATA_LEN - ENCAPS_OVERHEAD) | 146 | #define ORINOCO_MAX_MTU (IEEE80211_MAX_DATA_LEN - ENCAPS_OVERHEAD) |
147 | 147 | ||
148 | #define SYMBOL_MAX_VER_LEN (14) | 148 | #define SYMBOL_MAX_VER_LEN (14) |
149 | #define USER_BAP 0 | 149 | #define USER_BAP 0 |
@@ -392,7 +392,7 @@ static void orinoco_bss_data_init(struct orinoco_private *priv) | |||
392 | } | 392 | } |
393 | 393 | ||
394 | static inline u8 *orinoco_get_ie(u8 *data, size_t len, | 394 | static inline u8 *orinoco_get_ie(u8 *data, size_t len, |
395 | enum ieee80211_mfie eid) | 395 | enum ieee80211_eid eid) |
396 | { | 396 | { |
397 | u8 *p = data; | 397 | u8 *p = data; |
398 | while ((p + 2) < (data + len)) { | 398 | while ((p + 2) < (data + len)) { |
@@ -409,7 +409,7 @@ static inline u8 *orinoco_get_wpa_ie(u8 *data, size_t len) | |||
409 | { | 409 | { |
410 | u8 *p = data; | 410 | u8 *p = data; |
411 | while ((p + 2 + WPA_SELECTOR_LEN) < (data + len)) { | 411 | while ((p + 2 + WPA_SELECTOR_LEN) < (data + len)) { |
412 | if ((p[0] == MFIE_TYPE_GENERIC) && | 412 | if ((p[0] == WLAN_EID_GENERIC) && |
413 | (memcmp(&p[2], WPA_OUI_TYPE, WPA_SELECTOR_LEN) == 0)) | 413 | (memcmp(&p[2], WPA_OUI_TYPE, WPA_SELECTOR_LEN) == 0)) |
414 | return p; | 414 | return p; |
415 | p += p[1] + 2; | 415 | p += p[1] + 2; |
@@ -839,7 +839,8 @@ static int orinoco_change_mtu(struct net_device *dev, int new_mtu) | |||
839 | if ( (new_mtu < ORINOCO_MIN_MTU) || (new_mtu > ORINOCO_MAX_MTU) ) | 839 | if ( (new_mtu < ORINOCO_MIN_MTU) || (new_mtu > ORINOCO_MAX_MTU) ) |
840 | return -EINVAL; | 840 | return -EINVAL; |
841 | 841 | ||
842 | if ( (new_mtu + ENCAPS_OVERHEAD + IEEE80211_HLEN) > | 842 | /* MTU + encapsulation + header length */ |
843 | if ( (new_mtu + ENCAPS_OVERHEAD + sizeof(struct ieee80211_hdr)) > | ||
843 | (priv->nicbuf_size - ETH_HLEN) ) | 844 | (priv->nicbuf_size - ETH_HLEN) ) |
844 | return -EINVAL; | 845 | return -EINVAL; |
845 | 846 | ||
@@ -1254,7 +1255,7 @@ static void orinoco_rx_monitor(struct net_device *dev, u16 rxfid, | |||
1254 | } | 1255 | } |
1255 | 1256 | ||
1256 | /* sanity check the length */ | 1257 | /* sanity check the length */ |
1257 | if (datalen > IEEE80211_DATA_LEN + 12) { | 1258 | if (datalen > IEEE80211_MAX_DATA_LEN + 12) { |
1258 | printk(KERN_DEBUG "%s: oversized monitor frame, " | 1259 | printk(KERN_DEBUG "%s: oversized monitor frame, " |
1259 | "data length = %d\n", dev->name, datalen); | 1260 | "data length = %d\n", dev->name, datalen); |
1260 | stats->rx_length_errors++; | 1261 | stats->rx_length_errors++; |
@@ -1382,7 +1383,7 @@ static void __orinoco_ev_rx(struct net_device *dev, hermes_t *hw) | |||
1382 | data. */ | 1383 | data. */ |
1383 | goto out; | 1384 | goto out; |
1384 | } | 1385 | } |
1385 | if (length > IEEE80211_DATA_LEN) { | 1386 | if (length > IEEE80211_MAX_DATA_LEN) { |
1386 | printk(KERN_WARNING "%s: Oversized frame received (%d bytes)\n", | 1387 | printk(KERN_WARNING "%s: Oversized frame received (%d bytes)\n", |
1387 | dev->name, length); | 1388 | dev->name, length); |
1388 | stats->rx_length_errors++; | 1389 | stats->rx_length_errors++; |
