aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--MAINTAINERS10
-rw-r--r--drivers/net/tg3.c167
-rw-r--r--drivers/net/tg3.h6
-rw-r--r--include/linux/ieee80211.h342
-rw-r--r--include/linux/netlink.h4
-rw-r--r--include/net/mac80211.h1045
-rw-r--r--net/Kconfig1
-rw-r--r--net/Makefile4
-rw-r--r--net/iucv/af_iucv.c6
-rw-r--r--net/mac80211/Kconfig78
-rw-r--r--net/mac80211/Makefile20
-rw-r--r--net/mac80211/aes_ccm.c155
-rw-r--r--net/mac80211/aes_ccm.h26
-rw-r--r--net/mac80211/debugfs.c433
-rw-r--r--net/mac80211/debugfs.h16
-rw-r--r--net/mac80211/debugfs_key.c252
-rw-r--r--net/mac80211/debugfs_key.h34
-rw-r--r--net/mac80211/debugfs_netdev.c440
-rw-r--r--net/mac80211/debugfs_netdev.h30
-rw-r--r--net/mac80211/debugfs_sta.c246
-rw-r--r--net/mac80211/debugfs_sta.h12
-rw-r--r--net/mac80211/hostapd_ioctl.h108
-rw-r--r--net/mac80211/ieee80211.c4984
-rw-r--r--net/mac80211/ieee80211_cfg.c66
-rw-r--r--net/mac80211/ieee80211_cfg.h9
-rw-r--r--net/mac80211/ieee80211_common.h98
-rw-r--r--net/mac80211/ieee80211_i.h798
-rw-r--r--net/mac80211/ieee80211_iface.c352
-rw-r--r--net/mac80211/ieee80211_ioctl.c1822
-rw-r--r--net/mac80211/ieee80211_key.h106
-rw-r--r--net/mac80211/ieee80211_led.c91
-rw-r--r--net/mac80211/ieee80211_led.h32
-rw-r--r--net/mac80211/ieee80211_rate.c140
-rw-r--r--net/mac80211/ieee80211_rate.h144
-rw-r--r--net/mac80211/ieee80211_sta.c3060
-rw-r--r--net/mac80211/michael.c104
-rw-r--r--net/mac80211/michael.h20
-rw-r--r--net/mac80211/rc80211_simple.c432
-rw-r--r--net/mac80211/sta_info.c470
-rw-r--r--net/mac80211/sta_info.h164
-rw-r--r--net/mac80211/tkip.c341
-rw-r--r--net/mac80211/tkip.h36
-rw-r--r--net/mac80211/wep.c328
-rw-r--r--net/mac80211/wep.h40
-rw-r--r--net/mac80211/wme.c678
-rw-r--r--net/mac80211/wme.h57
-rw-r--r--net/mac80211/wpa.c660
-rw-r--r--net/mac80211/wpa.h31
48 files changed, 18410 insertions, 88 deletions
diff --git a/MAINTAINERS b/MAINTAINERS
index 1e8c37054ea2..b36923e72ce8 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -2228,6 +2228,16 @@ M: philb@gnu.org
2228W: http://www.tazenda.demon.co.uk/phil/linux-hp 2228W: http://www.tazenda.demon.co.uk/phil/linux-hp
2229S: Maintained 2229S: Maintained
2230 2230
2231MAC80211
2232P: Jiri Benc
2233M: jbenc@suse.cz
2234P: Michael Wu
2235M: flamingice@sourmilk.net
2236L: linux-wireless@vger.kernel.org
2237W: http://linuxwireless.org/
2238T: git kernel.org:/pub/scm/linux/kernel/git/jbenc/mac80211.git
2239S: Maintained
2240
2231MARVELL YUKON / SYSKONNECT DRIVER 2241MARVELL YUKON / SYSKONNECT DRIVER
2232P: Mirko Lindner 2242P: Mirko Lindner
2233M: mlindner@syskonnect.de 2243M: mlindner@syskonnect.de
diff --git a/drivers/net/tg3.c b/drivers/net/tg3.c
index 9488f49ea569..59d6e74a4a5f 100644
--- a/drivers/net/tg3.c
+++ b/drivers/net/tg3.c
@@ -1300,9 +1300,11 @@ static int tg3_set_power_state(struct tg3 *tp, pci_power_t state)
1300 msleep(1); 1300 msleep(1);
1301 } 1301 }
1302 } 1302 }
1303 tg3_write_mem(tp, NIC_SRAM_WOL_MBOX, WOL_SIGNATURE | 1303 if (tp->tg3_flags & TG3_FLAG_WOL_CAP)
1304 WOL_DRV_STATE_SHUTDOWN | 1304 tg3_write_mem(tp, NIC_SRAM_WOL_MBOX, WOL_SIGNATURE |
1305 WOL_DRV_WOL | WOL_SET_MAGIC_PKT); 1305 WOL_DRV_STATE_SHUTDOWN |
1306 WOL_DRV_WOL |
1307 WOL_SET_MAGIC_PKT);
1306 1308
1307 pci_read_config_word(tp->pdev, pm + PCI_PM_PMC, &power_caps); 1309 pci_read_config_word(tp->pdev, pm + PCI_PM_PMC, &power_caps);
1308 1310
@@ -2593,10 +2595,8 @@ static int tg3_setup_fiber_by_hand(struct tg3 *tp, u32 mac_status)
2593{ 2595{
2594 int current_link_up = 0; 2596 int current_link_up = 0;
2595 2597
2596 if (!(mac_status & MAC_STATUS_PCS_SYNCED)) { 2598 if (!(mac_status & MAC_STATUS_PCS_SYNCED))
2597 tp->tg3_flags &= ~TG3_FLAG_GOT_SERDES_FLOWCTL;
2598 goto out; 2599 goto out;
2599 }
2600 2600
2601 if (tp->link_config.autoneg == AUTONEG_ENABLE) { 2601 if (tp->link_config.autoneg == AUTONEG_ENABLE) {
2602 u32 flags; 2602 u32 flags;
@@ -2614,7 +2614,6 @@ static int tg3_setup_fiber_by_hand(struct tg3 *tp, u32 mac_status)
2614 2614
2615 tg3_setup_flow_control(tp, local_adv, remote_adv); 2615 tg3_setup_flow_control(tp, local_adv, remote_adv);
2616 2616
2617 tp->tg3_flags |= TG3_FLAG_GOT_SERDES_FLOWCTL;
2618 current_link_up = 1; 2617 current_link_up = 1;
2619 } 2618 }
2620 for (i = 0; i < 30; i++) { 2619 for (i = 0; i < 30; i++) {
@@ -2637,7 +2636,6 @@ static int tg3_setup_fiber_by_hand(struct tg3 *tp, u32 mac_status)
2637 } else { 2636 } else {
2638 /* Forcing 1000FD link up. */ 2637 /* Forcing 1000FD link up. */
2639 current_link_up = 1; 2638 current_link_up = 1;
2640 tp->tg3_flags |= TG3_FLAG_GOT_SERDES_FLOWCTL;
2641 2639
2642 tw32_f(MAC_MODE, (tp->mac_mode | MAC_MODE_SEND_CONFIGS)); 2640 tw32_f(MAC_MODE, (tp->mac_mode | MAC_MODE_SEND_CONFIGS));
2643 udelay(40); 2641 udelay(40);
@@ -3895,8 +3893,7 @@ static int tg3_start_xmit(struct sk_buff *skb, struct net_device *dev)
3895 entry = tp->tx_prod; 3893 entry = tp->tx_prod;
3896 base_flags = 0; 3894 base_flags = 0;
3897 mss = 0; 3895 mss = 0;
3898 if (skb->len > (tp->dev->mtu + ETH_HLEN) && 3896 if ((mss = skb_shinfo(skb)->gso_size) != 0) {
3899 (mss = skb_shinfo(skb)->gso_size) != 0) {
3900 int tcp_opt_len, ip_tcp_len; 3897 int tcp_opt_len, ip_tcp_len;
3901 3898
3902 if (skb_header_cloned(skb) && 3899 if (skb_header_cloned(skb) &&
@@ -4053,8 +4050,7 @@ static int tg3_start_xmit_dma_bug(struct sk_buff *skb, struct net_device *dev)
4053 if (skb->ip_summed == CHECKSUM_PARTIAL) 4050 if (skb->ip_summed == CHECKSUM_PARTIAL)
4054 base_flags |= TXD_FLAG_TCPUDP_CSUM; 4051 base_flags |= TXD_FLAG_TCPUDP_CSUM;
4055 mss = 0; 4052 mss = 0;
4056 if (skb->len > (tp->dev->mtu + ETH_HLEN) && 4053 if ((mss = skb_shinfo(skb)->gso_size) != 0) {
4057 (mss = skb_shinfo(skb)->gso_size) != 0) {
4058 struct iphdr *iph; 4054 struct iphdr *iph;
4059 int tcp_opt_len, ip_tcp_len, hdr_len; 4055 int tcp_opt_len, ip_tcp_len, hdr_len;
4060 4056
@@ -5934,7 +5930,7 @@ static int tg3_load_tso_firmware(struct tg3 *tp)
5934 5930
5935 5931
5936/* tp->lock is held. */ 5932/* tp->lock is held. */
5937static void __tg3_set_mac_addr(struct tg3 *tp) 5933static void __tg3_set_mac_addr(struct tg3 *tp, int skip_mac_1)
5938{ 5934{
5939 u32 addr_high, addr_low; 5935 u32 addr_high, addr_low;
5940 int i; 5936 int i;
@@ -5946,6 +5942,8 @@ static void __tg3_set_mac_addr(struct tg3 *tp)
5946 (tp->dev->dev_addr[4] << 8) | 5942 (tp->dev->dev_addr[4] << 8) |
5947 (tp->dev->dev_addr[5] << 0)); 5943 (tp->dev->dev_addr[5] << 0));
5948 for (i = 0; i < 4; i++) { 5944 for (i = 0; i < 4; i++) {
5945 if (i == 1 && skip_mac_1)
5946 continue;
5949 tw32(MAC_ADDR_0_HIGH + (i * 8), addr_high); 5947 tw32(MAC_ADDR_0_HIGH + (i * 8), addr_high);
5950 tw32(MAC_ADDR_0_LOW + (i * 8), addr_low); 5948 tw32(MAC_ADDR_0_LOW + (i * 8), addr_low);
5951 } 5949 }
@@ -5972,7 +5970,7 @@ static int tg3_set_mac_addr(struct net_device *dev, void *p)
5972{ 5970{
5973 struct tg3 *tp = netdev_priv(dev); 5971 struct tg3 *tp = netdev_priv(dev);
5974 struct sockaddr *addr = p; 5972 struct sockaddr *addr = p;
5975 int err = 0; 5973 int err = 0, skip_mac_1 = 0;
5976 5974
5977 if (!is_valid_ether_addr(addr->sa_data)) 5975 if (!is_valid_ether_addr(addr->sa_data))
5978 return -EINVAL; 5976 return -EINVAL;
@@ -5983,22 +5981,21 @@ static int tg3_set_mac_addr(struct net_device *dev, void *p)
5983 return 0; 5981 return 0;
5984 5982
5985 if (tp->tg3_flags & TG3_FLAG_ENABLE_ASF) { 5983 if (tp->tg3_flags & TG3_FLAG_ENABLE_ASF) {
5986 /* Reset chip so that ASF can re-init any MAC addresses it 5984 u32 addr0_high, addr0_low, addr1_high, addr1_low;
5987 * needs.
5988 */
5989 tg3_netif_stop(tp);
5990 tg3_full_lock(tp, 1);
5991 5985
5992 tg3_halt(tp, RESET_KIND_SHUTDOWN, 1); 5986 addr0_high = tr32(MAC_ADDR_0_HIGH);
5993 err = tg3_restart_hw(tp, 0); 5987 addr0_low = tr32(MAC_ADDR_0_LOW);
5994 if (!err) 5988 addr1_high = tr32(MAC_ADDR_1_HIGH);
5995 tg3_netif_start(tp); 5989 addr1_low = tr32(MAC_ADDR_1_LOW);
5996 tg3_full_unlock(tp); 5990
5997 } else { 5991 /* Skip MAC addr 1 if ASF is using it. */
5998 spin_lock_bh(&tp->lock); 5992 if ((addr0_high != addr1_high || addr0_low != addr1_low) &&
5999 __tg3_set_mac_addr(tp); 5993 !(addr1_high == 0 && addr1_low == 0))
6000 spin_unlock_bh(&tp->lock); 5994 skip_mac_1 = 1;
6001 } 5995 }
5996 spin_lock_bh(&tp->lock);
5997 __tg3_set_mac_addr(tp, skip_mac_1);
5998 spin_unlock_bh(&tp->lock);
6002 5999
6003 return err; 6000 return err;
6004} 6001}
@@ -6315,7 +6312,7 @@ static int tg3_reset_hw(struct tg3 *tp, int reset_phy)
6315 tp->rx_jumbo_ptr); 6312 tp->rx_jumbo_ptr);
6316 6313
6317 /* Initialize MAC address and backoff seed. */ 6314 /* Initialize MAC address and backoff seed. */
6318 __tg3_set_mac_addr(tp); 6315 __tg3_set_mac_addr(tp, 0);
6319 6316
6320 /* MTU + ethernet header + FCS + optional VLAN tag */ 6317 /* MTU + ethernet header + FCS + optional VLAN tag */
6321 tw32(MAC_RX_MTU_SIZE, tp->dev->mtu + ETH_HLEN + 8); 6318 tw32(MAC_RX_MTU_SIZE, tp->dev->mtu + ETH_HLEN + 8);
@@ -6346,8 +6343,7 @@ static int tg3_reset_hw(struct tg3 *tp, int reset_phy)
6346 tp->pci_chip_rev_id != CHIPREV_ID_5705_A0) || 6343 tp->pci_chip_rev_id != CHIPREV_ID_5705_A0) ||
6347 (GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5750)) { 6344 (GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5750)) {
6348 if (tp->tg3_flags2 & TG3_FLG2_TSO_CAPABLE && 6345 if (tp->tg3_flags2 & TG3_FLG2_TSO_CAPABLE &&
6349 (tp->pci_chip_rev_id == CHIPREV_ID_5705_A1 || 6346 GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5705) {
6350 tp->pci_chip_rev_id == CHIPREV_ID_5705_A2)) {
6351 rdmac_mode |= RDMAC_MODE_FIFO_SIZE_128; 6347 rdmac_mode |= RDMAC_MODE_FIFO_SIZE_128;
6352 } else if (!(tr32(TG3PCI_PCISTATE) & PCISTATE_BUS_SPEED_HIGH) && 6348 } else if (!(tr32(TG3PCI_PCISTATE) & PCISTATE_BUS_SPEED_HIGH) &&
6353 !(tp->tg3_flags2 & TG3_FLG2_IS_5788)) { 6349 !(tp->tg3_flags2 & TG3_FLG2_IS_5788)) {
@@ -6457,6 +6453,7 @@ static int tg3_reset_hw(struct tg3 *tp, int reset_phy)
6457 if (GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5755) 6453 if (GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5755)
6458 gpio_mask |= GRC_LCLCTRL_GPIO_UART_SEL; 6454 gpio_mask |= GRC_LCLCTRL_GPIO_UART_SEL;
6459 6455
6456 tp->grc_local_ctrl &= ~gpio_mask;
6460 tp->grc_local_ctrl |= tr32(GRC_LOCAL_CTRL) & gpio_mask; 6457 tp->grc_local_ctrl |= tr32(GRC_LOCAL_CTRL) & gpio_mask;
6461 6458
6462 /* GPIO1 must be driven high for eeprom write protect */ 6459 /* GPIO1 must be driven high for eeprom write protect */
@@ -7036,11 +7033,7 @@ static int tg3_open(struct net_device *dev)
7036 if (err) 7033 if (err)
7037 return err; 7034 return err;
7038 7035
7039 if ((tp->tg3_flags2 & TG3_FLG2_5750_PLUS) && 7036 if (tp->tg3_flags & TG3_FLAG_SUPPORT_MSI) {
7040 (GET_CHIP_REV(tp->pci_chip_rev_id) != CHIPREV_5750_AX) &&
7041 (GET_CHIP_REV(tp->pci_chip_rev_id) != CHIPREV_5750_BX) &&
7042 !((GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5714) &&
7043 (tp->pdev_peer == tp->pdev))) {
7044 /* All MSI supporting chips should support tagged 7037 /* All MSI supporting chips should support tagged
7045 * status. Assert that this is the case. 7038 * status. Assert that this is the case.