@@ -3285,7 +3286,7 @@ static int orinoco_init(struct net_device *dev) | |||
3285 | 3286 | ||
3286 | /* No need to lock, the hw_unavailable flag is already set in | 3287 | /* No need to lock, the hw_unavailable flag is already set in |
3287 | * alloc_orinocodev() */ | 3288 | * alloc_orinocodev() */ |
3288 | priv->nicbuf_size = IEEE80211_FRAME_LEN + ETH_HLEN; | 3289 | priv->nicbuf_size = IEEE80211_MAX_FRAME_LEN + ETH_HLEN; |
3289 | 3290 | ||
3290 | /* Initialize the firmware */ | 3291 | /* Initialize the firmware */ |
3291 | err = hermes_init(hw); | 3292 | err = hermes_init(hw); |
@@ -4681,7 +4682,7 @@ static int orinoco_ioctl_set_encodeext(struct net_device *dev, | |||
4681 | /* Determine and validate the key index */ | 4682 | /* Determine and validate the key index */ |
4682 | idx = encoding->flags & IW_ENCODE_INDEX; | 4683 | idx = encoding->flags & IW_ENCODE_INDEX; |
4683 | if (idx) { | 4684 | if (idx) { |
4684 | if ((idx < 1) || (idx > WEP_KEYS)) | 4685 | if ((idx < 1) || (idx > 4)) |
4685 | goto out; | 4686 | goto out; |
4686 | idx--; | 4687 | idx--; |
4687 | } else | 4688 | } else |
@@ -4786,7 +4787,7 @@ static int orinoco_ioctl_get_encodeext(struct net_device *dev, | |||
4786 | 4787 | ||
4787 | idx = encoding->flags & IW_ENCODE_INDEX; | 4788 | idx = encoding->flags & IW_ENCODE_INDEX; |
4788 | if (idx) { | 4789 | if (idx) { |
4789 | if ((idx < 1) || (idx > WEP_KEYS)) | 4790 | if ((idx < 1) || (idx > 4)) |
4790 | goto out; | 4791 | goto out; |
4791 | idx--; | 4792 | idx--; |
4792 | } else | 4793 | } else |
@@ -4949,7 +4950,8 @@ static int orinoco_ioctl_set_genie(struct net_device *dev, | |||
4949 | unsigned long flags; | 4950 | unsigned long flags; |
4950 | int err = 0; | 4951 | int err = 0; |
4951 | 4952 | ||
4952 | if ((wrqu->data.length > MAX_WPA_IE_LEN) || | 4953 | /* cut off at IEEE80211_MAX_DATA_LEN */ |
4954 | if ((wrqu->data.length > IEEE80211_MAX_DATA_LEN) || | ||
4953 | (wrqu->data.length && (extra == NULL))) | 4955 | (wrqu->data.length && (extra == NULL))) |
4954 | return -EINVAL; | 4956 | return -EINVAL; |
4955 | 4957 | ||
@@ -5632,7 +5634,7 @@ static inline char *orinoco_translate_ext_scan(struct net_device *dev, | |||
5632 | &iwe, IW_EV_UINT_LEN); | 5634 | &iwe, IW_EV_UINT_LEN); |
5633 | } | 5635 | } |
5634 | 5636 | ||
5635 | ie = orinoco_get_ie(bss->data, sizeof(bss->data), MFIE_TYPE_DS_SET); | 5637 | ie = orinoco_get_ie(bss->data, sizeof(bss->data), WLAN_EID_DS_PARAMS); |
5636 | channel = ie ? ie[2] : 0; | 5638 | channel = ie ? ie[2] : 0; |
5637 | if ((channel >= 1) && (channel <= NUM_CHANNELS)) { | 5639 | if ((channel >= 1) && (channel <= NUM_CHANNELS)) { |
5638 | /* Add channel and frequency */ | 5640 | /* Add channel and frequency */ |
@@ -5682,7 +5684,7 @@ static inline char *orinoco_translate_ext_scan(struct net_device *dev, | |||
5682 | } | 5684 | } |
5683 | 5685 | ||
5684 | /* RSN IE */ | 5686 | /* RSN IE */ |
5685 | ie = orinoco_get_ie(bss->data, sizeof(bss->data), MFIE_TYPE_RSN); | 5687 | ie = orinoco_get_ie(bss->data, sizeof(bss->data), WLAN_EID_RSN); |
5686 | if (ie) { | 5688 | if (ie) { |
5687 | iwe.cmd = IWEVGENIE; | 5689 | iwe.cmd = IWEVGENIE; |
5688 | iwe.u.data.length = ie[1] + 2; | 5690 | iwe.u.data.length = ie[1] + 2; |
@@ -5690,7 +5692,7 @@ static inline char *orinoco_translate_ext_scan(struct net_device *dev, | |||
5690 | &iwe, ie); | 5692 | &iwe, ie); |
5691 | } | 5693 | } |
5692 | 5694 | ||
5693 | ie = orinoco_get_ie(bss->data, sizeof(bss->data), MFIE_TYPE_RATES); | 5695 | ie = orinoco_get_ie(bss->data, sizeof(bss->data), WLAN_EID_SUPP_RATES); |
5694 | if (ie) { | 5696 | if (ie) { |
5695 | char *p = current_ev + iwe_stream_lcp_len(info); | 5697 | char *p = current_ev + iwe_stream_lcp_len(info); |
5696 | int i; | 5698 | int i; |
diff --git a/drivers/net/wireless/rndis_wlan.c b/drivers/net/wireless/rndis_wlan.c index bd059e3c7e2b..a1eeb48f9466 100644 --- a/drivers/net/wireless/rndis_wlan.c +++ b/drivers/net/wireless/rndis_wlan.c | |||
@@ -37,11 +37,11 @@ | |||
37 | #include <linux/usb.h> | 37 | #include <linux/usb.h> |
38 | #include <linux/usb/cdc.h> | 38 | #include <linux/usb/cdc.h> |
39 | #include <linux/wireless.h> | 39 | #include <linux/wireless.h> |
40 | #include <linux/ieee80211.h> | ||
40 | #include <linux/if_arp.h> | 41 | #include <linux/if_arp.h> |
41 | #include <linux/ctype.h> | 42 | #include <linux/ctype.h> |
42 | #include <linux/spinlock.h> | 43 | #include <linux/spinlock.h> |
43 | #include <net/iw_handler.h> | 44 | #include <net/iw_handler.h> |
44 | #include <net/ieee80211.h> | ||
45 | #include <linux/usb/usbnet.h> | 45 | #include <linux/usb/usbnet.h> |
46 | #include <linux/usb/rndis_host.h> | 46 | #include <linux/usb/rndis_host.h> |
47 | 47 | ||
@@ -1652,7 +1652,7 @@ static char *rndis_translate_scan(struct net_device *dev, | |||
1652 | #ifdef DEBUG | 1652 | #ifdef DEBUG |
1653 | struct usbnet *usbdev = dev->priv; | 1653 | struct usbnet *usbdev = dev->priv; |
1654 | #endif | 1654 | #endif |
1655 | struct ieee80211_info_element *ie; | 1655 | u8 *ie; |
1656 | char *current_val; | 1656 | char *current_val; |
1657 | int bssid_len, ie_len, i; | 1657 | int bssid_len, ie_len, i; |
1658 | u32 beacon, atim; | 1658 | u32 beacon, atim; |
@@ -1750,20 +1750,20 @@ static char *rndis_translate_scan(struct net_device *dev, | |||
1750 | ie_len = min(bssid_len - (int)sizeof(*bssid), | 1750 | ie_len = min(bssid_len - (int)sizeof(*bssid), |
1751 | (int)le32_to_cpu(bssid->ie_length)); | 1751 | (int)le32_to_cpu(bssid->ie_length)); |
1752 | ie_len -= sizeof(struct ndis_80211_fixed_ies); | 1752 | ie_len -= sizeof(struct ndis_80211_fixed_ies); |
1753 | while (ie_len >= sizeof(*ie) && sizeof(*ie) + ie->len <= ie_len) { | 1753 | while (ie_len >= 2 && 2 + ie[1] <= ie_len) { |
1754 | if ((ie->id == MFIE_TYPE_GENERIC && ie->len >= 4 && | 1754 | if ((ie[0] == WLAN_EID_GENERIC && ie[1] >= 4 && |
1755 | memcmp(ie->data, "\x00\x50\xf2\x01", 4) == 0) || | 1755 | memcmp(ie + 2, "\x00\x50\xf2\x01", 4) == 0) || |
1756 | ie->id == MFIE_TYPE_RSN) { | 1756 | ie[0] == WLAN_EID_RSN) { |
1757 | devdbg(usbdev, "IE: WPA%d", | 1757 | devdbg(usbdev, "IE: WPA%d", |
1758 | (ie->id == MFIE_TYPE_RSN) ? 2 : 1); | 1758 | (ie[0] == WLAN_EID_RSN) ? 2 : 1); |