7046 */ 7039 */
@@ -7399,9 +7392,7 @@ static int tg3_close(struct net_device *dev)
7399 7392
7400 tg3_halt(tp, RESET_KIND_SHUTDOWN, 1); 7393 tg3_halt(tp, RESET_KIND_SHUTDOWN, 1);
7401 tg3_free_rings(tp); 7394 tg3_free_rings(tp);
7402 tp->tg3_flags &= 7395 tp->tg3_flags &= ~TG3_FLAG_INIT_COMPLETE;
7403 ~(TG3_FLAG_INIT_COMPLETE |
7404 TG3_FLAG_GOT_SERDES_FLOWCTL);
7405 7396
7406 tg3_full_unlock(tp); 7397 tg3_full_unlock(tp);
7407 7398
@@ -8036,7 +8027,10 @@ static void tg3_get_wol(struct net_device *dev, struct ethtool_wolinfo *wol)
8036{ 8027{
8037 struct tg3 *tp = netdev_priv(dev); 8028 struct tg3 *tp = netdev_priv(dev);
8038 8029
8039 wol->supported = WAKE_MAGIC; 8030 if (tp->tg3_flags & TG3_FLAG_WOL_CAP)
8031 wol->supported = WAKE_MAGIC;
8032 else
8033 wol->supported = 0;
8040 wol->wolopts = 0; 8034 wol->wolopts = 0;
8041 if (tp->tg3_flags & TG3_FLAG_WOL_ENABLE) 8035 if (tp->tg3_flags & TG3_FLAG_WOL_ENABLE)
8042 wol->wolopts = WAKE_MAGIC; 8036 wol->wolopts = WAKE_MAGIC;
@@ -8050,8 +8044,7 @@ static int tg3_set_wol(struct net_device *dev, struct ethtool_wolinfo *wol)
8050 if (wol->wolopts & ~WAKE_MAGIC) 8044 if (wol->wolopts & ~WAKE_MAGIC)
8051 return -EINVAL; 8045 return -EINVAL;
8052 if ((wol->wolopts & WAKE_MAGIC) && 8046 if ((wol->wolopts & WAKE_MAGIC) &&
8053 tp->tg3_flags2 & TG3_FLG2_ANY_SERDES && 8047 !(tp->tg3_flags & TG3_FLAG_WOL_CAP))
8054 !(tp->tg3_flags & TG3_FLAG_SERDES_WOL_CAP))
8055 return -EINVAL; 8048 return -EINVAL;
8056 8049
8057 spin_lock_bh(&tp->lock); 8050 spin_lock_bh(&tp->lock);
@@ -9289,7 +9282,7 @@ static void __devinit tg3_get_nvram_size(struct tg3 *tp)
9289 return; 9282 return;
9290 } 9283 }
9291 } 9284 }
9292 tp->nvram_size = 0x20000; 9285 tp->nvram_size = 0x80000;
9293} 9286}
9294 9287
9295static void __devinit tg3_get_nvram_info(struct tg3 *tp) 9288static void __devinit tg3_get_nvram_info(struct tg3 *tp)
@@ -9408,33 +9401,31 @@ static void __devinit tg3_get_5752_nvram_info(struct tg3 *tp)
9408 9401
9409static void __devinit tg3_get_5755_nvram_info(struct tg3 *tp) 9402static void __devinit tg3_get_5755_nvram_info(struct tg3 *tp)
9410{ 9403{
9411 u32 nvcfg1; 9404 u32 nvcfg1, protect = 0;
9412 9405
9413 nvcfg1 = tr32(NVRAM_CFG1); 9406 nvcfg1 = tr32(NVRAM_CFG1);
9414 9407
9415 /* NVRAM protection for TPM */ 9408 /* NVRAM protection for TPM */
9416 if (nvcfg1 & (1 << 27)) 9409 if (nvcfg1 & (1 << 27)) {
9417 tp->tg3_flags2 |= TG3_FLG2_PROTECTED_NVRAM; 9410 tp->tg3_flags2 |= TG3_FLG2_PROTECTED_NVRAM;
9411 protect = 1;
9412 }
9418 9413
9419 switch (nvcfg1 & NVRAM_CFG1_5752VENDOR_MASK) { 9414 nvcfg1 &= NVRAM_CFG1_5752VENDOR_MASK;
9420 case FLASH_5755VENDOR_ATMEL_EEPROM_64KHZ: 9415 switch (nvcfg1) {
9421 case FLASH_5755VENDOR_ATMEL_EEPROM_376KHZ:
9422 tp->nvram_jedecnum = JEDEC_ATMEL;
9423 tp->tg3_flags |= TG3_FLAG_NVRAM_BUFFERED;
9424 tp->nvram_pagesize = ATMEL_AT24C512_CHIP_SIZE;
9425
9426 nvcfg1 &= ~NVRAM_CFG1_COMPAT_BYPASS;
9427 tw32(NVRAM_CFG1, nvcfg1);
9428 break;
9429 case FLASH_5752VENDOR_ATMEL_FLASH_BUFFERED:
9430 case FLASH_5755VENDOR_ATMEL_FLASH_1: 9416 case FLASH_5755VENDOR_ATMEL_FLASH_1:
9431 case FLASH_5755VENDOR_ATMEL_FLASH_2: 9417 case FLASH_5755VENDOR_ATMEL_FLASH_2:
9432 case FLASH_5755VENDOR_ATMEL_FLASH_3: 9418 case FLASH_5755VENDOR_ATMEL_FLASH_3:
9433 case FLASH_5755VENDOR_ATMEL_FLASH_4:
9434 tp->nvram_jedecnum = JEDEC_ATMEL; 9419 tp->nvram_jedecnum = JEDEC_ATMEL;
9435 tp->tg3_flags |= TG3_FLAG_NVRAM_BUFFERED; 9420 tp->tg3_flags |= TG3_FLAG_NVRAM_BUFFERED;
9436 tp->tg3_flags2 |= TG3_FLG2_FLASH; 9421 tp->tg3_flags2 |= TG3_FLG2_FLASH;
9437 tp->nvram_pagesize = 264; 9422 tp->nvram_pagesize = 264;
9423 if (nvcfg1 == FLASH_5755VENDOR_ATMEL_FLASH_1)
9424 tp->nvram_size = (protect ? 0x3e200 : 0x80000);
9425 else if (nvcfg1 == FLASH_5755VENDOR_ATMEL_FLASH_2)
9426 tp->nvram_size = (protect ? 0x1f200 : 0x40000);
9427 else
9428 tp->nvram_size = (protect ? 0x1f200 : 0x20000);
9438 break; 9429 break;
9439 case FLASH_5752VENDOR_ST_M45PE10: 9430 case FLASH_5752VENDOR_ST_M45PE10:
9440 case FLASH_5752VENDOR_ST_M45PE20: 9431 case FLASH_5752VENDOR_ST_M45PE20:
@@ -9443,6 +9434,12 @@ static void __devinit tg3_get_5755_nvram_info(struct tg3 *tp)
9443 tp->tg3_flags |= TG3_FLAG_NVRAM_BUFFERED; 9434 tp->tg3_flags |= TG3_FLAG_NVRAM_BUFFERED;
9444 tp->tg3_flags2 |= TG3_FLG2_FLASH; 9435 tp->tg3_flags2 |= TG3_FLG2_FLASH;
9445 tp->nvram_pagesize = 256; 9436 tp->nvram_pagesize = 256;
9437 if (nvcfg1 == FLASH_5752VENDOR_ST_M45PE10)
9438 tp->nvram_size = (protect ? 0x10000 : 0x20000);
9439 else if (nvcfg1 == FLASH_5752VENDOR_ST_M45PE20)
9440 tp->nvram_size = (protect ? 0x10000 : 0x40000);
9441 else
9442 tp->nvram_size = (protect ? 0x20000 : 0x80000);
9446 break; 9443 break;
9447 } 9444 }
9448} 9445}
@@ -9518,6 +9515,8 @@ static void __devinit tg3_nvram_init(struct tg3 *tp)
9518 } 9515 }
9519 tg3_enable_nvram_access(tp); 9516 tg3_enable_nvram_access(tp);
9520 9517
9518 tp->nvram_size = 0;
9519
9521 if (GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5752) 9520 if (GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5752)
9522 tg3_get_5752_nvram_info(tp); 9521 tg3_get_5752_nvram_info(tp);
9523 else if (GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5755) 9522 else if (GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5755)
@@ -9529,7 +9528,8 @@ static void __devinit tg3_nvram_init(struct tg3 *tp)
9529 else 9528 else
9530 tg3_get_nvram_info(tp); 9529 tg3_get_nvram_info(tp);
9531 9530
9532 tg3_get_nvram_size(tp); 9531 if (tp->nvram_size == 0)
9532 tg3_get_nvram_size(tp);
9533 9533
9534 tg3_disable_nvram_access(tp); 9534 tg3_disable_nvram_access(tp);
9535 tg3_nvram_unlock(tp); 9535 tg3_nvram_unlock(tp);
@@ -9996,8 +9996,8 @@ static void __devinit tg3_get_eeprom_hw_cfg(struct tg3 *tp)
9996 tp->phy_id = PHY_ID_INVALID; 9996 tp->phy_id = PHY_ID_INVALID;
9997 tp->led_ctrl = LED_CTRL_MODE_PHY_1; 9997 tp->led_ctrl = LED_CTRL_MODE_PHY_1;
9998 9998
9999 /* Assume an onboard device by default. */ 9999 /* Assume an onboard device and WOL capable by default. */
10000 tp->tg3_flags |= TG3_FLAG_EEPROM_WRITE_PROT; 10000 tp->tg3_flags |= TG3_FLAG_EEPROM_WRITE_PROT | TG3_FLAG_WOL_CAP;
10001 10001
10002 if (GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5906) { 10002 if (GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5906) {
10003 if (!(tr32(PCIE_TRANSACTION_CFG) & PCIE_TRANS_CFG_LOM)) { 10003 if (!(tr32(PCIE_TRANSACTION_CFG) & PCIE_TRANS_CFG_LOM)) {
@@ -10120,8 +10120,9 @@ static void __devinit tg3_get_eeprom_hw_cfg(struct tg3 *tp)
10120 if (tp->tg3_flags2 & TG3_FLG2_5750_PLUS) 10120 if (tp->tg3_flags2 & TG3_FLG2_5750_PLUS)
10121 tp->tg3_flags2 |= TG3_FLG2_ASF_NEW_HANDSHAKE; 10121 tp->tg3_flags2 |= TG3_FLG2_ASF_NEW_HANDSHAKE;
10122 } 10122 }
10123 if (nic_cfg & NIC_SRAM_DATA_CFG_FIBER_WOL) 10123 if (tp->tg3_flags2 & TG3_FLG2_ANY_SERDES &&
10124 tp->tg3_flags |= TG3_FLAG_SERDES_WOL_CAP; 10124 !(nic_cfg & NIC_SRAM_DATA_CFG_FIBER_WOL))
10125 tp->tg3_flags &= ~TG3_FLAG_WOL_CAP;
10125 10126
10126 if (cfg2 & (1 << 17)) 10127 if (cfg2 & (1 << 17))
10127 tp->tg3_flags2 |= TG3_FLG2_CAPACITIVE_COUPLING; 10128 tp->tg3_flags2 |= TG3_FLG2_CAPACITIVE_COUPLING;
@@ -10399,6 +10400,8 @@ static void __devinit tg3_read_fw_ver(struct tg3 *tp)
10399 } 10400 }
10400} 10401}
10401 10402
10403static struct pci_dev * __devinit tg3_find_peer(struct tg3 *);
10404
10402static int __devinit tg3_get_invariants(struct tg3 *tp) 10405static int __devinit tg3_get_invariants(struct tg3 *tp)
10403{ 10406{
10404 static struct pci_device_id write_reorder_chipsets[] = { 10407 static struct pci_device_id write_reorder_chipsets[] = {
@@ -10554,6 +10557,10 @@ static int __devinit tg3_get_invariants(struct tg3 *tp)
10554 tp->pci_hdr_type = (cacheline_sz_reg >> 16) & 0xff; 10557 tp->pci_hdr_type = (cacheline_sz_reg >> 16) & 0xff;
10555 tp->pci_bist = (cacheline_sz_reg >> 24) & 0xff; 10558 tp->pci_bist = (cacheline_sz_reg >> 24) & 0xff;
10556 10559
10560 if ((GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5704) ||
10561 (GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5714))
10562 tp->pdev_peer = tg3_find_peer(tp);
10563
10557 if (GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5750 || 10564 if (GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5750 ||
10558 GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5752 || 10565 GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5752 ||
10559 GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5755 || 10566 GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5755 ||
@@ -10567,6 +10574,14 @@ static int __devinit tg3_get_invariants(struct tg3 *tp)
10567 tp->tg3_flags2 |= TG3_FLG2_5705_PLUS; 10574 tp->tg3_flags2 |= TG3_FLG2_5705_PLUS;
10568 10575
10569 if (tp->tg3_flags2 & TG3_FLG2_5750_PLUS) { 10576 if (tp->tg3_flags2 & TG3_FLG2_5750_PLUS) {
10577 tp->tg3_flags |= TG3_FLAG_SUPPORT_MSI;
10578 if (GET_CHIP_REV(tp->pci_chip_rev_id) == CHIPREV_5750_AX ||
10579 GET_CHIP_REV(tp->pci_chip_rev_id) == CHIPREV_5750_BX ||
10580 (GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5714 &&
10581 tp->pci_chip_rev_id <= CHIPREV_ID_5714_A2 &&
10582 tp->pdev_peer == tp->pdev))
10583 tp->tg3_flags &= ~TG3_FLAG_SUPPORT_MSI;
10584
10570 if (GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5755 || 10585 if (GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5755 ||
10571 GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5787 || 10586 GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5787 ||
10572 GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5906) { 10587 GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5906) {
@@ -10668,17 +10683,6 @@ static int __devinit tg3_get_invariants(struct tg3 *tp)
10668 if (GET_CHIP_REV(tp->pci_chip_rev_id) == CHIPREV_5700_BX) 10683 if (GET_CHIP_REV(tp->pci_chip_rev_id) == CHIPREV_5700_BX)
10669 tp->tg3_flags |= TG3_FLAG_TXD_MBOX_HWBUG; 10684 tp->tg3_flags |= TG3_FLAG_TXD_MBOX_HWBUG;
10670 10685
10671 /* Back to back register writes can cause problems on this chip,
10672 * the workaround is to read back all reg writes except those to
10673 * mailbox regs. See tg3_write_indirect_reg32().
10674 *
10675 * PCI Express 5750_A0 rev chips need this workaround too.
10676 */
10677 if (GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5701 ||
10678 ((tp->tg3_flags2 & TG3_FLG2_PCI_EXPRESS) &&
10679 tp->pci_chip_rev_id == CHIPREV_ID_5750_A0))
10680 tp->tg3_flags |= TG3_FLAG_5701_REG_WRITE_BUG;
10681
10682 if ((pci_state_reg & PCISTATE_BUS_SPEED_HIGH) != 0) 10686 if ((pci_state_reg & PCISTATE_BUS_SPEED_HIGH) != 0)
10683 tp->tg3_flags |= TG3_FLAG_PCI_HIGH_SPEED; 10687 tp->tg3_flags |= TG3_FLAG_PCI_HIGH_SPEED;
10684 if ((pci_state_reg & PCISTATE_BUS_32BIT) != 0) 10688 if ((pci_state_reg & PCISTATE_BUS_32BIT) != 0)
@@ -10702,8 +10706,19 @@ static int __devinit tg3_get_invariants(struct tg3 *tp)
10702 /* Various workaround register access methods */ 10706 /* Various workaround register access methods */
10703 if (tp->tg3_flags & TG3_FLAG_PCIX_TARGET_HWBUG) 10707 if (tp->tg3_flags & TG3_FLAG_PCIX_TARGET_HWBUG)
10704 tp->write32 = tg3_write_indirect_reg32; 10708 tp->write32 = tg3_write_indirect_reg32;
10705 else if (tp->tg3_flags & TG3_FLAG_5701_REG_WRITE_BUG) 10709 else if (GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5701 ||
10710 ((tp->tg3_flags2 & TG3_FLG2_PCI_EXPRESS) &&
10711 tp->pci_chip_rev_id == CHIPREV_ID_5750_A0)) {
10712 /*
10713 * Back to back register writes can cause problems on these
10714 * chips, the workaround is to read back all reg writes
10715 * except those to mailbox regs.
10716 *
10717 * See tg3_write_indirect_reg32().
10718 */
10706 tp->write32 = tg3_write_flush_reg32; 10719 tp->write32 = tg3_write_flush_reg32;
10720 }
10721
10707 10722
10708 if ((tp->tg3_flags & TG3_FLAG_TXD_MBOX_HWBUG) || 10723 if ((tp->tg3_flags & TG3_FLAG_TXD_MBOX_HWBUG) ||
10709 (tp->tg3_flags & TG3_FLAG_MBOX_WRITE_REORDER)) { 10724 (tp->tg3_flags & TG3_FLAG_MBOX_WRITE_REORDER)) {
@@ -11892,10 +11907,6 @@ static int __devinit tg3_init_one(struct pci_dev *pdev,
11892 tp->rx_pending = 63; 11907 tp->rx_pending = 63;
11893 } 11908 }
11894 11909
11895 if ((GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5704) ||
11896 (GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5714))
11897 tp->pdev_peer = tg3_find_peer(tp);
11898
11899 err = tg3_get_device_address(tp); 11910 err = tg3_get_device_address(tp);
11900 if (err) { 11911 if (err) {
11901 printk(KERN_ERR PFX "Could not obtain valid ethernet address, " 11912 printk(KERN_ERR PFX "Could not obtain valid ethernet address, "
diff --git a/drivers/net/tg3.h b/drivers/net/tg3.h
index d515ed23841b..dcdfc084966c 100644
--- a/drivers/net/tg3.h
+++ b/drivers/net/tg3.h
@@ -131,6 +131,7 @@
131#define CHIPREV_ID_5752_A0_HW 0x5000 131#define CHIPREV_ID_5752_A0_HW 0x5000
132#define CHIPREV_ID_5752_A0 0x6000 132#define CHIPREV_ID_5752_A0 0x6000
133#define CHIPREV_ID_5752_A1 0x6001 133#define CHIPREV_ID_5752_A1 0x6001
134#define CHIPREV_ID_5714_A2 0x9002
134#define CHIPREV_ID_5906_A1 0xc001 135#define CHIPREV_ID_5906_A1 0xc001
135#define GET_ASIC_REV(CHIP_REV_ID) ((CHIP_REV_ID) >> 12) 136#define GET_ASIC_REV(CHIP_REV_ID) ((CHIP_REV_ID) >> 12)
136#define ASIC_REV_5700 0x07 137#define ASIC_REV_5700 0x07
@@ -2199,7 +2200,6 @@ struct tg3 {
2199#define TG3_FLAG_USE_LINKCHG_REG 0x00000008 2200#define TG3_FLAG_USE_LINKCHG_REG 0x00000008
2200#define TG3_FLAG_USE_MI_INTERRUPT 0x00000010 2201#define TG3_FLAG_USE_MI_INTERRUPT 0x00000010
2201#define TG3_FLAG_ENABLE_ASF 0x00000020 2202#define TG3_FLAG_ENABLE_ASF 0x00000020
2202#define TG3_FLAG_5701_REG_WRITE_BUG 0x00000040
2203#define TG3_FLAG_POLL_SERDES 0x00000080 2203#define TG3_FLAG_POLL_SERDES 0x00000080
2204#define TG3_FLAG_MBOX_WRITE_REORDER 0x00000100 2204#define TG3_FLAG_MBOX_WRITE_REORDER 0x00000100
2205#define TG3_FLAG_PCIX_TARGET_HWBUG 0x00000200 2205#define TG3_FLAG_PCIX_TARGET_HWBUG 0x00000200
@@ -2215,14 +2215,14 @@ struct tg3 {
2215#define TG3_FLAG_PCI_32BIT 0x00080000 2215#define TG3_FLAG_PCI_32BIT 0x00080000
2216#define TG3_FLAG_SRAM_USE_CONFIG 0x00100000 2216#define TG3_FLAG_SRAM_USE_CONFIG 0x00100000
2217#define TG3_FLAG_TX_RECOVERY_PENDING 0x00200000 2217#define TG3_FLAG_TX_RECOVERY_PENDING 0x00200000
2218#define TG3_FLAG_SERDES_WOL_CAP 0x00400000 2218#define TG3_FLAG_WOL_CAP 0x00400000
2219#define TG3_FLAG_JUMBO_RING_ENABLE 0x00800000 2219#define TG3_FLAG_JUMBO_RING_ENABLE 0x00800000
2220#define TG3_FLAG_10_100_ONLY 0x01000000 2220#define TG3_FLAG_10_100_ONLY 0x01000000
2221#define TG3_FLAG_PAUSE_AUTONEG 0x02000000 2221#define TG3_FLAG_PAUSE_AUTONEG 0x02000000
2222#define TG3_FLAG_IN_RESET_TASK 0x04000000 2222#define TG3_FLAG_IN_RESET_TASK 0x04000000
2223#define TG3_FLAG_40BIT_DMA_BUG 0x08000000 2223#define TG3_FLAG_40BIT_DMA_BUG 0x08000000
2224#define TG3_FLAG_BROKEN_CHECKSUMS 0x10000000 2224#define TG3_FLAG_BROKEN_CHECKSUMS 0x10000000
2225#define TG3_FLAG_GOT_SERDES_FLOWCTL 0x20000000 2225#define TG3_FLAG_SUPPORT_MSI 0x20000000
2226#define TG3_FLAG_CHIP_RESETTING 0x40000000 2226#define TG3_FLAG_CHIP_RESETTING 0x40000000
2227#define TG3_FLAG_INIT_COMPLETE 0x80000000 2227#define TG3_FLAG_INIT_COMPLETE 0x80000000
2228 u32 tg3_flags2; 2228 u32 tg3_flags2;
diff --git a/include/linux/ieee80211.h b/include/linux/ieee80211.h
new file mode 100644
index 000000000000..ecd61e8438a5
--- /dev/null
+++ b/include/linux/ieee80211.h
@@ -0,0 +1,342 @@
1/*
2 * IEEE 802.11 defines
3 *
4 * Copyright (c) 2001-2002, SSH Communications Security Corp and Jouni Malinen
5 * <jkmaline@cc.hut.fi>
6 * Copyright (c) 2002-2003, Jouni Malinen <jkmaline@cc.hut.fi>
7 * Copyright (c) 2005, Devicescape Software, Inc.
8 * Copyright (c) 2006, Michael Wu <flamingice@sourmilk.net>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License version 2 as
12 * published by the Free Software Foundation.
13 */
14
15#ifndef IEEE80211_H
16#define IEEE80211_H
17
18#include <linux/types.h>
19
20#define FCS_LEN 4
21
22#define IEEE80211_FCTL_VERS 0x0003
23#define IEEE80211_FCTL_FTYPE 0x000c
24#define IEEE80211_FCTL_STYPE 0x00f0
25#define IEEE80211_FCTL_TODS 0x0100
26#define IEEE80211_FCTL_FROMDS 0x0200
27#define IEEE80211_FCTL_MOREFRAGS 0x0400
28#define IEEE80211_FCTL_RETRY 0x0800
29#define IEEE80211_FCTL_PM 0x1000
30#define IEEE80211_FCTL_MOREDATA 0x2000
31#define IEEE80211_FCTL_PROTECTED 0x4000
32#define IEEE80211_FCTL_ORDER 0x8000
33
34#define IEEE80211_SCTL_FRAG 0x000F
35#define IEEE80211_SCTL_SEQ 0xFFF0
36
37#define IEEE80211_FTYPE_MGMT 0x0000
38#define IEEE80211_FTYPE_CTL 0x0004
39#define IEEE80211_FTYPE_DATA 0x0008
40
41/* management */
42#define IEEE80211_STYPE_ASSOC_REQ 0x0000
43#define IEEE80211_STYPE_ASSOC_RESP 0x0010
44#define IEEE80211_STYPE_REASSOC_REQ 0x0020
45#define IEEE80211_STYPE_REASSOC_RESP 0x0030
46#define IEEE80211_STYPE_PROBE_REQ 0x0040
47#define IEEE80211_STYPE_PROBE_RESP 0x0050
48#define IEEE80211_STYPE_BEACON 0x0080
49#define IEEE80211_STYPE_ATIM 0x0090
50#define IEEE80211_STYPE_DISASSOC 0x00A0
51#define IEEE80211_STYPE_AUTH 0x00B0
52#define IEEE80211_STYPE_DEAUTH 0x00C0
53#define IEEE80211_STYPE_ACTION 0x00D0
54
55/* control */
56#define IEEE80211_STYPE_PSPOLL 0x00A0
57#define IEEE80211_STYPE_RTS 0x00B0
58#define IEEE80211_STYPE_CTS 0x00C0
59#define IEEE80211_STYPE_ACK 0x00D0
60#define IEEE80211_STYPE_CFEND 0x00E0
61#define IEEE80211_STYPE_CFENDACK 0x00F0
62
63/* data */
64#define IEEE80211_STYPE_DATA 0x0000
65#define IEEE80211_STYPE_DATA_CFACK 0x0010
66#define IEEE80211_STYPE_DATA_CFPOLL 0x0020
67#define IEEE80211_STYPE_DATA_CFACKPOLL 0x0030
68#define IEEE80211_STYPE_NULLFUNC 0x0040
69#define IEEE80211_STYPE_CFACK 0x0050
70#define IEEE80211_STYPE_CFPOLL 0x0060
71#define IEEE80211_STYPE_CFACKPOLL 0x0070
72#define IEEE80211_STYPE_QOS_DATA 0x0080
73#define IEEE80211_STYPE_QOS_DATA_CFACK 0x0090
74#define IEEE80211_STYPE_QOS_DATA_CFPOLL 0x00A0
75#define IEEE80211_STYPE_QOS_DATA_CFACKPOLL 0x00B0
76#define IEEE80211_STYPE_QOS_NULLFUNC 0x00C0
77#define IEEE80211_STYPE_QOS_CFACK 0x00D0
78#define IEEE80211_STYPE_QOS_CFPOLL 0x00E0
79#define IEEE80211_STYPE_QOS_CFACKPOLL 0x00F0
80
81
82/* miscellaneous IEEE 802.11 constants */
83#define IEEE80211_MAX_FRAG_THRESHOLD 2346
84#define IEEE80211_MAX_RTS_THRESHOLD 2347
85#define IEEE80211_MAX_AID 2007
86#define IEEE80211_MAX_TIM_LEN 251
87#define IEEE80211_MAX_DATA_LEN 2304
88/* Maximum size for the MA-UNITDATA primitive, 802.11 standard section
89 6.2.1.1.2.
90
91 The figure in section 7.1.2 suggests a body size of up to 2312
92 bytes is allowed, which is a bit confusing, I suspect this
93 represents the 2304 bytes of real data, plus a possible 8 bytes of
94 WEP IV and ICV. (this interpretation suggested by Ramiro Barreiro) */
95
96#define IEEE80211_MAX_SSID_LEN 32
97
98struct ieee80211_hdr {
99 __le16 frame_control;
100 __le16 duration_id;
101 u8 addr1[6];
102 u8 addr2[6];
103 u8 addr3[6];
104 __le16 seq_ctrl;
105 u8 addr4[6];
106} __attribute__ ((packed));
107
108
109struct ieee80211_mgmt {
110 __le16 frame_control;
111 __le16 duration;
112 u8 da[6];
113 u8 sa[6];
114 u8 bssid[6];
115 __le16 seq_ctrl;
116 union {
117 struct {
118 __le16 auth_alg;
119 __le16 auth_transaction;
120 __le16 status_code;
121 /* possibly followed by Challenge text */
122 u8 variable[0];
123 } __attribute__ ((packed)) auth;
124 struct {
125 __le16 reason_code;
126 } __attribute__ ((packed)) deauth;
127 struct {
128 __le16 capab_info;
129 __le16 listen_interval;
130 /* followed by SSID and Supported rates */
131 u8 variable[0];
132 } __attribute__ ((packed)) assoc_req;
133 struct {
134 __le16 capab_info;
135 __le16 status_code;
136 __le16 aid;
137 /* followed by Supported rates */
138 u8 variable[0];
139 } __attribute__ ((packed)) assoc_resp, reassoc_resp;
140 struct {
141 __le16 capab_info;
142 __le16 listen_interval;
143 u8 current_ap[6];
144 /* followed by SSID and Supported rates */
145 u8 variable[0];
146 } __attribute__ ((packed)) reassoc_req;
147 struct {
148 __le16 reason_code;
149 } __attribute__ ((packed)) disassoc;
150 struct {
151 __le64 timestamp;
152 __le16 beacon_int;
153 __le16 capab_info;
154 /* followed by some of SSID, Supported rates,
155 * FH Params, DS Params, CF Params, IBSS Params, TIM */
156 u8 variable[0];
157 } __attribute__ ((packed)) beacon;
158 struct {
159 /* only variable items: SSID, Supported rates */
160 u8 variable[0];
161 } __attribute__ ((packed)) probe_req;
162 struct {
163 __le64 timestamp;
164 __le16 beacon_int;
165 __le16 capab_info;
166 /* followed by some of SSID, Supported rates,
167 * FH Params, DS Params, CF Params, IBSS Params */
168 u8 variable[0];
169 } __attribute__ ((packed)) probe_resp;
170 struct {
171 u8 category;
172 union {
173 struct {
174 u8 action_code;
175 u8 dialog_token;
176 u8 status_code;
177 u8 variable[0];
178 } __attribute__ ((packed)) wme_action;
179 struct{
180 u8 action_code;
181 u8 element_id;
182 u8 length;
183 u8 switch_mode;
184 u8 new_chan;
185 u8 switch_count;
186 } __attribute__((packed)) chan_switch;
187 } u;
188 } __attribute__ ((packed)) action;
189 } u;
190} __attribute__ ((packed));
191
192
193/* Control frames */
194struct ieee80211_rts {
195 __le16 frame_control;
196 __le16 duration;
197 u8 ra[6];
198 u8 ta[6];
199} __attribute__ ((packed));
200
201struct ieee80211_cts {
202 __le16 frame_control;
203 __le16 duration;
204 u8 ra[6];
205} __attribute__ ((packed));
206
207
208/* Authentication algorithms */
209#define WLAN_AUTH_OPEN 0
210#define WLAN_AUTH_SHARED_KEY 1
211#define WLAN_AUTH_FAST_BSS_TRANSITION 2
212#define WLAN_AUTH_LEAP 128
213
214#define WLAN_AUTH_CHALLENGE_LEN 128
215
216#define WLAN_CAPABILITY_ESS (1<<0)
217#define WLAN_CAPABILITY_IBSS (1<<1)
218#define WLAN_CAPABILITY_CF_POLLABLE (1<<2)
219#define WLAN_CAPABILITY_CF_POLL_REQUEST (1<<3)
220#define WLAN_CAPABILITY_PRIVACY (1<<4)
221#define WLAN_CAPABILITY_SHORT_PREAMBLE (1<<5)
222#define WLAN_CAPABILITY_PBCC (1<<6)
223#define WLAN_CAPABILITY_CHANNEL_AGILITY (1<<7)
224/* 802.11h */
225#define WLAN_CAPABILITY_SPECTRUM_MGMT (1<<8)
226#define WLAN_CAPABILITY_QOS (1<<9)
227#define WLAN_CAPABILITY_SHORT_SLOT_TIME (1<<10)
228#define WLAN_CAPABILITY_DSSS_OFDM (1<<13)
229
230/* Status codes */
231enum ieee80211_statuscode {
232 WLAN_STATUS_SUCCESS = 0,
233 WLAN_STATUS_UNSPECIFIED_FAILURE = 1,
234 WLAN_STATUS_CAPS_UNSUPPORTED = 10,
235 WLAN_STATUS_REASSOC_NO_ASSOC = 11,
236 WLAN_STATUS_ASSOC_DENIED_UNSPEC = 12,
237 WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG = 13,
238 WLAN_STATUS_UNKNOWN_AUTH_TRANSACTION = 14,
239 WLAN_STATUS_CHALLENGE_FAIL = 15,
240 WLAN_STATUS_AUTH_TIMEOUT = 16,
241 WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA = 17,
242 WLAN_STATUS_ASSOC_DENIED_RATES = 18,
243 /* 802.11b */
244 WLAN_STATUS_ASSOC_DENIED_NOSHORTPREAMBLE = 19,
245 WLAN_STATUS_ASSOC_DENIED_NOPBCC = 20,
246 WLAN_STATUS_ASSOC_DENIED_NOAGILITY = 21,
247 /* 802.11h */
248 WLAN_STATUS_ASSOC_DENIED_NOSPECTRUM = 22,
249 WLAN_STATUS_ASSOC_REJECTED_BAD_POWER = 23,
250 WLAN_STATUS_ASSOC_REJECTED_BAD_SUPP_CHAN = 24,
251 /* 802.11g */
252 WLAN_STATUS_ASSOC_DENIED_NOSHORTTIME = 25,
253 WLAN_STATUS_ASSOC_DENIED_NODSSSOFDM = 26,
254 /* 802.11i */
255 WLAN_STATUS_INVALID_IE = 40,
256 WLAN_STATUS_INVALID_GROUP_CIPHER = 41,
257 WLAN_STATUS_INVALID_PAIRWISE_CIPHER = 42,
258 WLAN_STATUS_INVALID_AKMP = 43,
259 WLAN_STATUS_UNSUPP_RSN_VERSION = 44,
260 WLAN_STATUS_INVALID_RSN_IE_CAP = 45,
261 WLAN_STATUS_CIPHER_SUITE_REJECTED = 46,
262};
263
264
265/* Reason codes */
266enum ieee80211_reasoncode {
267 WLAN_REASON_UNSPECIFIED = 1,
268 WLAN_REASON_PREV_AUTH_NOT_VALID = 2,
269 WLAN_REASON_DEAUTH_LEAVING = 3,
270 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY = 4,
271 WLAN_REASON_DISASSOC_AP_BUSY = 5,
272 WLAN_REASON_CLASS2_FRAME_FROM_NONAUTH_STA = 6,
273 WLAN_REASON_CLASS3_FRAME_FROM_NONASSOC_STA = 7,
274 WLAN_REASON_DISASSOC_STA_HAS_LEFT = 8,
275 WLAN_REASON_STA_REQ_ASSOC_WITHOUT_AUTH = 9,
276 /* 802.11h */
277 WLAN_REASON_DISASSOC_BAD_POWER = 10,
278 WLAN_REASON_DISASSOC_BAD_SUPP_CHAN = 11,
279 /* 802.11i */
280 WLAN_REASON_INVALID_IE = 13,
281 WLAN_REASON_MIC_FAILURE = 14,
282 WLAN_REASON_4WAY_HANDSHAKE_TIMEOUT = 15,
283 WLAN_REASON_GROUP_KEY_HANDSHAKE_TIMEOUT = 16,
284 WLAN_REASON_IE_DIFFERENT = 17,
285 WLAN_REASON_INVALID_GROUP_CIPHER = 18,
286 WLAN_REASON_INVALID_PAIRWISE_CIPHER = 19,
287 WLAN_REASON_INVALID_AKMP = 20,
288 WLAN_REASON_UNSUPP_RSN_VERSION = 21,
289 WLAN_REASON_INVALID_RSN_IE_CAP = 22,
290 WLAN_REASON_IEEE8021X_FAILED = 23,
291 WLAN_REASON_CIPHER_SUITE_REJECTED = 24,
292};
293
294
295/* Information Element IDs */
296enum ieee80211_eid {
297 WLAN_EID_SSID = 0,
298 WLAN_EID_SUPP_RATES = 1,
299 WLAN_EID_FH_PARAMS = 2,
300 WLAN_EID_DS_PARAMS = 3,
301 WLAN_EID_CF_PARAMS = 4,
302 WLAN_EID_TIM = 5,
303 WLAN_EID_IBSS_PARAMS = 6,
304 WLAN_EID_CHALLENGE = 16,
305 /* 802.11d */
306 WLAN_EID_COUNTRY = 7,
307 WLAN_EID_HP_PARAMS = 8,
308 WLAN_EID_HP_TABLE = 9,
309 WLAN_EID_REQUEST = 10,
310 /* 802.11h */
311 WLAN_EID_PWR_CONSTRAINT = 32,
312 WLAN_EID_PWR_CAPABILITY = 33,
313 WLAN_EID_TPC_REQUEST = 34,
314 WLAN_EID_TPC_REPORT = 35,
315 WLAN_EID_SUPPORTED_CHANNELS = 36,
316 WLAN_EID_CHANNEL_SWITCH = 37,
317 WLAN_EID_MEASURE_REQUEST = 38,
318 WLAN_EID_MEASURE_REPORT = 39,
319 WLAN_EID_QUIET = 40,
320 WLAN_EID_IBSS_DFS = 41,
321 /* 802.11g */
322 WLAN_EID_ERP_INFO = 42,
323 WLAN_EID_EXT_SUPP_RATES = 50,
324 /* 802.11i */
325 WLAN_EID_RSN = 48,
326 WLAN_EID_WPA = 221,
327 WLAN_EID_GENERIC = 221,
328 WLAN_EID_VENDOR_SPECIFIC = 221,
329 WLAN_EID_QOS_PARAMETER = 222
330};
331
332/* cipher suite selectors */
333#define WLAN_CIPHER_SUITE_USE_GROUP 0x000FAC00
334#define WLAN_CIPHER_SUITE_WEP40 0x000FAC01
335#define WLAN_CIPHER_SUITE_TKIP 0x000FAC02
336/* reserved: 0x000FAC03 */
337#define WLAN_CIPHER_SUITE_CCMP 0x000FAC04
338#define WLAN_CIPHER_SUITE_WEP104 0x000FAC05
339
340#define WLAN_MAX_KEY_LEN 32
341
342#endif /* IEEE80211_H */
diff --git a/include/linux/netlink.h b/include/linux/netlink.h
index f41688f56632..2e23353c28a5 100644
--- a/include/linux/netlink.h
+++ b/include/linux/netlink.h
@@ -31,7 +31,7 @@ struct sockaddr_nl
31{ 31{
32 sa_family_t nl_family; /* AF_NETLINK */ 32 sa_family_t nl_family; /* AF_NETLINK */
33 unsigned short nl_pad; /* zero */ 33 unsigned short nl_pad; /* zero */
34 __u32 nl_pid; /* process pid */ 34 __u32 nl_pid; /* port ID */
35 __u32 nl_groups; /* multicast groups mask */ 35 __u32 nl_groups; /* multicast groups mask */
36}; 36};
37 37
@@ -41,7 +41,7 @@ struct nlmsghdr
41 __u16 nlmsg_type; /* Message content */ 41 __u16 nlmsg_type; /* Message content */
42 __u16 nlmsg_flags; /* Additional flags */ 42 __u16 nlmsg_flags; /* Additional flags */
43 __u32 nlmsg_seq; /* Sequence number */ 43 __u32 nlmsg_seq; /* Sequence number */
44 __u32 nlmsg_pid; /* Sending process PID */ 44 __u32 nlmsg_pid; /* Sending process port ID */
45}; 45};
46 46
47/* Flags values */ 47/* Flags values */
diff --git a/include/net/mac80211.h b/include/net/mac80211.h
new file mode 100644
index 000000000000..a7f122b79948
--- /dev/null
+++ b/include/net/mac80211.h
@@ -0,0 +1,1045 @@
1/*
2 * Low-level hardware driver -- IEEE 802.11 driver (80211.o) interface
3 * Copyright 2002-2005, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#ifndef MAC80211_H
12#define MAC80211_H
13
14#include <linux/kernel.h>
15#include <linux/if_ether.h>
16#include <linux/skbuff.h>
17#include <linux/wireless.h>
18#include <linux/device.h>
19#include <linux/ieee80211.h>
20#include <net/wireless.h>
21#include <net/cfg80211.h>
22
23/* Note! Only ieee80211_tx_status_irqsafe() and ieee80211_rx_irqsafe() can be
24 * called in hardware interrupt context. The low-level driver must not call any
25 * other functions in hardware interrupt context. If there is a need for such
26 * call, the low-level driver should first ACK the interrupt and perform the
27 * IEEE 802.11 code call after this, e.g., from a scheduled tasklet (in
28 * software interrupt context).
29 */
30
31/*
32 * Frame format used when passing frame between low-level hardware drivers
33 * and IEEE 802.11 driver the same as used in the wireless media, i.e.,
34 * buffers start with IEEE 802.11 header and include the same octets that
35 * are sent over air.
36 *
37 * If hardware uses IEEE 802.3 headers (and perform 802.3 <-> 802.11
38 * conversion in firmware), upper layer 802.11 code needs to be changed to
39 * support this.
40 *
41 * If the receive frame format is not the same as the real frame sent
42 * on the wireless media (e.g., due to padding etc.), upper layer 802.11 code
43 * could be updated to provide support for such format assuming this would
44 * optimize the performance, e.g., by removing need to re-allocation and
45 * copying of the data.
46 */
47
48#define IEEE80211_CHAN_W_SCAN 0x00000001
49#define IEEE80211_CHAN_W_ACTIVE_SCAN 0x00000002
50#define IEEE80211_CHAN_W_IBSS 0x00000004
51
52/* Channel information structure. Low-level driver is expected to fill in chan,
53 * freq, and val fields. Other fields will be filled in by 80211.o based on
54 * hostapd information and low-level driver does not need to use them. The
55 * limits for each channel will be provided in 'struct ieee80211_conf' when
56 * configuring the low-level driver with hw->config callback. If a device has
57 * a default regulatory domain, IEEE80211_HW_DEFAULT_REG_DOMAIN_CONFIGURED
58 * can be set to let the driver configure all fields */
59struct ieee80211_channel {
60 short chan; /* channel number (IEEE 802.11) */
61 short freq; /* frequency in MHz */
62 int val; /* hw specific value for the channel */
63 int flag; /* flag for hostapd use (IEEE80211_CHAN_*) */
64 unsigned char power_level;
65 unsigned char antenna_max;
66};
67
68#define IEEE80211_RATE_ERP 0x00000001
69#define IEEE80211_RATE_BASIC 0x00000002
70#define IEEE80211_RATE_PREAMBLE2 0x00000004
71#define IEEE80211_RATE_SUPPORTED 0x00000010
72#define IEEE80211_RATE_OFDM 0x00000020
73#define IEEE80211_RATE_CCK 0x00000040
74#define IEEE80211_RATE_TURBO 0x00000080
75#define IEEE80211_RATE_MANDATORY 0x00000100
76
77#define IEEE80211_RATE_CCK_2 (IEEE80211_RATE_CCK | IEEE80211_RATE_PREAMBLE2)
78#define IEEE80211_RATE_MODULATION(f) \
79 (f & (IEEE80211_RATE_CCK | IEEE80211_RATE_OFDM))
80
81/* Low-level driver should set PREAMBLE2, OFDM, CCK, and TURBO flags.