1759 | iwe.cmd = IWEVGENIE; | 1759 | iwe.cmd = IWEVGENIE; |
1760 | iwe.u.data.length = min(ie->len + 2, MAX_WPA_IE_LEN); | 1760 | /* arbitrary cut-off at 64 */ |
1761 | cev = iwe_stream_add_point(info, cev, end_buf, &iwe, | 1761 | iwe.u.data.length = min(ie[1] + 2, 64); |
1762 | (u8 *)ie); | 1762 | cev = iwe_stream_add_point(info, cev, end_buf, &iwe, ie); |
1763 | } | 1763 | } |
1764 | 1764 | ||
1765 | ie_len -= sizeof(*ie) + ie->len; | 1765 | ie_len -= 2 + ie[1]; |
1766 | ie = (struct ieee80211_info_element *)&ie->data[ie->len]; | 1766 | ie += 2 + ie[1]; |
1767 | } | 1767 | } |
1768 | 1768 | ||
1769 | return cev; | 1769 | return cev; |
diff --git a/drivers/net/wireless/wl3501.h b/drivers/net/wireless/wl3501.h index 65ceb088f700..59bb3a55ab48 100644 --- a/drivers/net/wireless/wl3501.h +++ b/drivers/net/wireless/wl3501.h | |||
@@ -2,7 +2,7 @@ | |||
2 | #define __WL3501_H__ | 2 | #define __WL3501_H__ |
3 | 3 | ||
4 | #include <linux/spinlock.h> | 4 | #include <linux/spinlock.h> |
5 | #include <net/ieee80211.h> | 5 | #include <linux/ieee80211.h> |
6 | 6 | ||
7 | /* define for WLA 2.0 */ | 7 | /* define for WLA 2.0 */ |
8 | #define WL3501_BLKSZ 256 | 8 | #define WL3501_BLKSZ 256 |
@@ -548,7 +548,7 @@ struct wl3501_80211_tx_plcp_hdr { | |||
548 | 548 | ||
549 | struct wl3501_80211_tx_hdr { | 549 | struct wl3501_80211_tx_hdr { |
550 | struct wl3501_80211_tx_plcp_hdr pclp_hdr; | 550 | struct wl3501_80211_tx_plcp_hdr pclp_hdr; |
551 | struct ieee80211_hdr_4addr mac_hdr; | 551 | struct ieee80211_hdr mac_hdr; |
552 | } __attribute__ ((packed)); | 552 | } __attribute__ ((packed)); |
553 | 553 | ||
554 | /* | 554 | /* |
diff --git a/drivers/net/wireless/zd1201.c b/drivers/net/wireless/zd1201.c index bf744c1f5b23..1134e2fb1890 100644 --- a/drivers/net/wireless/zd1201.c +++ b/drivers/net/wireless/zd1201.c | |||
@@ -17,11 +17,11 @@ | |||
17 | #include <linux/netdevice.h> | 17 | #include <linux/netdevice.h> |
18 | #include <linux/etherdevice.h> | 18 | #include <linux/etherdevice.h> |
19 | #include <linux/wireless.h> | 19 | #include <linux/wireless.h> |
20 | #include <linux/ieee80211.h> | ||
20 | #include <net/iw_handler.h> | 21 | #include <net/iw_handler.h> |
21 | #include <linux/string.h> | 22 | #include <linux/string.h> |
22 | #include <linux/if_arp.h> | 23 | #include <linux/if_arp.h> |
23 | #include <linux/firmware.h> | 24 | #include <linux/firmware.h> |
24 | #include <net/ieee80211.h> | ||
25 | #include "zd1201.h" | 25 | #include "zd1201.h" |
26 | 26 | ||
27 | static struct usb_device_id zd1201_table[] = { | 27 | static struct usb_device_id zd1201_table[] = { |
@@ -345,7 +345,7 @@ static void zd1201_usbrx(struct urb *urb) | |||
345 | frag = kmalloc(sizeof(*frag), GFP_ATOMIC); | 345 | frag = kmalloc(sizeof(*frag), GFP_ATOMIC); |
346 | if (!frag) | 346 | if (!frag) |
347 | goto resubmit; | 347 | goto resubmit; |
348 | skb = dev_alloc_skb(IEEE80211_DATA_LEN +14+2); | 348 | skb = dev_alloc_skb(IEEE80211_MAX_DATA_LEN +14+2); |
349 | if (!skb) { | 349 | if (!skb) { |
350 | kfree(frag); | 350 | kfree(frag); |
351 | goto resubmit; | 351 | goto resubmit; |