82 * BASIC, SUPPORTED, ERP, and MANDATORY flags are set in 80211.o based on the
83 * configuration. */
84struct ieee80211_rate {
85 int rate; /* rate in 100 kbps */
86 int val; /* hw specific value for the rate */
87 int flags; /* IEEE80211_RATE_ flags */
88 int val2; /* hw specific value for the rate when using short preamble
89 * (only when IEEE80211_RATE_PREAMBLE2 flag is set, i.e., for
90 * 2, 5.5, and 11 Mbps) */
91 signed char min_rssi_ack;
92 unsigned char min_rssi_ack_delta;
93
94 /* following fields are set by 80211.o and need not be filled by the
95 * low-level driver */
96 int rate_inv; /* inverse of the rate (LCM(all rates) / rate) for
97 * optimizing channel utilization estimates */
98};
99
100/* 802.11g is backwards-compatible with 802.11b, so a wlan card can
101 * actually be both in 11b and 11g modes at the same time. */
102enum {
103 MODE_IEEE80211A, /* IEEE 802.11a */
104 MODE_IEEE80211B, /* IEEE 802.11b only */
105 MODE_ATHEROS_TURBO, /* Atheros Turbo mode (2x.11a at 5 GHz) */
106 MODE_IEEE80211G, /* IEEE 802.11g (and 802.11b compatibility) */
107 MODE_ATHEROS_TURBOG, /* Atheros Turbo mode (2x.11g at 2.4 GHz) */
108
109 /* keep last */
110 NUM_IEEE80211_MODES
111};
112
113struct ieee80211_hw_mode {
114 int mode; /* MODE_IEEE80211... */
115 int num_channels; /* Number of channels (below) */
116 struct ieee80211_channel *channels; /* Array of supported channels */
117 int num_rates; /* Number of rates (below) */
118 struct ieee80211_rate *rates; /* Array of supported rates */
119
120 struct list_head list; /* Internal, don't touch */
121};
122
123struct ieee80211_tx_queue_params {
124 int aifs; /* 0 .. 255; -1 = use default */
125 int cw_min; /* 2^n-1: 1, 3, 7, .. , 1023; 0 = use default */
126 int cw_max; /* 2^n-1: 1, 3, 7, .. , 1023; 0 = use default */
127 int burst_time; /* maximum burst time in 0.1 ms (i.e., 10 = 1 ms);
128 * 0 = disabled */
129};
130
131struct ieee80211_tx_queue_stats_data {
132 unsigned int len; /* num packets in queue */
133 unsigned int limit; /* queue len (soft) limit */
134 unsigned int count; /* total num frames sent */
135};
136
137enum {
138 IEEE80211_TX_QUEUE_DATA0,
139 IEEE80211_TX_QUEUE_DATA1,
140 IEEE80211_TX_QUEUE_DATA2,
141 IEEE80211_TX_QUEUE_DATA3,
142 IEEE80211_TX_QUEUE_DATA4,
143 IEEE80211_TX_QUEUE_SVP,
144
145 NUM_TX_DATA_QUEUES,
146
147/* due to stupidity in the sub-ioctl userspace interface, the items in
148 * this struct need to have fixed values. As soon as it is removed, we can
149 * fix these entries. */
150 IEEE80211_TX_QUEUE_AFTER_BEACON = 6,
151 IEEE80211_TX_QUEUE_BEACON = 7
152};
153
154struct ieee80211_tx_queue_stats {
155 struct ieee80211_tx_queue_stats_data data[NUM_TX_DATA_QUEUES];
156};
157
158struct ieee80211_low_level_stats {
159 unsigned int dot11ACKFailureCount;
160 unsigned int dot11RTSFailureCount;
161 unsigned int dot11FCSErrorCount;
162 unsigned int dot11RTSSuccessCount;
163};
164
165/* Transmit control fields. This data structure is passed to low-level driver
166 * with each TX frame. The low-level driver is responsible for configuring
167 * the hardware to use given values (depending on what is supported). */
168#define HW_KEY_IDX_INVALID -1
169
170struct ieee80211_tx_control {
171 int tx_rate; /* Transmit rate, given as the hw specific value for the
172 * rate (from struct ieee80211_rate) */
173 int rts_cts_rate; /* Transmit rate for RTS/CTS frame, given as the hw
174 * specific value for the rate (from
175 * struct ieee80211_rate) */
176
177#define IEEE80211_TXCTL_REQ_TX_STATUS (1<<0)/* request TX status callback for
178 * this frame */
179#define IEEE80211_TXCTL_DO_NOT_ENCRYPT (1<<1) /* send this frame without
180 * encryption; e.g., for EAPOL
181 * frames */
182#define IEEE80211_TXCTL_USE_RTS_CTS (1<<2) /* use RTS-CTS before sending
183 * frame */
184#define IEEE80211_TXCTL_USE_CTS_PROTECT (1<<3) /* use CTS protection for the
185 * frame (e.g., for combined
186 * 802.11g / 802.11b networks) */
187#define IEEE80211_TXCTL_NO_ACK (1<<4) /* tell the low level not to
188 * wait for an ack */
189#define IEEE80211_TXCTL_RATE_CTRL_PROBE (1<<5)
190#define IEEE80211_TXCTL_CLEAR_DST_MASK (1<<6)
191#define IEEE80211_TXCTL_REQUEUE (1<<7)
192#define IEEE80211_TXCTL_FIRST_FRAGMENT (1<<8) /* this is a first fragment of
193 * the frame */
194#define IEEE80211_TXCTL_TKIP_NEW_PHASE1_KEY (1<<9)
195 u32 flags; /* tx control flags defined
196 * above */
197 u8 retry_limit; /* 1 = only first attempt, 2 = one retry, .. */
198 u8 power_level; /* per-packet transmit power level, in dBm */
199 u8 antenna_sel_tx; /* 0 = default/diversity, 1 = Ant0, 2 = Ant1 */
200 s8 key_idx; /* -1 = do not encrypt, >= 0 keyidx from
201 * hw->set_key() */
202 u8 icv_len; /* length of the ICV/MIC field in octets */
203 u8 iv_len; /* length of the IV field in octets */
204 u8 tkip_key[16]; /* generated phase2/phase1 key for hw TKIP */
205 u8 queue; /* hardware queue to use for this frame;
206 * 0 = highest, hw->queues-1 = lowest */
207 u8 sw_retry_attempt; /* number of times hw has tried to
208 * transmit frame (not incl. hw retries) */
209
210 struct ieee80211_rate *rate; /* internal 80211.o rate */
211 struct ieee80211_rate *rts_rate; /* internal 80211.o rate
212 * for RTS/CTS */
213 int alt_retry_rate; /* retry rate for the last retries, given as the
214 * hw specific value for the rate (from
215 * struct ieee80211_rate). To be used to limit
216 * packet dropping when probing higher rates, if hw
217 * supports multiple retry rates. -1 = not used */
218 int type; /* internal */
219 int ifindex; /* internal */
220};
221
222/* Receive status. The low-level driver should provide this information
223 * (the subset supported by hardware) to the 802.11 code with each received
224 * frame. */
225struct ieee80211_rx_status {
226 u64 mactime;
227 int freq; /* receive frequency in Mhz */
228 int channel;
229 int phymode;
230 int ssi;
231 int signal; /* used as qual in statistics reporting */
232 int noise;
233 int antenna;
234 int rate;
235#define RX_FLAG_MMIC_ERROR (1<<0)
236#define RX_FLAG_DECRYPTED (1<<1)
237#define RX_FLAG_RADIOTAP (1<<2)
238 int flag;
239};
240
241/* Transmit status. The low-level driver should provide this information
242 * (the subset supported by hardware) to the 802.11 code for each transmit
243 * frame. */
244struct ieee80211_tx_status {
245 /* copied ieee80211_tx_control structure */
246 struct ieee80211_tx_control control;
247
248#define IEEE80211_TX_STATUS_TX_FILTERED (1<<0)
249#define IEEE80211_TX_STATUS_ACK (1<<1) /* whether the TX frame was ACKed */
250 u32 flags; /* tx staus flags defined above */
251
252 int ack_signal; /* measured signal strength of the ACK frame */
253 int excessive_retries;
254 int retry_count;
255
256 int queue_length; /* information about TX queue */
257 int queue_number;
258};
259
260
261/**
262 * struct ieee80211_conf - configuration of the device
263 *
264 * This struct indicates how the driver shall configure the hardware.
265 *
266 * @radio_enabled: when zero, driver is required to switch off the radio.
267 */
268struct ieee80211_conf {
269 int channel; /* IEEE 802.11 channel number */
270 int freq; /* MHz */
271 int channel_val; /* hw specific value for the channel */
272
273 int phymode; /* MODE_IEEE80211A, .. */
274 struct ieee80211_channel *chan;
275 struct ieee80211_hw_mode *mode;
276 unsigned int regulatory_domain;
277 int radio_enabled;
278
279 int beacon_int;
280
281#define IEEE80211_CONF_SHORT_SLOT_TIME (1<<0) /* use IEEE 802.11g Short Slot
282 * Time */
283#define IEEE80211_CONF_SSID_HIDDEN (1<<1) /* do not broadcast the ssid */
284#define IEEE80211_CONF_RADIOTAP (1<<2) /* use radiotap if supported
285 check this bit at RX time */
286 u32 flags; /* configuration flags defined above */
287
288 u8 power_level; /* transmit power limit for current
289 * regulatory domain; in dBm */
290 u8 antenna_max; /* maximum antenna gain */
291 short tx_power_reduction; /* in 0.1 dBm */
292
293 /* 0 = default/diversity, 1 = Ant0, 2 = Ant1 */
294 u8 antenna_sel_tx;
295 u8 antenna_sel_rx;
296
297 int antenna_def;
298 int antenna_mode;
299
300 /* Following five fields are used for IEEE 802.11H */
301 unsigned int radar_detect;
302 unsigned int spect_mgmt;
303 /* All following fields are currently unused. */
304 unsigned int quiet_duration; /* duration of quiet period */
305 unsigned int quiet_offset; /* how far into the beacon is the quiet
306 * period */
307 unsigned int quiet_period;
308 u8 radar_firpwr_threshold;
309 u8 radar_rssi_threshold;
310 u8 pulse_height_threshold;
311 u8 pulse_rssi_threshold;
312 u8 pulse_inband_threshold;
313};
314
315/**
316 * enum ieee80211_if_types - types of 802.11 network interfaces
317 *
318 * @IEEE80211_IF_TYPE_AP: interface in AP mode.
319 * @IEEE80211_IF_TYPE_MGMT: special interface for communication with hostap
320 * daemon. Drivers should never see this type.
321 * @IEEE80211_IF_TYPE_STA: interface in STA (client) mode.
322 * @IEEE80211_IF_TYPE_IBSS: interface in IBSS (ad-hoc) mode.
323 * @IEEE80211_IF_TYPE_MNTR: interface in monitor (rfmon) mode.
324 * @IEEE80211_IF_TYPE_WDS: interface in WDS mode.
325 * @IEEE80211_IF_TYPE_VLAN: not used.
326 */
327enum ieee80211_if_types {
328 IEEE80211_IF_TYPE_AP = 0x00000000,
329 IEEE80211_IF_TYPE_MGMT = 0x00000001,
330 IEEE80211_IF_TYPE_STA = 0x00000002,
331 IEEE80211_IF_TYPE_IBSS = 0x00000003,
332 IEEE80211_IF_TYPE_MNTR = 0x00000004,
333 IEEE80211_IF_TYPE_WDS = 0x5A580211,
334 IEEE80211_IF_TYPE_VLAN = 0x00080211,
335};
336
337/**
338 * struct ieee80211_if_init_conf - initial configuration of an interface
339 *
340 * @if_id: internal interface ID. This number has no particular meaning to
341 * drivers and the only allowed usage is to pass it to
342 * ieee80211_beacon_get() and ieee80211_get_buffered_bc() functions.
343 * This field is not valid for monitor interfaces
344 * (interfaces of %IEEE80211_IF_TYPE_MNTR type).
345 * @type: one of &enum ieee80211_if_types constants. Determines the type of
346 * added/removed interface.
347 * @mac_addr: pointer to MAC address of the interface. This pointer is valid
348 * until the interface is removed (i.e. it cannot be used after
349 * remove_interface() callback was called for this interface).
350 *
351 * This structure is used in add_interface() and remove_interface()
352 * callbacks of &struct ieee80211_hw.
353 */
354struct ieee80211_if_init_conf {
355 int if_id;
356 int type;
357 void *mac_addr;
358};
359
360/**
361 * struct ieee80211_if_conf - configuration of an interface
362 *
363 * @type: type of the interface. This is always the same as was specified in
364 * &struct ieee80211_if_init_conf. The type of an interface never changes
365 * during the life of the interface; this field is present only for
366 * convenience.
367 * @bssid: BSSID of the network we are associated to/creating.
368 * @ssid: used (together with @ssid_len) by drivers for hardware that
369 * generate beacons independently. The pointer is valid only during the
370 * config_interface() call, so copy the value somewhere if you need
371 * it.
372 * @ssid_len: length of the @ssid field.
373 * @generic_elem: used (together with @generic_elem_len) by drivers for
374 * hardware that generate beacons independently. The pointer is valid
375 * only during the config_interface() call, so copy the value somewhere
376 * if you need it.
377 * @generic_elem_len: length of the generic element.
378 * @beacon: beacon template. Valid only if @host_gen_beacon_template in
379 * &struct ieee80211_hw is set. The driver is responsible of freeing
380 * the sk_buff.
381 * @beacon_control: tx_control for the beacon template, this field is only
382 * valid when the @beacon field was set.
383 *
384 * This structure is passed to the config_interface() callback of
385 * &struct ieee80211_hw.
386 */
387struct ieee80211_if_conf {
388 int type;
389 u8 *bssid;
390 u8 *ssid;
391 size_t ssid_len;
392 u8 *generic_elem;
393 size_t generic_elem_len;
394 struct sk_buff *beacon;
395 struct ieee80211_tx_control *beacon_control;
396};
397
398typedef enum { ALG_NONE, ALG_WEP, ALG_TKIP, ALG_CCMP, ALG_NULL }
399ieee80211_key_alg;
400
401
402struct ieee80211_key_conf {
403
404 int hw_key_idx; /* filled + used by low-level driver */
405 ieee80211_key_alg alg;
406 int keylen;
407
408#define IEEE80211_KEY_FORCE_SW_ENCRYPT (1<<0) /* to be cleared by low-level
409 driver */
410#define IEEE80211_KEY_DEFAULT_TX_KEY (1<<1) /* This key is the new default TX
411 key (used only for broadcast
412 keys). */
413#define IEEE80211_KEY_DEFAULT_WEP_ONLY (1<<2) /* static WEP is the only
414 configured security policy;
415 this allows some low-level
416 drivers to determine when
417 hwaccel can be used */
418 u32 flags; /* key configuration flags defined above */
419
420 s8 keyidx; /* WEP key index */
421 u8 key[0];
422};
423
424#define IEEE80211_SEQ_COUNTER_RX 0
425#define IEEE80211_SEQ_COUNTER_TX 1
426
427typedef enum {
428 SET_KEY, DISABLE_KEY, REMOVE_ALL_KEYS,
429} set_key_cmd;
430
431/* This is driver-visible part of the per-hw state the stack keeps. */
432struct ieee80211_hw {
433 /* points to the cfg80211 wiphy for this piece. Note
434 * that you must fill in the perm_addr and dev fields
435 * of this structure, use the macros provided below. */
436 struct wiphy *wiphy;
437
438 /* assigned by mac80211, don't write */
439 struct ieee80211_conf conf;
440
441 /* Single thread workqueue available for driver use
442 * Allocated by mac80211 on registration */
443 struct workqueue_struct *workqueue;
444
445 /* Pointer to the private area that was
446 * allocated with this struct for you. */
447 void *priv;
448
449 /* The rest is information about your hardware */
450
451 /* TODO: frame_type 802.11/802.3, sw_encryption requirements */
452
453 /* Some wireless LAN chipsets generate beacons in the hardware/firmware
454 * and others rely on host generated beacons. This option is used to
455 * configure the upper layer IEEE 802.11 module to generate beacons.
456 * The low-level driver can use ieee80211_beacon_get() to fetch the
457 * next beacon frame. */
458#define IEEE80211_HW_HOST_GEN_BEACON (1<<0)
459
460 /* The device needs to be supplied with a beacon template only. */
461#define IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE (1<<1)
462
463 /* Some devices handle decryption internally and do not
464 * indicate whether the frame was encrypted (unencrypted frames
465 * will be dropped by the hardware, unless specifically allowed
466 * through) */
467#define IEEE80211_HW_DEVICE_HIDES_WEP (1<<2)
468
469 /* Whether RX frames passed to ieee80211_rx() include FCS in the end */
470#define IEEE80211_HW_RX_INCLUDES_FCS (1<<3)
471
472 /* Some wireless LAN chipsets buffer broadcast/multicast frames for
473 * power saving stations in the hardware/firmware and others rely on
474 * the host system for such buffering. This option is used to
475 * configure the IEEE 802.11 upper layer to buffer broadcast/multicast
476 * frames when there are power saving stations so that low-level driver
477 * can fetch them with ieee80211_get_buffered_bc(). */
478#define IEEE80211_HW_HOST_BROADCAST_PS_BUFFERING (1<<4)
479
480#define IEEE80211_HW_WEP_INCLUDE_IV (1<<5)
481
482 /* will data nullfunc frames get proper TX status callback */
483#define IEEE80211_HW_DATA_NULLFUNC_ACK (1<<6)
484
485 /* Force software encryption for TKIP packets if WMM is enabled. */
486#define IEEE80211_HW_NO_TKIP_WMM_HWACCEL (1<<7)
487
488 /* Some devices handle Michael MIC internally and do not include MIC in
489 * the received packets passed up. device_strips_mic must be set
490 * for such devices. The 'encryption' frame control bit is expected to
491 * be still set in the IEEE 802.11 header with this option unlike with
492 * the device_hides_wep configuration option.
493 */
494#define IEEE80211_HW_DEVICE_STRIPS_MIC (1<<8)
495
496 /* Device is capable of performing full monitor mode even during
497 * normal operation. */
498#define IEEE80211_HW_MONITOR_DURING_OPER (1<<9)
499
500 /* Device does not need BSSID filter set to broadcast in order to
501 * receive all probe responses while scanning */
502#define IEEE80211_HW_NO_PROBE_FILTERING (1<<10)
503
504 /* Channels are already configured to the default regulatory domain
505 * specified in the device's EEPROM */
506#define IEEE80211_HW_DEFAULT_REG_DOMAIN_CONFIGURED (1<<11)
507
508 /* calculate Michael MIC for an MSDU when doing hwcrypto */
509#define IEEE80211_HW_TKIP_INCLUDE_MMIC (1<<12)
510 /* Do TKIP phase1 key mixing in stack to support cards only do
511 * phase2 key mixing when doing hwcrypto */
512#define IEEE80211_HW_TKIP_REQ_PHASE1_KEY (1<<13)
513 /* Do TKIP phase1 and phase2 key mixing in stack and send the generated
514 * per-packet RC4 key with each TX frame when doing hwcrypto */
515#define IEEE80211_HW_TKIP_REQ_PHASE2_KEY (1<<14)
516
517 u32 flags; /* hardware flags defined above */
518
519 /* Set to the size of a needed device specific skb headroom for TX skbs. */
520 unsigned int extra_tx_headroom;
521
522 /* This is the time in us to change channels
523 */
524 int channel_change_time;
525 /* Maximum values for various statistics.
526 * Leave at 0 to indicate no support. Use negative numbers for dBm. */
527 s8 max_rssi;
528 s8 max_signal;
529 s8 max_noise;
530
531 /* Number of available hardware TX queues for data packets.
532 * WMM requires at least four queues. */
533 int queues;
534};
535
536static inline void SET_IEEE80211_DEV(struct ieee80211_hw *hw, struct device *dev)
537{
538 set_wiphy_dev(hw->wiphy, dev);
539}
540
541static inline void SET_IEEE80211_PERM_ADDR(struct ieee80211_hw *hw, u8 *addr)
542{
543 memcpy(hw->wiphy->perm_addr, addr, ETH_ALEN);
544}
545
546/* Configuration block used by the low-level driver to tell the 802.11 code
547 * about supported hardware features and to pass function pointers to callback
548 * functions. */
549struct ieee80211_ops {
550 /* Handler that 802.11 module calls for each transmitted frame.
551 * skb contains the buffer starting from the IEEE 802.11 header.
552 * The low-level driver should send the frame out based on
553 * configuration in the TX control data.
554 * Must be atomic. */
555 int (*tx)(struct ieee80211_hw *hw, struct sk_buff *skb,
556 struct ieee80211_tx_control *control);
557
558 /* Handler for performing hardware reset. */
559 int (*reset)(struct ieee80211_hw *hw);
560
561 /* Handler that is called when any netdevice attached to the hardware
562 * device is set UP for the first time. This can be used, e.g., to
563 * enable interrupts and beacon sending. */
564 int (*open)(struct ieee80211_hw *hw);
565
566 /* Handler that is called when the last netdevice attached to the
567 * hardware device is set DOWN. This can be used, e.g., to disable
568 * interrupts and beacon sending. */
569 int (*stop)(struct ieee80211_hw *hw);
570
571 /* Handler for asking a driver if a new interface can be added (or,
572 * more exactly, set UP). If the handler returns zero, the interface
573 * is added. Driver should perform any initialization it needs prior
574 * to returning zero. By returning non-zero addition of the interface
575 * is inhibited. Unless monitor_during_oper is set, it is guaranteed
576 * that monitor interfaces and normal interfaces are mutually
577 * exclusive. The open() handler is called after add_interface()
578 * if this is the first device added. At least one of the open()
579 * open() and add_interface() callbacks has to be assigned. If
580 * add_interface() is NULL, one STA interface is permitted only. */
581 int (*add_interface)(struct ieee80211_hw *hw,
582 struct ieee80211_if_init_conf *conf);
583
584 /* Notify a driver that an interface is going down. The stop() handler
585 * is called prior to this if this is a last interface. */
586 void (*remove_interface)(struct ieee80211_hw *hw,
587 struct ieee80211_if_init_conf *conf);
588
589 /* Handler for configuration requests. IEEE 802.11 code calls this
590 * function to change hardware configuration, e.g., channel. */
591 int (*config)(struct ieee80211_hw *hw, struct ieee80211_conf *conf);
592
593 /* Handler for configuration requests related to interfaces (e.g.
594 * BSSID). */
595 int (*config_interface)(struct ieee80211_hw *hw,
596 int if_id, struct ieee80211_if_conf *conf);
597
598 /* ieee80211 drivers do not have access to the &struct net_device
599 * that is (are) connected with their device. Hence (and because
600 * we need to combine the multicast lists and flags for multiple
601 * virtual interfaces), they cannot assign set_multicast_list.
602 * The parameters here replace dev->flags and dev->mc_count,
603 * dev->mc_list is replaced by calling ieee80211_get_mc_list_item.
604 * Must be atomic. */
605 void (*set_multicast_list)(struct ieee80211_hw *hw,
606 unsigned short flags, int mc_count);
607
608 /* Set TIM bit handler. If the hardware/firmware takes care of beacon
609 * generation, IEEE 802.11 code uses this function to tell the
610 * low-level to set (or clear if set==0) TIM bit for the given aid. If
611 * host system is used to generate beacons, this handler is not used
612 * and low-level driver should set it to NULL.
613 * Must be atomic. */
614 int (*set_tim)(struct ieee80211_hw *hw, int aid, int set);
615
616 /* Set encryption key. IEEE 802.11 module calls this function to set
617 * encryption keys. addr is ff:ff:ff:ff:ff:ff for default keys and
618 * station hwaddr for individual keys. aid of the station is given
619 * to help low-level driver in selecting which key->hw_key_idx to use
620 * for this key. TX control data will use the hw_key_idx selected by
621 * the low-level driver.
622 * Must be atomic. */
623 int (*set_key)(struct ieee80211_hw *hw, set_key_cmd cmd,
624 u8 *addr, struct ieee80211_key_conf *key, int aid);
625
626 /* Set TX key index for default/broadcast keys. This is needed in cases
627 * where wlan card is doing full WEP/TKIP encapsulation (wep_include_iv
628 * is not set), in other cases, this function pointer can be set to
629 * NULL since the IEEE 802. 11 module takes care of selecting the key
630 * index for each TX frame. */
631 int (*set_key_idx)(struct ieee80211_hw *hw, int idx);
632
633 /* Enable/disable IEEE 802.1X. This item requests wlan card to pass
634 * unencrypted EAPOL-Key frames even when encryption is configured.
635 * If the wlan card does not require such a configuration, this
636 * function pointer can be set to NULL. */
637 int (*set_ieee8021x)(struct ieee80211_hw *hw, int use_ieee8021x);
638
639 /* Set port authorization state (IEEE 802.1X PAE) to be authorized
640 * (authorized=1) or unauthorized (authorized=0). This function can be
641 * used if the wlan hardware or low-level driver implements PAE.
642 * 80211.o module will anyway filter frames based on authorization
643 * state, so this function pointer can be NULL if low-level driver does
644 * not require event notification about port state changes.
645 * Currently unused. */
646 int (*set_port_auth)(struct ieee80211_hw *hw, u8 *addr,
647 int authorized);
648
649 /* Ask the hardware to service the scan request, no need to start
650 * the scan state machine in stack. */
651 int (*hw_scan)(struct ieee80211_hw *hw, u8 *ssid, size_t len);
652
653 /* return low-level statistics */
654 int (*get_stats)(struct ieee80211_hw *hw,
655 struct ieee80211_low_level_stats *stats);
656
657 /* For devices that generate their own beacons and probe response
658 * or association responses this updates the state of privacy_invoked
659 * returns 0 for success or an error number */
660 int (*set_privacy_invoked)(struct ieee80211_hw *hw,
661 int privacy_invoked);
662
663 /* For devices that have internal sequence counters, allow 802.11
664 * code to access the current value of a counter */
665 int (*get_sequence_counter)(struct ieee80211_hw *hw,
666 u8* addr, u8 keyidx, u8 txrx,
667 u32* iv32, u16* iv16);
668
669 /* Configuration of RTS threshold (if device needs it) */
670 int (*set_rts_threshold)(struct ieee80211_hw *hw, u32 value);
671
672 /* Configuration of fragmentation threshold.
673 * Assign this if the device does fragmentation by itself,
674 * if this method is assigned then the stack will not do
675 * fragmentation. */
676 int (*set_frag_threshold)(struct ieee80211_hw *hw, u32 value);
677
678 /* Configuration of retry limits (if device needs it) */
679 int (*set_retry_limit)(struct ieee80211_hw *hw,
680 u32 short_retry, u32 long_retr);
681
682 /* Number of STAs in STA table notification (NULL = disabled).
683 * Must be atomic. */
684 void (*sta_table_notification)(struct ieee80211_hw *hw,
685 int num_sta);
686
687 /* Configure TX queue parameters (EDCF (aifs, cw_min, cw_max),
688 * bursting) for a hardware TX queue.
689 * queue = IEEE80211_TX_QUEUE_*.
690 * Must be atomic. */
691 int (*conf_tx)(struct ieee80211_hw *hw, int queue,
692 const struct ieee80211_tx_queue_params *params);
693
694 /* Get statistics of the current TX queue status. This is used to get
695 * number of currently queued packets (queue length), maximum queue
696 * size (limit), and total number of packets sent using each TX queue
697 * (count).
698 * Currently unused. */
699 int (*get_tx_stats)(struct ieee80211_hw *hw,
700 struct ieee80211_tx_queue_stats *stats);
701
702 /* Get the current TSF timer value from firmware/hardware. Currently,
703 * this is only used for IBSS mode debugging and, as such, is not a
704 * required function.
705 * Must be atomic. */
706 u64 (*get_tsf)(struct ieee80211_hw *hw);
707
708 /* Reset the TSF timer and allow firmware/hardware to synchronize with
709 * other STAs in the IBSS. This is only used in IBSS mode. This
710 * function is optional if the firmware/hardware takes full care of
711 * TSF synchronization. */
712 void (*reset_tsf)(struct ieee80211_hw *hw);
713
714 /* Setup beacon data for IBSS beacons. Unlike access point (Master),
715 * IBSS uses a fixed beacon frame which is configured using this
716 * function. This handler is required only for IBSS mode. */
717 int (*beacon_update)(struct ieee80211_hw *hw,
718 struct sk_buff *skb,
719 struct ieee80211_tx_control *control);
720
721 /* Determine whether the last IBSS beacon was sent by us. This is
722 * needed only for IBSS mode and the result of this function is used to
723 * determine whether to reply to Probe Requests. */
724 int (*tx_last_beacon)(struct ieee80211_hw *hw);
725};
726
727/* Allocate a new hardware device. This must be called once for each
728 * hardware device. The returned pointer must be used to refer to this
729 * device when calling other functions. 802.11 code allocates a private data
730 * area for the low-level driver. The size of this area is given as
731 * priv_data_len.
732 */
733struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
734 const struct ieee80211_ops *ops);
735
736/* Register hardware device to the IEEE 802.11 code and kernel. Low-level
737 * drivers must call this function before using any other IEEE 802.11
738 * function except ieee80211_register_hwmode. */
739int ieee80211_register_hw(struct ieee80211_hw *hw);
740
741/* driver can use this and ieee80211_get_rx_led_name to get the
742 * name of the registered LEDs after ieee80211_register_hw
743 * was called.
744 * This is useful to set the default trigger on the LED class
745 * device that your driver should export for each LED the device
746 * has, that way the default behaviour will be as expected but
747 * the user can still change it/turn off the LED etc.
748 */
749#ifdef CONFIG_MAC80211_LEDS
750extern char *__ieee80211_get_tx_led_name(struct ieee80211_hw *hw);
751extern char *__ieee80211_get_rx_led_name(struct ieee80211_hw *hw);
752#endif
753static inline char *ieee80211_get_tx_led_name(struct ieee80211_hw *hw)
754{
755#ifdef CONFIG_MAC80211_LEDS
756 return __ieee80211_get_tx_led_name(hw);
757#else
758 return NULL;
759#endif
760}
761
762static inline char *ieee80211_get_rx_led_name(struct ieee80211_hw *hw)
763{
764#ifdef CONFIG_MAC80211_LEDS
765 return __ieee80211_get_rx_led_name(hw);
766#else
767 return NULL;
768#endif
769}
770
771/* Register a new hardware PHYMODE capability to the stack. */
772int ieee80211_register_hwmode(struct ieee80211_hw *hw,
773 struct ieee80211_hw_mode *mode);
774
775/* Unregister a hardware device. This function instructs 802.11 code to free
776 * allocated resources and unregister netdevices from the kernel. */
777void ieee80211_unregister_hw(struct ieee80211_hw *hw);
778
779/* Free everything that was allocated including private data of a driver. */
780void ieee80211_free_hw(struct ieee80211_hw *hw);
781
782/* Receive frame callback function. The low-level driver uses this function to
783 * send received frames to the IEEE 802.11 code. Receive buffer (skb) must
784 * start with IEEE 802.11 header. */
785void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb,
786 struct ieee80211_rx_status *status);
787void ieee80211_rx_irqsafe(struct ieee80211_hw *hw,
788 struct sk_buff *skb,
789 struct ieee80211_rx_status *status);
790
791/* Transmit status callback function. The low-level driver must call this
792 * function to report transmit status for all the TX frames that had
793 * req_tx_status set in the transmit control fields. In addition, this should
794 * be called at least for all unicast frames to provide information for TX rate
795 * control algorithm. In order to maintain all statistics, this function is
796 * recommended to be called after each frame, including multicast/broadcast, is
797 * sent. */
798void ieee80211_tx_status(struct ieee80211_hw *hw,
799 struct sk_buff *skb,
800 struct ieee80211_tx_status *status);
801void ieee80211_tx_status_irqsafe(struct ieee80211_hw *hw,
802 struct sk_buff *skb,
803 struct ieee80211_tx_status *status);
804
805/**
806 * ieee80211_beacon_get - beacon generation function
807 * @hw: pointer obtained from ieee80211_alloc_hw().
808 * @if_id: interface ID from &struct ieee80211_if_init_conf.
809 * @control: will be filled with information needed to send this beacon.
810 *
811 * If the beacon frames are generated by the host system (i.e., not in
812 * hardware/firmware), the low-level driver uses this function to receive
813 * the next beacon frame from the 802.11 code. The low-level is responsible
814 * for calling this function before beacon data is needed (e.g., based on
815 * hardware interrupt). Returned skb is used only once and low-level driver
816 * is responsible of freeing it.
817 */
818struct sk_buff *ieee80211_beacon_get(struct ieee80211_hw *hw,
819 int if_id,
820 struct ieee80211_tx_control *control);
821
822/**
823 * ieee80211_rts_get - RTS frame generation function
824 * @hw: pointer obtained from ieee80211_alloc_hw().
825 * @frame: pointer to the frame that is going to be protected by the RTS.
826 * @frame_len: the frame length (in octets).
827 * @frame_txctl: &struct ieee80211_tx_control of the frame.
828 * @rts: The buffer where to store the RTS frame.
829 *
830 * If the RTS frames are generated by the host system (i.e., not in
831 * hardware/firmware), the low-level driver uses this function to receive
832 * the next RTS frame from the 802.11 code. The low-level is responsible
833 * for calling this function before and RTS frame is needed.
834 */
835void ieee80211_rts_get(struct ieee80211_hw *hw,
836 const void *frame, size_t frame_len,
837 const struct ieee80211_tx_control *frame_txctl,
838 struct ieee80211_rts *rts);
839
840/**
841 * ieee80211_rts_duration - Get the duration field for an RTS frame
842 * @hw: pointer obtained from ieee80211_alloc_hw().
843 * @frame_len: the length of the frame that is going to be protected by the RTS.
844 * @frame_txctl: &struct ieee80211_tx_control of the frame.
845 *
846 * If the RTS is generated in firmware, but the host system must provide
847 * the duration field, the low-level driver uses this function to receive
848 * the duration field value in little-endian byteorder.
849 */
850__le16 ieee80211_rts_duration(struct ieee80211_hw *hw,
851 size_t frame_len,
852 const struct ieee80211_tx_control *frame_txctl);
853
854/**
855 * ieee80211_ctstoself_get - CTS-to-self frame generation function
856 * @hw: pointer obtained from ieee80211_alloc_hw().
857 * @frame: pointer to the frame that is going to be protected by the CTS-to-self.
858 * @frame_len: the frame length (in octets).
859 * @frame_txctl: &struct ieee80211_tx_control of the frame.
860 * @cts: The buffer where to store the CTS-to-self frame.
861 *
862 * If the CTS-to-self frames are generated by the host system (i.e., not in
863 * hardware/firmware), the low-level driver uses this function to receive
864 * the next CTS-to-self frame from the 802.11 code. The low-level is responsible
865 * for calling this function before and CTS-to-self frame is needed.
866 */
867void ieee80211_ctstoself_get(struct ieee80211_hw *hw,
868 const void *frame, size_t frame_len,
869 const struct ieee80211_tx_control *frame_txctl,
870 struct ieee80211_cts *cts);
871
872/**
873 * ieee80211_ctstoself_duration - Get the duration field for a CTS-to-self frame
874 * @hw: pointer obtained from ieee80211_alloc_hw().
875 * @frame_len: the length of the frame that is going to be protected by the CTS-to-self.
876 * @frame_txctl: &struct ieee80211_tx_control of the frame.
877 *
878 * If the CTS-to-self is generated in firmware, but the host system must provide
879 * the duration field, the low-level driver uses this function to receive
880 * the duration field value in little-endian byteorder.
881 */
882__le16 ieee80211_ctstoself_duration(struct ieee80211_hw *hw,
883 size_t frame_len,
884 const struct ieee80211_tx_control *frame_txctl);
885
886/**
887 * ieee80211_generic_frame_duration - Calculate the duration field for a frame
888 * @hw: pointer obtained from ieee80211_alloc_hw().
889 * @frame_len: the length of the frame.
890 * @rate: the rate (in 100kbps) at which the frame is going to be transmitted.
891 *
892 * Calculate the duration field of some generic frame, given its
893 * length and transmission rate (in 100kbps).
894 */
895__le16 ieee80211_generic_frame_duration(struct ieee80211_hw *hw,
896 size_t frame_len,
897 int rate);
898
899/**
900 * ieee80211_get_buffered_bc - accessing buffered broadcast and multicast frames
901 * @hw: pointer as obtained from ieee80211_alloc_hw().
902 * @if_id: interface ID from &struct ieee80211_if_init_conf.
903 * @control: will be filled with information needed to send returned frame.
904 *
905 * Function for accessing buffered broadcast and multicast frames. If
906 * hardware/firmware does not implement buffering of broadcast/multicast
907 * frames when power saving is used, 802.11 code buffers them in the host
908 * memory. The low-level driver uses this function to fetch next buffered
909 * frame. In most cases, this is used when generating beacon frame. This
910 * function returns a pointer to the next buffered skb or NULL if no more
911 * buffered frames are available.
912 *
913 * Note: buffered frames are returned only after DTIM beacon frame was
914 * generated with ieee80211_beacon_get() and the low-level driver must thus
915 * call ieee80211_beacon_get() first. ieee80211_get_buffered_bc() returns
916 * NULL if the previous generated beacon was not DTIM, so the low-level driver
917 * does not need to check for DTIM beacons separately and should be able to
918 * use common code for all beacons.
919 */
920struct sk_buff *
921ieee80211_get_buffered_bc(struct ieee80211_hw *hw, int if_id,
922 struct ieee80211_tx_control *control);
923
924/* Low level drivers that have their own MLME and MAC indicate
925 * the aid for an associating station with this call */
926int ieee80211_set_aid_for_sta(struct ieee80211_hw *hw,
927 u8 *peer_address, u16 aid);
928
929
930/* Given an sk_buff with a raw 802.11 header at the data pointer this function
931 * returns the 802.11 header length in bytes (not including encryption
932 * headers). If the data in the sk_buff is too short to contain a valid 802.11
933 * header the function returns 0.
934 */
935int ieee80211_get_hdrlen_from_skb(const struct sk_buff *skb);
936
937/* Like ieee80211_get_hdrlen_from_skb() but takes a FC in CPU order. */
938int ieee80211_get_hdrlen(u16 fc);
939
940/**
941 * ieee80211_wake_queue - wake specific queue
942 * @hw: pointer as obtained from ieee80211_alloc_hw().
943 * @queue: queue number (counted from zero).
944 *
945 * Drivers should use this function instead of netif_wake_queue.
946 */
947void ieee80211_wake_queue(struct ieee80211_hw *hw, int queue);
948
949/**
950 * ieee80211_stop_queue - stop specific queue
951 * @hw: pointer as obtained from ieee80211_alloc_hw().
952 * @queue: queue number (counted from zero).
953 *
954 * Drivers should use this function instead of netif_stop_queue.
955 */
956void ieee80211_stop_queue(struct ieee80211_hw *hw, int queue);
957
958/**
959 * ieee80211_start_queues - start all queues
960 * @hw: pointer to as obtained from ieee80211_alloc_hw().
961 *
962 * Drivers should use this function instead of netif_start_queue.
963 */
964void ieee80211_start_queues(struct ieee80211_hw *hw);
965
966/**
967 * ieee80211_stop_queues - stop all queues
968 * @hw: pointer as obtained from ieee80211_alloc_hw().
969 *
970 * Drivers should use this function instead of netif_stop_queue.
971 */
972void ieee80211_stop_queues(struct ieee80211_hw *hw);
973
974/**
975 * ieee80211_wake_queues - wake all queues
976 * @hw: pointer as obtained from ieee80211_alloc_hw().
977 *
978 * Drivers should use this function instead of netif_wake_queue.
979 */
980void ieee80211_wake_queues(struct ieee80211_hw *hw);
981
982/**
983 * ieee80211_get_mc_list_item - iteration over items in multicast list
984 * @hw: pointer as obtained from ieee80211_alloc_hw().
985 * @prev: value returned by previous call to ieee80211_get_mc_list_item() or
986 * NULL to start a new iteration.
987 * @ptr: pointer to buffer of void * type for internal usage of
988 * ieee80211_get_mc_list_item().
989 *
990 * Iterates over items in multicast list of given device. To get the first
991 * item, pass NULL in @prev and in *@ptr. In subsequent calls, pass the
992 * value returned by previous call in @prev. Don't alter *@ptr during
993 * iteration. When there are no more items, NULL is returned.
994 */
995struct dev_mc_list *
996ieee80211_get_mc_list_item(struct ieee80211_hw *hw,
997 struct dev_mc_list *prev,
998 void **ptr);
999
1000/* called by driver to notify scan status completed */
1001void ieee80211_scan_completed(struct ieee80211_hw *hw);
1002
1003/* Function to indicate Radar Detection. The low level driver must call this
1004 * function to indicate the presence of radar in the current channel.
1005 * Additionally the radar type also could be sent */
1006int ieee80211_radar_status(struct ieee80211_hw *hw, int channel,
1007 int radar, int radar_type);
1008
1009/* return a pointer to the source address (SA) */
1010static inline u8 *ieee80211_get_SA(struct ieee80211_hdr *hdr)
1011{
1012 u8 *raw = (u8 *) hdr;
1013 u8 tofrom = (*(raw+1)) & 3; /* get the TODS and FROMDS bits */
1014
1015 switch (tofrom) {
1016 case 2:
1017 return hdr->addr3;
1018 case 3:
1019 return hdr->addr4;
1020 }
1021 return hdr->addr2;
1022}
1023
1024/* return a pointer to the destination address (DA) */
1025static inline u8 *ieee80211_get_DA(struct ieee80211_hdr *hdr)
1026{
1027 u8 *raw = (u8 *) hdr;
1028 u8 to_ds = (*(raw+1)) & 1; /* get the TODS bit */
1029
1030 if (to_ds)
1031 return hdr->addr3;
1032 return hdr->addr1;
1033}
1034
1035static inline int ieee80211_get_morefrag(struct ieee80211_hdr *hdr)
1036{
1037 return (le16_to_cpu(hdr->frame_control) &
1038 IEEE80211_FCTL_MOREFRAGS) != 0;
1039}
1040
1041#define MAC_FMT "%02x:%02x:%02x:%02x:%02x:%02x"
1042#define MAC_ARG(x) ((u8*)(x))[0], ((u8*)(x))[1], ((u8*)(x))[2], \
1043 ((u8*)(x))[3], ((u8*)(x))[4], ((u8*)(x))[5]
1044
1045#endif /* MAC80211_H */
diff --git a/net/Kconfig b/net/Kconfig
index 2fc8e77b1e62..5b2227813923 100644
--- a/net/Kconfig
+++ b/net/Kconfig
@@ -220,6 +220,7 @@ config FIB_RULES
220menu "Wireless" 220menu "Wireless"
221 221
222source "net/wireless/Kconfig" 222source "net/wireless/Kconfig"
223source "net/mac80211/Kconfig"
223source "net/ieee80211/Kconfig" 224source "net/ieee80211/Kconfig"
224 225
225endmenu 226endmenu
diff --git a/net/Makefile b/net/Makefile
index 6b74d4118c5b..9fdb60c2e4a1 100644
--- a/net/Makefile
+++ b/net/Makefile
@@ -45,6 +45,8 @@ obj-$(CONFIG_ECONET) += econet/
45obj-$(CONFIG_VLAN_8021Q) += 8021q/ 45obj-$(CONFIG_VLAN_8021Q) += 8021q/
46obj-$(CONFIG_IP_DCCP) += dccp/ 46obj-$(CONFIG_IP_DCCP) += dccp/
47obj-$(CONFIG_IP_SCTP) += sctp/ 47obj-$(CONFIG_IP_SCTP) += sctp/
48obj-y += wireless/
49obj-$(CONFIG_MAC80211) += mac80211/
48obj-$(CONFIG_IEEE80211) += ieee80211/ 50obj-$(CONFIG_IEEE80211) += ieee80211/
49obj-$(CONFIG_TIPC) += tipc/ 51obj-$(CONFIG_TIPC) += tipc/
50obj-$(CONFIG_NETLABEL) += netlabel/ 52obj-$(CONFIG_NETLABEL) += netlabel/
@@ -53,5 +55,3 @@ obj-$(CONFIG_IUCV) += iucv/
53ifeq ($(CONFIG_NET),y) 55ifeq ($(CONFIG_NET),y)
54obj-$(CONFIG_SYSCTL) += sysctl_net.o 56obj-$(CONFIG_SYSCTL) += sysctl_net.o
55endif 57endif
56
57obj-y += wireless/
diff --git a/net/iucv/af_iucv.c b/net/iucv/af_iucv.c
index 2f1373855a8b..d9e9ddb8eac5 100644
--- a/net/iucv/af_iucv.c
+++ b/net/iucv/af_iucv.c
@@ -961,7 +961,7 @@ static void iucv_callback_connack(struct iucv_path *path, u8 ipuser[16])
961} 961}
962 962
963static int iucv_fragment_skb(struct sock *sk, struct sk_buff *skb, int len, 963static int iucv_fragment_skb(struct sock *sk, struct sk_buff *skb, int len,
964 struct sk_buff_head fragmented_skb_q) 964 struct sk_buff_head *fragmented_skb_q)
965{ 965{
966 int dataleft, size, copied = 0; 966 int dataleft, size, copied = 0;
967 struct sk_buff *nskb; 967 struct sk_buff *nskb;
@@ -981,8 +981,8 @@ static int iucv_fragment_skb(struct sock *sk, struct sk_buff *skb, int len,
981 copied += size; 981 copied += size;
982 dataleft -= size; 982 dataleft -= size;
983 983
984 nskb->h.raw = nskb->data; 984 skb_reset_transport_header(nskb);
985 nskb->nh.raw = nskb->data; 985 skb_reset_network_header(nskb);
986 nskb->len = size; 986 nskb->len = size;
987 987
988 skb_queue_tail(fragmented_skb_q, nskb); 988 skb_queue_tail(fragmented_skb_q, nskb);
diff --git a/net/mac80211/Kconfig b/net/mac80211/Kconfig
new file mode 100644
index 000000000000..6fffb3845ab6
--- /dev/null
+++ b/net/mac80211/Kconfig
@@ -0,0 +1,78 @@
1config MAC80211
2 tristate "Generic IEEE 802.11 Networking Stack (mac80211)"
3 depends on EXPERIMENTAL
4 select CRYPTO
5 select CRYPTO_ECB
6 select CRYPTO_ARC4
7 select CRYPTO_AES
8 select CRC32
9 select WIRELESS_EXT
10 select CFG80211
11 select NET_SCH_FIFO
12 ---help---
13 This option enables the hardware independent IEEE 802.11
14 networking stack.
15
16config MAC80211_LEDS
17 bool "Enable LED triggers"
18 depends on MAC80211 && LEDS_TRIGGERS
19 ---help---
20 This option enables a few LED triggers for different
21 packet receive/transmit events.
22
23config MAC80211_DEBUGFS
24 bool "Export mac80211 internals in DebugFS"
25 depends on MAC80211 && DEBUG_FS
26 ---help---
27 Select this to see extensive information about
28 the internal state of mac80211 in debugfs.
29
30 Say N unless you know you need this.
31
32config MAC80211_DEBUG
33 bool "Enable debugging output"
34 depends on MAC80211
35 ---help---
36 This option will enable debug tracing output for the
37 ieee80211 network stack.
38
39 If you are not trying to debug or develop the ieee80211
40 subsystem, you most likely want to say N here.
41
42config MAC80211_VERBOSE_DEBUG
43 bool "Verbose debugging output"
44 depends on MAC80211_DEBUG
45
46config MAC80211_LOWTX_FRAME_DUMP
47 bool "Debug frame dumping"
48 depends on MAC80211_DEBUG
49 ---help---
50 Selecting this option will cause the stack to
51 print a message for each frame that is handed
52 to the lowlevel driver for transmission. This
53 message includes all MAC addresses and the
54 frame control field.
55
56 If unsure, say N and insert the debugging code
57 you require into the driver you are debugging.
58
59config TKIP_DEBUG
60 bool "TKIP debugging"
61 depends on MAC80211_DEBUG
62
63config MAC80211_DEBUG_COUNTERS
64 bool "Extra statistics for TX/RX debugging"
65 depends on MAC80211_DEBUG
66
67config MAC80211_IBSS_DEBUG
68 bool "Support for IBSS testing"
69 depends on MAC80211_DEBUG
70 ---help---
71 Say Y here if you intend to debug the IBSS code.
72
73config MAC80211_VERBOSE_PS_DEBUG
74 bool "Verbose powersave mode debugging"
75 depends on MAC80211_DEBUG
76 ---help---
77 Say Y here to print out verbose powersave
78 mode debug messages.
diff --git a/net/mac80211/Makefile b/net/mac80211/Makefile
new file mode 100644
index 000000000000..e9738dad2d7c
--- /dev/null
+++ b/net/mac80211/Makefile
@@ -0,0 +1,20 @@
1obj-$(CONFIG_MAC80211) += mac80211.o rc80211_simple.o
2
3mac80211-objs-$(CONFIG_MAC80211_LEDS) += ieee80211_led.o
4mac80211-objs-$(CONFIG_MAC80211_DEBUGFS) += debugfs.o debugfs_sta.o debugfs_netdev.o debugfs_key.o
5
6mac80211-objs := \
7 ieee80211.o \
8 ieee80211_ioctl.o \
9 sta_info.o \
10 wep.o \
11 wpa.o \
12 ieee80211_sta.o \
13 ieee80211_iface.o \
14 ieee80211_rate.o \
15 michael.o \
16 tkip.o \
17 aes_ccm.o \
18 wme.o \
19 ieee80211_cfg.o \
20 $(mac80211-objs-y)
diff --git a/net/mac80211/aes_ccm.c b/net/mac80211/aes_ccm.c
new file mode 100644
index 000000000000..e55569bee7d0
--- /dev/null
+++ b/net/mac80211/aes_ccm.c
@@ -0,0 +1,155 @@
1/*
2 * Copyright 2003-2004, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <linux/types.h>
11#include <linux/crypto.h>
12#include <linux/err.h>
13#include <asm/scatterlist.h>
14
15#include <net/mac80211.h>
16#include "ieee80211_key.h"
17#include "aes_ccm.h"
18
19
20static void ieee80211_aes_encrypt(struct crypto_cipher *tfm,
21 const u8 pt[16], u8 ct[16])
22{
23 crypto_cipher_encrypt_one(tfm, ct, pt);
24}
25
26
27static inline void aes_ccm_prepare(struct crypto_cipher *tfm, u8 *b_0, u8 *aad,
28 u8 *b, u8 *s_0, u8 *a)
29{
30 int i;
31
32 ieee80211_aes_encrypt(tfm, b_0, b);
33
34 /* Extra Authenticate-only data (always two AES blocks) */
35 for (i = 0; i < AES_BLOCK_LEN; i++)
36 aad[i] ^= b[i];
37 ieee80211_aes_encrypt(tfm, aad, b);
38
39 aad += AES_BLOCK_LEN;
40
41 for (i = 0; i < AES_BLOCK_LEN; i++)
42 aad[i] ^= b[i];
43 ieee80211_aes_encrypt(tfm, aad, a);
44
45 /* Mask out bits from auth-only-b_0 */
46 b_0[0] &= 0x07;
47
48 /* S_0 is used to encrypt T (= MIC) */
49 b_0[14] = 0;
50 b_0[15] = 0;
51 ieee80211_aes_encrypt(tfm, b_0, s_0);
52}
53
54
55void ieee80211_aes_ccm_encrypt(struct crypto_cipher *tfm, u8 *scratch,
56 u8 *b_0, u8 *aad, u8 *data, size_t data_len,
57 u8 *cdata, u8 *mic)
58{
59 int i, j, last_len, num_blocks;
60 u8 *pos, *cpos, *b, *s_0, *e;
61
62 b = scratch;
63 s_0 = scratch + AES_BLOCK_LEN;
64 e = scratch + 2 * AES_BLOCK_LEN;
65
66 num_blocks = (data_len + AES_BLOCK_LEN - 1) / AES_BLOCK_LEN;
67 last_len = data_len % AES_BLOCK_LEN;
68 aes_ccm_prepare(tfm, b_0, aad, b, s_0, b);
69
70 /* Process payload blocks */
71 pos = data;
72 cpos = cdata;
73 for (j = 1; j <= num_blocks; j++) {
74 int blen = (j == num_blocks && last_len) ?
75 last_len : AES_BLOCK_LEN;
76
77 /* Authentication followed by encryption */
78 for (i = 0; i < blen; i++)
79 b[i] ^= pos[i];
80 ieee80211_aes_encrypt(tfm, b, b);
81
82 b_0[14] = (j >> 8) & 0xff;
83 b_0[15] = j & 0xff;
84 ieee80211_aes_encrypt(tfm, b_0, e);
85 for (i = 0; i < blen; i++)
86 *cpos++ = *pos++ ^ e[i];
87 }
88
89 for (i = 0; i < CCMP_MIC_LEN; i++)
90 mic[i] = b[i] ^ s_0[i];
91}
92
93
94int ieee80211_aes_ccm_decrypt(struct crypto_cipher *tfm, u8 *scratch,
95 u8 *b_0, u8 *aad, u8 *cdata, size_t data_len,
96 u8 *mic, u8 *data)
97{
98 int i, j, last_len, num_blocks;
99 u8 *pos, *cpos, *b, *s_0, *a;
100
101 b = scratch;
102 s_0 = scratch + AES_BLOCK_LEN;
103 a = scratch + 2 * AES_BLOCK_LEN;
104
105 num_blocks = (data_len + AES_BLOCK_LEN - 1) / AES_BLOCK_LEN;
106 last_len = data_len % AES_BLOCK_LEN;
107 aes_ccm_prepare(tfm, b_0, aad, b, s_0, a);
108
109 /* Process payload blocks */
110 cpos = cdata;
111 pos = data;
112 for (j = 1; j <= num_blocks; j++) {
113 int blen = (j == num_blocks && last_len) ?
114 last_len : AES_BLOCK_LEN;
115
116 /* Decryption followed by authentication */
117 b_0[14] = (j >> 8) & 0xff;
118 b_0[15] = j & 0xff;
119 ieee80211_aes_encrypt(tfm, b_0, b);
120 for (i = 0; i < blen; i++) {
121 *pos = *cpos++ ^ b[i];
122 a[i] ^= *pos++;
123 }
124
125 ieee80211_aes_encrypt(tfm, a, a);
126 }
127
128 for (i = 0; i < CCMP_MIC_LEN; i++) {
129 if ((mic[i] ^ s_0[i]) != a[i])
130 return -1;
131 }
132
133 return 0;
134}
135
136
137struct crypto_cipher * ieee80211_aes_key_setup_encrypt(const u8 key[])
138{
139 struct crypto_cipher *tfm;
140
141 tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC);
142 if (IS_ERR(tfm))
143 return NULL;
144
145 crypto_cipher_setkey(tfm, key, ALG_CCMP_KEY_LEN);
146
147 return tfm;
148}
149
150
151void ieee80211_aes_key_free(struct crypto_cipher *tfm)
152{
153 if (tfm)
154 crypto_free_cipher(tfm);
155}
diff --git a/net/mac80211/aes_ccm.h b/net/mac80211/aes_ccm.h
new file mode 100644
index 000000000000..885f19030b29
--- /dev/null
+++ b/net/mac80211/aes_ccm.h
@@ -0,0 +1,26 @@
1/*
2 * Copyright 2003-2004, Instant802 Networks, Inc.
3 * Copyright 2006, Devicescape Software, Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#ifndef AES_CCM_H
11#define AES_CCM_H
12
13#include <linux/crypto.h>
14
15#define AES_BLOCK_LEN 16
16
17struct crypto_cipher * ieee80211_aes_key_setup_encrypt(const u8 key[]);
18void ieee80211_aes_ccm_encrypt(struct crypto_cipher *tfm, u8 *scratch,
19 u8 *b_0, u8 *aad, u8 *data, size_t data_len,
20 u8 *cdata, u8 *mic);
21int ieee80211_aes_ccm_decrypt(struct crypto_cipher *tfm, u8 *scratch,
22 u8 *b_0, u8 *aad, u8 *cdata, size_t data_len,
23 u8 *mic, u8 *data);
24void ieee80211_aes_key_free(struct crypto_cipher *tfm);
25
26#endif /* AES_CCM_H */
diff --git a/net/mac80211/debugfs.c b/net/mac80211/debugfs.c
new file mode 100644
index 000000000000..bb6c0feb2d48
--- /dev/null
+++ b/net/mac80211/debugfs.c
@@ -0,0 +1,433 @@
1/*
2 * mac80211 debugfs for wireless PHYs
3 *
4 * Copyright 2007 Johannes Berg <johannes@sipsolutions.net>
5 *
6 * GPLv2
7 *
8 */
9
10#include <linux/debugfs.h>
11#include <linux/rtnetlink.h>
12#include "ieee80211_i.h"
13#include "ieee80211_rate.h"
14#include "debugfs.h"
15
16int mac80211_open_file_generic(struct inode *inode, struct file *file)
17{
18 file->private_data = inode->i_private;
19 return 0;
20}
21
22static const char *ieee80211_mode_str(int mode)
23{
24 switch (mode) {
25 case MODE_IEEE80211A:
26 return "IEEE 802.11a";
27 case MODE_IEEE80211B:
28 return "IEEE 802.11b";
29 case MODE_IEEE80211G:
30 return "IEEE 802.11g";
31 case MODE_ATHEROS_TURBO:
32 return "Atheros Turbo (5 GHz)";
33 default:
34 return "UNKNOWN";
35 }
36}
37
38static ssize_t modes_read(struct file *file, char __user *userbuf,
39 size_t count, loff_t *ppos)
40{
41 struct ieee80211_local *local = file->private_data;
42 struct ieee80211_hw_mode *mode;
43 char buf[150], *p = buf;
44
45 /* FIXME: locking! */
46 list_for_each_entry(mode, &local->modes_list, list) {
47 p += scnprintf(p, sizeof(buf)+buf-p,
48 "%s\n", ieee80211_mode_str(mode->mode));
49 }
50
51 return simple_read_from_buffer(userbuf, count, ppos, buf, p-buf);
52}
53
54static const struct file_operations modes_ops = {
55 .read = modes_read,
56 .open = mac80211_open_file_generic,
57};
58
59#define DEBUGFS_READONLY_FILE(name, buflen, fmt, value...) \
60static ssize_t name## _read(struct file *file, char __user *userbuf, \
61 size_t count, loff_t *ppos) \
62{ \
63 struct ieee80211_local *local = file->private_data; \
64 char buf[buflen]; \
65 int res; \
66 \
67 res = scnprintf(buf, buflen, fmt "\n", ##value); \
68 return simple_read_from_buffer(userbuf, count, ppos, buf, res); \
69} \
70 \
71static const struct file_operations name## _ops = { \
72 .read = name## _read, \
73 .open = mac80211_open_file_generic, \
74};
75
76#define DEBUGFS_ADD(name) \
77 local->debugfs.name = debugfs_create_file(#name, 0444, phyd, \
78 local, &name## _ops);
79
80#define DEBUGFS_DEL(name) \
81 debugfs_remove(local->debugfs.name); \
82 local->debugfs.name = NULL;
83
84
85DEBUGFS_READONLY_FILE(channel, 20, "%d",
86 local->hw.conf.channel);
87DEBUGFS_READONLY_FILE(frequency, 20, "%d",
88 local->hw.conf.freq);
89DEBUGFS_READONLY_FILE(radar_detect, 20, "%d",
90 local->hw.conf.radar_detect);
91DEBUGFS_READONLY_FILE(antenna_sel_tx, 20, "%d",
92 local->hw.conf.antenna_sel_tx);
93DEBUGFS_READONLY_FILE(antenna_sel_rx, 20, "%d",
94 local->hw.conf.antenna_sel_rx);
95DEBUGFS_READONLY_FILE(bridge_packets, 20, "%d",
96 local->bridge_packets);
97DEBUGFS_READONLY_FILE(key_tx_rx_threshold, 20, "%d",
98 local->key_tx_rx_threshold);
99DEBUGFS_READONLY_FILE(rts_threshold, 20, "%d",
100 local->rts_threshold);
101DEBUGFS_READONLY_FILE(fragmentation_threshold, 20, "%d",
102 local->fragmentation_threshold);
103DEBUGFS_READONLY_FILE(short_retry_limit, 20, "%d",
104 local->short_retry_limit);
105DEBUGFS_READONLY_FILE(long_retry_limit, 20, "%d",
106 local->long_retry_limit);
107DEBUGFS_READONLY_FILE(total_ps_buffered, 20, "%d",
108 local->total_ps_buffered);
109DEBUGFS_READONLY_FILE(mode, 20, "%s",
110 ieee80211_mode_str(local->hw.conf.phymode));
111DEBUGFS_READONLY_FILE(wep_iv, 20, "%#06x",
112 local->wep_iv & 0xffffff);
113DEBUGFS_READONLY_FILE(tx_power_reduction, 20, "%d.%d dBm",
114 local->hw.conf.tx_power_reduction / 10,
115 local->hw.conf.tx_power_reduction & 10);
116DEBUGFS_READONLY_FILE(rate_ctrl_alg, 100, "%s",
117 local->rate_ctrl ? local->rate_ctrl->ops->name : "<unset>");
118
119/* statistics stuff */
120
121static inline int rtnl_lock_local(struct ieee80211_local *local)
122{
123 rtnl_lock();
124 if (unlikely(local->reg_state != IEEE80211_DEV_REGISTERED)) {
125 rtnl_unlock();
126 return -ENODEV;
127 }
128 return 0;
129}
130
131#define DEBUGFS_STATS_FILE(name, buflen, fmt, value...) \
132 DEBUGFS_READONLY_FILE(stats_ ##name, buflen, fmt, ##value)
133
134static ssize_t format_devstat_counter(struct ieee80211_local *local,
135 char __user *userbuf,
136 size_t count, loff_t *ppos,
137 int (*printvalue)(struct ieee80211_low_level_stats *stats, char *buf,
138 int buflen))
139{
140 struct ieee80211_low_level_stats stats;
141 char buf[20];
142 int res;
143
144 if (!local->ops->get_stats)
145 return -EOPNOTSUPP;
146
147 res = rtnl_lock_local(local);
148 if (res)
149 return res;
150
151 res = local->ops->get_stats(local_to_hw(local), &stats);
152 rtnl_unlock();
153 if (!res)
154 res = printvalue(&stats, buf, sizeof(buf));
155 return simple_read_from_buffer(userbuf, count, ppos, buf, res);
156}
157
158#define DEBUGFS_DEVSTATS_FILE(name) \
159static int print_devstats_##name(struct ieee80211_low_level_stats *stats,\
160 char *buf, int buflen) \
161{ \
162 return scnprintf(buf, buflen, "%u\n", stats->name); \
163} \
164static ssize_t stats_ ##name## _read(struct file *file, \
165 char __user *userbuf, \
166 size_t count, loff_t *ppos) \
167{ \
168 return format_devstat_counter(file->private_data, \
169 userbuf, \
170 count, \
171 ppos, \
172 print_devstats_##name); \
173} \
174 \
175static const struct file_operations stats_ ##name## _ops = { \
176 .read = stats_ ##name## _read, \
177 .open = mac80211_open_file_generic, \
178};
179
180#define DEBUGFS_STATS_ADD(name) \
181 local->debugfs.stats.name = debugfs_create_file(#name, 0444, statsd,\
182 local, &stats_ ##name## _ops);
183
184#define DEBUGFS_STATS_DEL(name) \
185 debugfs_remove(local->debugfs.stats.name); \
186 local->debugfs.stats.name = NULL;
187
188DEBUGFS_STATS_FILE(transmitted_fragment_count, 20, "%u",
189 local->dot11TransmittedFragmentCount);
190DEBUGFS_STATS_FILE(multicast_transmitted_frame_count, 20, "%u",
191 local->dot11MulticastTransmittedFrameCount);
192DEBUGFS_STATS_FILE(failed_count, 20, "%u",
193 local->dot11FailedCount);
194DEBUGFS_STATS_FILE(retry_count, 20, "%u",
195 local->dot11RetryCount);
196DEBUGFS_STATS_FILE(multiple_retry_count, 20, "%u",
197 local->dot11MultipleRetryCount);
198DEBUGFS_STATS_FILE(frame_duplicate_count, 20, "%u",
199 local->dot11FrameDuplicateCount);
200DEBUGFS_STATS_FILE(received_fragment_count, 20, "%u",
201 local->dot11ReceivedFragmentCount);
202DEBUGFS_STATS_FILE(multicast_received_frame_count, 20, "%u",
203 local->dot11MulticastReceivedFrameCount);
204DEBUGFS_STATS_FILE(transmitted_frame_count, 20, "%u",
205 local->dot11TransmittedFrameCount);
206DEBUGFS_STATS_FILE(wep_undecryptable_count, 20, "%u",
207 local->dot11WEPUndecryptableCount);
208#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
209DEBUGFS_STATS_FILE(tx_handlers_drop, 20, "%u",
210 local->tx_handlers_drop);
211DEBUGFS_STATS_FILE(tx_handlers_queued, 20, "%u",
212 local->tx_handlers_queued);
213DEBUGFS_STATS_FILE(tx_handlers_drop_unencrypted, 20, "%u",
214 local->tx_handlers_drop_unencrypted);
215DEBUGFS_STATS_FILE(tx_handlers_drop_fragment, 20, "%u",
216 local->tx_handlers_drop_fragment);
217DEBUGFS_STATS_FILE(tx_handlers_drop_wep, 20, "%u",
218 local->tx_handlers_drop_wep);
219DEBUGFS_STATS_FILE(tx_handlers_drop_not_assoc, 20, "%u",
220 local->tx_handlers_drop_not_assoc);
221DEBUGFS_STATS_FILE(tx_handlers_drop_unauth_port, 20, "%u",
222 local->tx_handlers_drop_unauth_port);
223DEBUGFS_STATS_FILE(rx_handlers_drop, 20, "%u",
224 local->rx_handlers_drop);
225DEBUGFS_STATS_FILE(rx_handlers_queued, 20, "%u",
226 local->rx_handlers_queued);
227DEBUGFS_STATS_FILE(rx_handlers_drop_nullfunc, 20, "%u",
228 local->rx_handlers_drop_nullfunc);
229DEBUGFS_STATS_FILE(rx_handlers_drop_defrag, 20, "%u",
230 local->rx_handlers_drop_defrag);
231DEBUGFS_STATS_FILE(rx_handlers_drop_short, 20, "%u",
232 local->rx_handlers_drop_short);
233DEBUGFS_STATS_FILE(rx_handlers_drop_passive_scan, 20, "%u",
234 local->rx_handlers_drop_passive_scan);
235DEBUGFS_STATS_FILE(tx_expand_skb_head, 20, "%u",
236 local->tx_expand_skb_head);
237DEBUGFS_STATS_FILE(tx_expand_skb_head_cloned, 20, "%u",
238 local->tx_expand_skb_head_cloned);
239DEBUGFS_STATS_FILE(rx_expand_skb_head, 20, "%u",
240 local->rx_expand_skb_head);
241DEBUGFS_STATS_FILE(rx_expand_skb_head2, 20, "%u",
242 local->rx_expand_skb_head2);
243DEBUGFS_STATS_FILE(rx_handlers_fragments, 20, "%u",
244 local->rx_handlers_fragments);
245DEBUGFS_STATS_FILE(tx_status_drop, 20, "%u",
246 local->tx_status_drop);
247
248static ssize_t stats_wme_rx_queue_read(struct file *file,
249 char __user *userbuf,
250 size_t count, loff_t *ppos)
251{
252 struct ieee80211_local *local = file->private_data;
253 char buf[NUM_RX_DATA_QUEUES*15], *p = buf;
254 int i;
255
256 for (i = 0; i < NUM_RX_DATA_QUEUES; i++)
257 p += scnprintf(p, sizeof(buf)+buf-p,
258 "%u\n", local->wme_rx_queue[i]);
259
260 return simple_read_from_buffer(userbuf, count, ppos, buf, p-buf);
261}
262
263static const struct file_operations stats_wme_rx_queue_ops = {
264 .read = stats_wme_rx_queue_read,
265 .open = mac80211_open_file_generic,
266};
267
268static ssize_t stats_wme_tx_queue_read(struct file *file,
269 char __user *userbuf,
270 size_t count, loff_t *ppos)
271{
272 struct ieee80211_local *local = file->private_data;
273 char buf[NUM_TX_DATA_QUEUES*15], *p = buf;
274 int i;
275
276 for (i = 0; i < NUM_TX_DATA_QUEUES; i++)
277 p += scnprintf(p, sizeof(buf)+buf-p,
278 "%u\n", local->wme_tx_queue[i]);
279
280 return simple_read_from_buffer(userbuf, count, ppos, buf, p-buf);
281}
282
283static const struct file_operations stats_wme_tx_queue_ops = {
284 .read = stats_wme_tx_queue_read,
285 .open = mac80211_open_file_generic,
286};
287#endif
288
289DEBUGFS_DEVSTATS_FILE(dot11ACKFailureCount);
290DEBUGFS_DEVSTATS_FILE(dot11RTSFailureCount);
291DEBUGFS_DEVSTATS_FILE(dot11FCSErrorCount);
292DEBUGFS_DEVSTATS_FILE(dot11RTSSuccessCount);
293
294
295void debugfs_hw_add(struct ieee80211_local *local)
296{
297 struct dentry *phyd = local->hw.wiphy->debugfsdir;
298 struct dentry *statsd;
299
300 if (!phyd)
301 return;
302
303 local->debugfs.stations = debugfs_create_dir("stations", phyd);
304 local->debugfs.keys = debugfs_create_dir("keys", phyd);
305
306 DEBUGFS_ADD(channel);
307 DEBUGFS_ADD(frequency);
308 DEBUGFS_ADD(radar_detect);
309 DEBUGFS_ADD(antenna_sel_tx);
310 DEBUGFS_ADD(antenna_sel_rx);
311 DEBUGFS_ADD(bridge_packets);
312 DEBUGFS_ADD(key_tx_rx_threshold);
313 DEBUGFS_ADD(rts_threshold);
314 DEBUGFS_ADD(fragmentation_threshold);
315 DEBUGFS_ADD(short_retry_limit);
316 DEBUGFS_ADD(long_retry_limit);
317 DEBUGFS_ADD(total_ps_buffered);
318 DEBUGFS_ADD(mode);
319 DEBUGFS_ADD(wep_iv);
320 DEBUGFS_ADD(tx_power_reduction);
321 DEBUGFS_ADD(modes);
322
323 statsd = debugfs_create_dir("statistics", phyd);
324 local->debugfs.statistics = statsd;
325
326 /* if the dir failed, don't put all the other things into the root! */
327 if (!statsd)
328 return;
329
330 DEBUGFS_STATS_ADD(transmitted_fragment_count);
331 DEBUGFS_STATS_ADD(multicast_transmitted_frame_count);
332 DEBUGFS_STATS_ADD(failed_count);
333 DEBUGFS_STATS_ADD(retry_count);
334 DEBUGFS_STATS_ADD(multiple_retry_count);
335 DEBUGFS_STATS_ADD(frame_duplicate_count);
336 DEBUGFS_STATS_ADD(received_fragment_count);
337 DEBUGFS_STATS_ADD(multicast_received_frame_count);
338 DEBUGFS_STATS_ADD(transmitted_frame_count);
339 DEBUGFS_STATS_ADD(wep_undecryptable_count);
340#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
341 DEBUGFS_STATS_ADD(tx_handlers_drop);
342 DEBUGFS_STATS_ADD(tx_handlers_queued);
343 DEBUGFS_STATS_ADD(tx_handlers_drop_unencrypted);
344 DEBUGFS_STATS_ADD(tx_handlers_drop_fragment);
345 DEBUGFS_STATS_ADD(tx_handlers_drop_wep);
346 DEBUGFS_STATS_ADD(tx_handlers_drop_not_assoc);
347 DEBUGFS_STATS_ADD(tx_handlers_drop_unauth_port);
348 DEBUGFS_STATS_ADD(rx_handlers_drop);
349 DEBUGFS_STATS_ADD(rx_handlers_queued);
350 DEBUGFS_STATS_ADD(rx_handlers_drop_nullfunc);
351 DEBUGFS_STATS_ADD(rx_handlers_drop_defrag);
352 DEBUGFS_STATS_ADD(rx_handlers_drop_short);
353 DEBUGFS_STATS_ADD(rx_handlers_drop_passive_scan);
354 DEBUGFS_STATS_ADD(tx_expand_skb_head);
355 DEBUGFS_STATS_ADD(tx_expand_skb_head_cloned);
356 DEBUGFS_STATS_ADD(rx_expand_skb_head);
357 DEBUGFS_STATS_ADD(rx_expand_skb_head2);
358 DEBUGFS_STATS_ADD(rx_handlers_fragments);
359 DEBUGFS_STATS_ADD(tx_status_drop);
360 DEBUGFS_STATS_ADD(wme_tx_queue);
361 DEBUGFS_STATS_ADD(wme_rx_queue);
362#endif
363 DEBUGFS_STATS_ADD(dot11ACKFailureCount);
364 DEBUGFS_STATS_ADD(dot11RTSFailureCount);
365 DEBUGFS_STATS_ADD(dot11FCSErrorCount);
366 DEBUGFS_STATS_ADD(dot11RTSSuccessCount);
367}
368
369void debugfs_hw_del(struct ieee80211_local *local)
370{
371 DEBUGFS_DEL(channel);
372 DEBUGFS_DEL(frequency);
373 DEBUGFS_DEL(radar_detect);
374 DEBUGFS_DEL(antenna_sel_tx);
375 DEBUGFS_DEL(antenna_sel_rx);
376 DEBUGFS_DEL(bridge_packets);
377 DEBUGFS_DEL(key_tx_rx_threshold);
378 DEBUGFS_DEL(rts_threshold);
379 DEBUGFS_DEL(fragmentation_threshold);
380 DEBUGFS_DEL(short_retry_limit);
381 DEBUGFS_DEL(long_retry_limit);
382 DEBUGFS_DEL(total_ps_buffered);
383 DEBUGFS_DEL(mode);
384 DEBUGFS_DEL(wep_iv);
385 DEBUGFS_DEL(tx_power_reduction);
386 DEBUGFS_DEL(modes);
387
388 DEBUGFS_STATS_DEL(transmitted_fragment_count);
389 DEBUGFS_STATS_DEL(multicast_transmitted_frame_count);
390 DEBUGFS_STATS_DEL(failed_count);
391 DEBUGFS_STATS_DEL(retry_count);
392 DEBUGFS_STATS_DEL(multiple_retry_count);
393 DEBUGFS_STATS_DEL(frame_duplicate_count);
394 DEBUGFS_STATS_DEL(received_fragment_count);
395 DEBUGFS_STATS_DEL(multicast_received_frame_count);
396 DEBUGFS_STATS_DEL(transmitted_frame_count);
397 DEBUGFS_STATS_DEL(wep_undecryptable_count);
398 DEBUGFS_STATS_DEL(num_scans);
399#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
400 DEBUGFS_STATS_DEL(tx_handlers_drop);
401 DEBUGFS_STATS_DEL(tx_handlers_queued);
402 DEBUGFS_STATS_DEL(tx_handlers_drop_unencrypted);
403 DEBUGFS_STATS_DEL(tx_handlers_drop_fragment);
404 DEBUGFS_STATS_DEL(tx_handlers_drop_wep);
405 DEBUGFS_STATS_DEL(tx_handlers_drop_not_assoc);
406 DEBUGFS_STATS_DEL(tx_handlers_drop_unauth_port);
407 DEBUGFS_STATS_DEL(rx_handlers_drop);
408 DEBUGFS_STATS_DEL(rx_handlers_queued);
409 DEBUGFS_STATS_DEL(rx_handlers_drop_nullfunc);
410 DEBUGFS_STATS_DEL(rx_handlers_drop_defrag);
411 DEBUGFS_STATS_DEL(rx_handlers_drop_short);
412 DEBUGFS_STATS_DEL(rx_handlers_drop_passive_scan);
413 DEBUGFS_STATS_DEL(tx_expand_skb_head);
414 DEBUGFS_STATS_DEL(tx_expand_skb_head_cloned);
415 DEBUGFS_STATS_DEL(rx_expand_skb_head);
416 DEBUGFS_STATS_DEL(rx_expand_skb_head2);
417 DEBUGFS_STATS_DEL(rx_handlers_fragments);
418 DEBUGFS_STATS_DEL(tx_status_drop);
419 DEBUGFS_STATS_DEL(wme_tx_queue);
420 DEBUGFS_STATS_DEL(wme_rx_queue);
421#endif
422 DEBUGFS_STATS_DEL(dot11ACKFailureCount);
423 DEBUGFS_STATS_DEL(dot11RTSFailureCount);
424 DEBUGFS_STATS_DEL(dot11FCSErrorCount);
425 DEBUGFS_STATS_DEL(dot11RTSSuccessCount);
426
427 debugfs_remove(local->debugfs.statistics);
428 local->debugfs.statistics = NULL;
429 debugfs_remove(local->debugfs.stations);
430 local->debugfs.stations = NULL;
431 debugfs_remove(local->debugfs.keys);
432 local->debugfs.keys = NULL;
433}
diff --git a/net/mac80211/debugfs.h b/net/mac80211/debugfs.h
new file mode 100644
index 000000000000..dd2541935c27
--- /dev/null
+++ b/net/mac80211/debugfs.h
@@ -0,0 +1,16 @@
1#ifndef __MAC80211_DEBUGFS_H
2#define __MAC80211_DEBUGFS_H
3
4#ifdef CONFIG_MAC80211_DEBUGFS
5extern void debugfs_hw_add(struct ieee80211_local *local);
6extern void debugfs_hw_del(struct ieee80211_local *local);
7extern int mac80211_open_file_generic(struct inode *inode, struct file *file);
8#else
9static inline void debugfs_hw_add(struct ieee80211_local *local)
10{
11 return;
12}
13static inline void debugfs_hw_del(struct ieee80211_local *local) {}
14#endif
15
16#endif /* __MAC80211_DEBUGFS_H */
diff --git a/net/mac80211/debugfs_key.c b/net/mac80211/debugfs_key.c
new file mode 100644
index 000000000000..7d56dc9e7326
--- /dev/null
+++ b/net/mac80211/debugfs_key.c
@@ -0,0 +1,252 @@
1/*
2 * Copyright 2003-2005 Devicescape Software, Inc.
3 * Copyright (c) 2006 Jiri Benc <jbenc@suse.cz>
4 * Copyright 2007 Johannes Berg <johannes@sipsolutions.net>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#include <linux/kobject.h>
12#include "ieee80211_i.h"
13#include "ieee80211_key.h"
14#include "debugfs.h"
15#include "debugfs_key.h"
16
17#define KEY_READ(name, buflen, format_string) \
18static ssize_t key_##name##_read(struct file *file, \
19 char __user *userbuf, \
20 size_t count, loff_t *ppos) \
21{ \
22 char buf[buflen]; \
23 struct ieee80211_key *key = file->private_data; \
24 int res = scnprintf(buf, buflen, format_string, key->name); \
25 return simple_read_from_buffer(userbuf, count, ppos, buf, res); \
26}
27#define KEY_READ_D(name) KEY_READ(name, 20, "%d\n")
28
29#define KEY_OPS(name) \
30static const struct file_operations key_ ##name## _ops = { \
31 .read = key_##name##_read, \
32 .open = mac80211_open_file_generic, \
33}
34
35#define KEY_FILE(name, format) \
36 KEY_READ_##format(name) \
37 KEY_OPS(name)
38
39KEY_FILE(keylen, D);
40KEY_FILE(force_sw_encrypt, D);
41KEY_FILE(keyidx, D);
42KEY_FILE(hw_key_idx, D);
43KEY_FILE(tx_rx_count, D);
44
45static ssize_t key_algorithm_read(struct file *file,
46 char __user *userbuf,
47 size_t count, loff_t *ppos)
48{
49 char *alg;
50 struct ieee80211_key *key = file->private_data;
51
52 switch (key->alg) {
53 case ALG_WEP:
54 alg = "WEP\n";
55 break;
56 case ALG_TKIP:
57 alg = "TKIP\n";
58 break;
59 case ALG_CCMP:
60 alg = "CCMP\n";
61 break;
62 default:
63 return 0;
64 }
65 return simple_read_from_buffer(userbuf, count, ppos, alg, strlen(alg));
66}
67KEY_OPS(algorithm);
68
69static ssize_t key_tx_spec_read(struct file *file, char __user *userbuf,
70 size_t count, loff_t *ppos)
71{
72 const u8 *tpn;
73 char buf[20];
74 int len;
75 struct ieee80211_key *key = file->private_data;
76
77 switch (key->alg) {
78 case ALG_WEP:
79 len = scnprintf(buf, sizeof(buf), "\n");
80 case ALG_TKIP:
81 len = scnprintf(buf, sizeof(buf), "%08x %04x\n",
82 key->u.tkip.iv32,
83 key->u.tkip.iv16);
84 case ALG_CCMP:
85 tpn = key->u.ccmp.tx_pn;
86 len = scnprintf(buf, sizeof(buf), "%02x%02x%02x%02x%02x%02x\n",
87 tpn[0], tpn[1], tpn[2], tpn[3], tpn[4], tpn[5]);
88 default:
89 return 0;
90 }
91 return simple_read_from_buffer(userbuf, count, ppos, buf, len);
92}
93KEY_OPS(tx_spec);
94
95static ssize_t key_rx_spec_read(struct file *file, char __user *userbuf,
96 size_t count, loff_t *ppos)
97{
98 struct ieee80211_key *key = file->private_data;
99 char buf[14*NUM_RX_DATA_QUEUES+1], *p = buf;
100 int i, len;
101 const u8 *rpn;
102
103 switch (key->alg) {
104 case ALG_WEP:
105 len = scnprintf(buf, sizeof(buf), "\n");
106 case ALG_TKIP:
107 for (i = 0; i < NUM_RX_DATA_QUEUES; i++)
108 p += scnprintf(p, sizeof(buf)+buf-p,
109 "%08x %04x\n",
110 key->u.tkip.iv32_rx[i],
111 key->u.tkip.iv16_rx[i]);
112 len = p - buf;
113 case ALG_CCMP:
114 for (i = 0; i < NUM_RX_DATA_QUEUES; i++) {
115 rpn = key->u.ccmp.rx_pn[i];
116 p += scnprintf(p, sizeof(buf)+buf-p,
117 "%02x%02x%02x%02x%02x%02x\n",
118 rpn[0], rpn[1], rpn[2],
119 rpn[3], rpn[4], rpn[5]);
120 }
121 len = p - buf;
122 default:
123 return 0;
124 }
125 return simple_read_from_buffer(userbuf, count, ppos, buf, len);
126}
127KEY_OPS(rx_spec);
128
129static ssize_t key_replays_read(struct file *file, char __user *userbuf,
130 size_t count, loff_t *ppos)
131{
132 struct ieee80211_key *key = file->private_data;
133 char buf[20];
134 int len;
135
136 if (key->alg != ALG_CCMP)
137 return 0;
138 len = scnprintf(buf, sizeof(buf), "%u\n", key->u.ccmp.replays);
139 return simple_read_from_buffer(userbuf, count, ppos, buf, len);
140}
141KEY_OPS(replays);
142
143static ssize_t key_key_read(struct file *file, char __user *userbuf,
144 size_t count, loff_t *ppos)
145{
146 struct ieee80211_key *key = file->private_data;
147 int i, res, bufsize = 2*key->keylen+2;
148 char *buf = kmalloc(bufsize, GFP_KERNEL);
149 char *p = buf;
150
151 for (i = 0; i < key->keylen; i++)
152 p += scnprintf(p, bufsize+buf-p, "%02x", key->key[i]);
153 p += scnprintf(p, bufsize+buf-p, "\n");
154 res = simple_read_from_buffer(userbuf, count, ppos, buf, p - buf);
155 kfree(buf);
156 return res;
157}
158KEY_OPS(key);
159
160#define DEBUGFS_ADD(name) \
161 key->debugfs.name = debugfs_create_file(#name, 0400,\
162 key->debugfs.dir, key, &key_##name##_ops);
163
164void ieee80211_debugfs_key_add(struct ieee80211_local *local,
165 struct ieee80211_key *key)
166{
167 char buf[20];
168
169 if (!local->debugfs.keys)
170 return;
171
172 sprintf(buf, "%d", key->keyidx);
173 key->debugfs.dir = debugfs_create_dir(buf,
174 local->debugfs.keys);
175
176 if (!key->debugfs.dir)
177 return;
178
179 DEBUGFS_ADD(keylen);
180 DEBUGFS_ADD(force_sw_encrypt);
181 DEBUGFS_ADD(keyidx);
182 DEBUGFS_ADD(hw_key_idx);
183 DEBUGFS_ADD(tx_rx_count);
184 DEBUGFS_ADD(algorithm);
185 DEBUGFS_ADD(tx_spec);
186 DEBUGFS_ADD(rx_spec);
187 DEBUGFS_ADD(replays);
188 DEBUGFS_ADD(key);
189};
190
191#define DEBUGFS_DEL(name) \
192 debugfs_remove(key->debugfs.name); key->debugfs.name = NULL;
193
194void ieee80211_debugfs_key_remove(struct ieee80211_key *key)
195{
196 if (!key)
197 return;
198
199 DEBUGFS_DEL(keylen);
200 DEBUGFS_DEL(force_sw_encrypt);
201 DEBUGFS_DEL(keyidx);
202 DEBUGFS_DEL(hw_key_idx);
203 DEBUGFS_DEL(tx_rx_count);
204 DEBUGFS_DEL(algorithm);
205 DEBUGFS_DEL(tx_spec);
206 DEBUGFS_DEL(rx_spec);
207 DEBUGFS_DEL(replays);
208 DEBUGFS_DEL(key);
209
210 debugfs_remove(key->debugfs.stalink);
211 key->debugfs.stalink = NULL;
212 debugfs_remove(key->debugfs.dir);
213 key->debugfs.dir = NULL;
214}
215void ieee80211_debugfs_key_add_default(struct ieee80211_sub_if_data *sdata)
216{
217 char buf[50];
218
219 if (!sdata->debugfsdir)
220 return;
221
222 sprintf(buf, "../keys/%d", sdata->default_key->keyidx);
223 sdata->debugfs.default_key =
224 debugfs_create_symlink("default_key", sdata->debugfsdir, buf);
225}
226void ieee80211_debugfs_key_remove_default(struct ieee80211_sub_if_data *sdata)
227{
228 if (!sdata)
229 return;
230
231 debugfs_remove(sdata->debugfs.default_key);
232 sdata->debugfs.default_key = NULL;
233}
234void ieee80211_debugfs_key_sta_link(struct ieee80211_key *key,
235 struct sta_info *sta)
236{
237 char buf[50];
238
239 if (!key->debugfs.dir)
240 return;
241
242 sprintf(buf, "../sta/" MAC_FMT, MAC_ARG(sta->addr));
243 key->debugfs.stalink =
244 debugfs_create_symlink("station", key->debugfs.dir, buf);
245}
246
247void ieee80211_debugfs_key_sta_del(struct ieee80211_key *key,
248 struct sta_info *sta)
249{
250 debugfs_remove(key->debugfs.stalink);
251 key->debugfs.stalink = NULL;
252}
diff --git a/net/mac80211/debugfs_key.h b/net/mac80211/debugfs_key.h
new file mode 100644
index 000000000000..aecfce395da6
--- /dev/null
+++ b/net/mac80211/debugfs_key.h
@@ -0,0 +1,34 @@
1#ifndef __MAC80211_DEBUGFS_KEY_H
2#define __MAC80211_DEBUGFS_KEY_H
3
4#ifdef CONFIG_MAC80211_DEBUGFS
5void ieee80211_debugfs_key_add(struct ieee80211_local *local,
6 struct ieee80211_key *key);
7void ieee80211_debugfs_key_remove(struct ieee80211_key *key);
8void ieee80211_debugfs_key_add_default(struct ieee80211_sub_if_data *sdata);
9void ieee80211_debugfs_key_remove_default(struct ieee80211_sub_if_data *sdata);
10void ieee80211_debugfs_key_sta_link(struct ieee80211_key *key,
11 struct sta_info *sta);
12void ieee80211_debugfs_key_sta_del(struct ieee80211_key *key,
13 struct sta_info *sta);
14#else
15static inline void ieee80211_debugfs_key_add(struct ieee80211_local *local,
16 struct ieee80211_key *key)
17{}
18static inline void ieee80211_debugfs_key_remove(struct ieee80211_key *key)
19{}
20static inline void ieee80211_debugfs_key_add_default(
21 struct ieee80211_sub_if_data *sdata)
22{}
23static inline void ieee80211_debugfs_key_remove_default(
24 struct ieee80211_sub_if_data *sdata)
25{}
26static inline void ieee80211_debugfs_key_sta_link(
27 struct ieee80211_key *key, struct sta_info *sta)
28{}
29static inline void ieee80211_debugfs_key_sta_del(struct ieee80211_key *key,
30 struct sta_info *sta)
31{}
32#endif
33
34#endif /* __MAC80211_DEBUGFS_KEY_H */
diff --git a/net/mac80211/debugfs_netdev.c b/net/mac80211/debugfs_netdev.c
new file mode 100644
index 000000000000..9e3964638bad
--- /dev/null
+++ b/net/mac80211/debugfs_netdev.c
@@ -0,0 +1,440 @@
1/*
2 * Copyright (c) 2006 Jiri Benc <jbenc@suse.cz>
3 * Copyright 2007 Johannes Berg <johannes@sipsolutions.net>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <linux/kernel.h>
11#include <linux/device.h>
12#include <linux/if.h>
13#include <linux/interrupt.h>
14#include <linux/netdevice.h>
15#include <linux/rtnetlink.h>
16#include <linux/notifier.h>
17#include <net/mac80211.h>
18#include <net/cfg80211.h>
19#include "ieee80211_i.h"
20#include "ieee80211_rate.h"
21#include "debugfs.h"
22#include "debugfs_netdev.h"
23
24static ssize_t ieee80211_if_read(
25 struct ieee80211_sub_if_data *sdata,
26 char __user *userbuf,
27 size_t count, loff_t *ppos,
28 ssize_t (*format)(const struct ieee80211_sub_if_data *, char *, int))
29{
30 char buf[70];
31 ssize_t ret = -EINVAL;
32
33 read_lock(&dev_base_lock);
34 if (sdata->dev->reg_state == NETREG_REGISTERED) {
35 ret = (*format)(sdata, buf, sizeof(buf));
36 ret = simple_read_from_buffer(userbuf, count, ppos, buf, ret);
37 }
38 read_unlock(&dev_base_lock);
39 return ret;
40}
41
42#define IEEE80211_IF_FMT(name, field, format_string) \
43static ssize_t ieee80211_if_fmt_##name( \
44 const struct ieee80211_sub_if_data *sdata, char *buf, \
45 int buflen) \
46{ \
47 return scnprintf(buf, buflen, format_string, sdata->field); \
48}
49#define IEEE80211_IF_FMT_DEC(name, field) \
50 IEEE80211_IF_FMT(name, field, "%d\n")
51#define IEEE80211_IF_FMT_HEX(name, field) \
52 IEEE80211_IF_FMT(name, field, "%#x\n")
53#define IEEE80211_IF_FMT_SIZE(name, field) \
54 IEEE80211_IF_FMT(name, field, "%zd\n")
55
56#define IEEE80211_IF_FMT_ATOMIC(name, field) \
57static ssize_t ieee80211_if_fmt_##name( \
58 const struct ieee80211_sub_if_data *sdata, \
59 char *buf, int buflen) \
60{ \
61 return scnprintf(buf, buflen, "%d\n", atomic_read(&sdata->field));\
62}
63
64#define IEEE80211_IF_FMT_MAC(name, field) \
65static ssize_t ieee80211_if_fmt_##name( \
66 const struct ieee80211_sub_if_data *sdata, char *buf, \
67 int buflen) \
68{ \
69 return scnprintf(buf, buflen, MAC_FMT "\n", MAC_ARG(sdata->field));\
70}
71
72#define __IEEE80211_IF_FILE(name) \
73static ssize_t ieee80211_if_read_##name(struct file *file, \
74 char __user *userbuf, \
75 size_t count, loff_t *ppos) \
76{ \
77 return ieee80211_if_read(file->private_data, \
78 userbuf, count, ppos, \
79 ieee80211_if_fmt_##name); \
80} \
81static const struct file_operations name##_ops = { \
82 .read = ieee80211_if_read_##name, \
83 .open = mac80211_open_file_generic, \
84}
85
86#define IEEE80211_IF_FILE(name, field, format) \
87 IEEE80211_IF_FMT_##format(name, field) \
88 __IEEE80211_IF_FILE(name)
89
90/* common attributes */
91IEEE80211_IF_FILE(channel_use, channel_use, DEC);
92IEEE80211_IF_FILE(drop_unencrypted, drop_unencrypted, DEC);
93IEEE80211_IF_FILE(eapol, eapol, DEC);
94IEEE80211_IF_FILE(ieee8021_x, ieee802_1x, DEC);
95
96/* STA/IBSS attributes */
97IEEE80211_IF_FILE(state, u.sta.state, DEC);
98IEEE80211_IF_FILE(bssid, u.sta.bssid, MAC);
99IEEE80211_IF_FILE(prev_bssid, u.sta.prev_bssid, MAC);
100IEEE80211_IF_FILE(ssid_len, u.sta.ssid_len, SIZE);
101IEEE80211_IF_FILE(aid, u.sta.aid, DEC);
102IEEE80211_IF_FILE(ap_capab, u.sta.ap_capab, HEX);
103IEEE80211_IF_FILE(capab, u.sta.capab, HEX);
104IEEE80211_IF_FILE(extra_ie_len, u.sta.extra_ie_len, SIZE);
105IEEE80211_IF_FILE(auth_tries, u.sta.auth_tries, DEC);
106IEEE80211_IF_FILE(assoc_tries, u.sta.assoc_tries, DEC);
107IEEE80211_IF_FILE(auth_algs, u.sta.auth_algs, HEX);
108IEEE80211_IF_FILE(auth_alg, u.sta.auth_alg, DEC);
109IEEE80211_IF_FILE(auth_transaction, u.sta.auth_transaction, DEC);
110
111static ssize_t ieee80211_if_fmt_flags(
112 const struct ieee80211_sub_if_data *sdata, char *buf, int buflen)
113{
114 return scnprintf(buf, buflen, "%s%s%s%s%s%s%s\n",
115 sdata->u.sta.ssid_set ? "SSID\n" : "",
116 sdata->u.sta.bssid_set ? "BSSID\n" : "",
117 sdata->u.sta.prev_bssid_set ? "prev BSSID\n" : "",
118 sdata->u.sta.authenticated ? "AUTH\n" : "",
119 sdata->u.sta.associated ? "ASSOC\n" : "",
120 sdata->u.sta.probereq_poll ? "PROBEREQ POLL\n" : "",
121 sdata->u.sta.use_protection ? "CTS prot\n" : "");
122}
123__IEEE80211_IF_FILE(flags);
124
125/* AP attributes */
126IEEE80211_IF_FILE(num_sta_ps, u.ap.num_sta_ps, ATOMIC);
127IEEE80211_IF_FILE(dtim_period, u.ap.dtim_period, DEC);
128IEEE80211_IF_FILE(dtim_count, u.ap.dtim_count, DEC);
129IEEE80211_IF_FILE(num_beacons, u.ap.num_beacons, DEC);
130IEEE80211_IF_FILE(force_unicast_rateidx, u.ap.force_unicast_rateidx, DEC);
131IEEE80211_IF_FILE(max_ratectrl_rateidx, u.ap.max_ratectrl_rateidx, DEC);
132
133static ssize_t ieee80211_if_fmt_num_buffered_multicast(
134 const struct ieee80211_sub_if_data *sdata, char *buf, int buflen)
135{
136 return scnprintf(buf, buflen, "%u\n",
137 skb_queue_len(&sdata->u.ap.ps_bc_buf));
138}
139__IEEE80211_IF_FILE(num_buffered_multicast);
140
141static ssize_t ieee80211_if_fmt_beacon_head_len(
142 const struct ieee80211_sub_if_data *sdata, char *buf, int buflen)
143{
144 if (sdata->u.ap.beacon_head)
145 return scnprintf(buf, buflen, "%d\n",
146 sdata->u.ap.beacon_head_len);
147 return scnprintf(buf, buflen, "\n");
148}
149__IEEE80211_IF_FILE(beacon_head_len);
150
151static ssize_t ieee80211_if_fmt_beacon_tail_len(
152 const struct ieee80211_sub_if_data *sdata, char *buf, int buflen)
153{
154 if (sdata->u.ap.beacon_tail)
155 return scnprintf(buf, buflen, "%d\n",
156 sdata->u.ap.beacon_tail_len);
157 return scnprintf(buf, buflen, "\n");
158}
159__IEEE80211_IF_FILE(beacon_tail_len);
160
161/* WDS attributes */
162IEEE80211_IF_FILE(peer, u.wds.remote_addr, MAC);
163
164/* VLAN attributes */
165IEEE80211_IF_FILE(vlan_id, u.vlan.id, DEC);
166
167/* MONITOR attributes */
168static ssize_t ieee80211_if_fmt_mode(
169 const struct ieee80211_sub_if_data *sdata, char *buf, int buflen)
170{
171 struct ieee80211_local *local = sdata->local;
172
173 return scnprintf(buf, buflen, "%s\n",
174 ((local->hw.flags & IEEE80211_HW_MONITOR_DURING_OPER) ||
175 local->open_count == local->monitors) ?
176 "hard" : "soft");
177}
178__IEEE80211_IF_FILE(mode);
179
180
181#define DEBUGFS_ADD(name, type)\
182 sdata->debugfs.type.name = debugfs_create_file(#name, 0444,\
183 sdata->debugfsdir, sdata, &name##_ops);
184
185static void add_sta_files(struct ieee80211_sub_if_data *sdata)
186{
187 DEBUGFS_ADD(channel_use, sta);
188 DEBUGFS_ADD(drop_unencrypted, sta);
189 DEBUGFS_ADD(eapol, sta);
190 DEBUGFS_ADD(ieee8021_x, sta);
191 DEBUGFS_ADD(state, sta);
192 DEBUGFS_ADD(bssid, sta);
193 DEBUGFS_ADD(prev_bssid, sta);
194 DEBUGFS_ADD(ssid_len, sta);
195 DEBUGFS_ADD(aid, sta);
196 DEBUGFS_ADD(ap_capab, sta);
197 DEBUGFS_ADD(capab, sta);
198 DEBUGFS_ADD(extra_ie_len, sta);
199 DEBUGFS_ADD(auth_tries, sta);
200 DEBUGFS_ADD(assoc_tries, sta);
201 DEBUGFS_ADD(auth_algs, sta);
202 DEBUGFS_ADD(auth_alg, sta);
203 DEBUGFS_ADD(auth_transaction, sta);
204 DEBUGFS_ADD(flags, sta);
205}
206
207static void add_ap_files(struct ieee80211_sub_if_data *sdata)
208{
209 DEBUGFS_ADD(channel_use, ap);
210 DEBUGFS_ADD(drop_unencrypted, ap);
211 DEBUGFS_ADD(eapol, ap);
212 DEBUGFS_ADD(ieee8021_x, ap);
213 DEBUGFS_ADD(num_sta_ps, ap);
214 DEBUGFS_ADD(dtim_period, ap);
215 DEBUGFS_ADD(dtim_count, ap);
216 DEBUGFS_ADD(num_beacons, ap);
217 DEBUGFS_ADD(force_unicast_rateidx, ap);
218 DEBUGFS_ADD(max_ratectrl_rateidx, ap);
219 DEBUGFS_ADD(num_buffered_multicast, ap);
220 DEBUGFS_ADD(beacon_head_len, ap);
221 DEBUGFS_ADD(beacon_tail_len, ap);
222}
223
224static void add_wds_files(struct ieee80211_sub_if_data *sdata)
225{
226 DEBUGFS_ADD(channel_use, wds);
227 DEBUGFS_ADD(drop_unencrypted, wds);
228 DEBUGFS_ADD(eapol, wds);
229 DEBUGFS_ADD(ieee8021_x, wds);
230 DEBUGFS_ADD(peer, wds);
231}
232
233static void add_vlan_files(struct ieee80211_sub_if_data *sdata)
234{
235 DEBUGFS_ADD(channel_use, vlan);
236 DEBUGFS_ADD(drop_unencrypted, vlan);
237 DEBUGFS_ADD(eapol, vlan);
238 DEBUGFS_ADD(ieee8021_x, vlan);
239 DEBUGFS_ADD(vlan_id, vlan);
240}
241
242static void add_monitor_files(struct ieee80211_sub_if_data *sdata)
243{
244 DEBUGFS_ADD(mode, monitor);
245}
246
247static void add_files(struct ieee80211_sub_if_data *sdata)
248{
249 if (!sdata->debugfsdir)
250 return;
251
252 switch (sdata->type) {
253 case IEEE80211_IF_TYPE_STA:
254 case IEEE80211_IF_TYPE_IBSS:
255 add_sta_files(sdata);
256 break;
257 case IEEE80211_IF_TYPE_AP:
258 add_ap_files(sdata);
259 break;
260 case IEEE80211_IF_TYPE_WDS:
261 add_wds_files(sdata);
262 break;
263 case IEEE80211_IF_TYPE_MNTR:
264 add_monitor_files(sdata);
265 break;
266 case IEEE80211_IF_TYPE_VLAN:
267 add_vlan_files(sdata);
268 break;
269 default:
270 break;
271 }
272}
273
274#define DEBUGFS_DEL(name, type)\
275 debugfs_remove(sdata->debugfs.type.name);\
276 sdata->debugfs.type.name = NULL;
277
278static void del_sta_files(struct ieee80211_sub_if_data *sdata)
279{
280 DEBUGFS_DEL(channel_use, sta);
281 DEBUGFS_DEL(drop_unencrypted, sta);
282 DEBUGFS_DEL(eapol, sta);
283 DEBUGFS_DEL(ieee8021_x, sta);
284 DEBUGFS_DEL(state, sta);
285 DEBUGFS_DEL(bssid, sta);
286 DEBUGFS_DEL(prev_bssid, sta);
287 DEBUGFS_DEL(ssid_len, sta);
288 DEBUGFS_DEL(aid, sta);
289 DEBUGFS_DEL(ap_capab, sta);
290 DEBUGFS_DEL(capab, sta);
291 DEBUGFS_DEL(extra_ie_len, sta);
292 DEBUGFS_DEL(auth_tries, sta);
293 DEBUGFS_DEL(assoc_tries, sta);
294 DEBUGFS_DEL(auth_algs, sta);
295 DEBUGFS_DEL(auth_alg, sta);
296 DEBUGFS_DEL(auth_transaction, sta);
297 DEBUGFS_DEL(flags, sta);
298}
299
300static void del_ap_files(struct ieee80211_sub_if_data *sdata)
301{
302 DEBUGFS_DEL(channel_use, ap);
303 DEBUGFS_DEL(drop_unencrypted, ap);
304 DEBUGFS_DEL(eapol, ap);
305 DEBUGFS_DEL(ieee8021_x, ap);
306 DEBUGFS_DEL(num_sta_ps, ap);
307 DEBUGFS_DEL(dtim_period, ap);
308 DEBUGFS_DEL(dtim_count, ap);
309 DEBUGFS_DEL(num_beacons, ap);
310 DEBUGFS_DEL(force_unicast_rateidx, ap);
311 DEBUGFS_DEL(max_ratectrl_rateidx, ap);
312 DEBUGFS_DEL(num_buffered_multicast, ap);
313 DEBUGFS_DEL(beacon_head_len, ap);
314 DEBUGFS_DEL(beacon_tail_len, ap);
315}
316
317static void del_wds_files(struct ieee80211_sub_if_data *sdata)
318{
319 DEBUGFS_DEL(channel_use, wds);
320 DEBUGFS_DEL(drop_unencrypted, wds);
321 DEBUGFS_DEL(eapol, wds);
322 DEBUGFS_DEL(ieee8021_x, wds);
323 DEBUGFS_DEL(peer, wds);
324}
325
326static void del_vlan_files(struct ieee80211_sub_if_data *sdata)
327{
328 DEBUGFS_DEL(channel_use, vlan);
329 DEBUGFS_DEL(drop_unencrypted, vlan);
330 DEBUGFS_DEL(eapol, vlan);
331 DEBUGFS_DEL(ieee8021_x, vlan);
332 DEBUGFS_DEL(vlan_id, vlan);
333}
334
335static void del_monitor_files(struct ieee80211_sub_if_data *sdata)
336{
337 DEBUGFS_DEL(mode, monitor);
338}
339
340static void del_files(struct ieee80211_sub_if_data *sdata, int type)
341{
342 if (!sdata->debugfsdir)
343 return;
344
345 switch (type) {
346 case IEEE80211_IF_TYPE_STA:
347 case IEEE80211_IF_TYPE_IBSS:
348 del_sta_files(sdata);
349 break;
350 case IEEE80211_IF_TYPE_AP:
351 del_ap_files(sdata);
352 break;
353 case IEEE80211_IF_TYPE_WDS:
354 del_wds_files(sdata);
355 break;
356 case IEEE80211_IF_TYPE_MNTR:
357 del_monitor_files(sdata);
358 break;
359 case IEEE80211_IF_TYPE_VLAN:
360 del_vlan_files(sdata);
361 break;
362 default:
363 break;
364 }
365}
366
367static int notif_registered;
368
369void ieee80211_debugfs_add_netdev(struct ieee80211_sub_if_data *sdata)
370{
371 char buf[10+IFNAMSIZ];
372
373 if (!notif_registered)
374 return;
375
376 sprintf(buf, "netdev:%s", sdata->dev->name);
377 sdata->debugfsdir = debugfs_create_dir(buf,
378 sdata->local->hw.wiphy->debugfsdir);
379}
380
381void ieee80211_debugfs_remove_netdev(struct ieee80211_sub_if_data *sdata)
382{
383 del_files(sdata, sdata->type);
384 debugfs_remove(sdata->debugfsdir);
385 sdata->debugfsdir = NULL;
386}
387
388void ieee80211_debugfs_change_if_type(struct ieee80211_sub_if_data *sdata,
389 int oldtype)
390{
391 del_files(sdata, oldtype);
392 add_files(sdata);
393}
394
395static int netdev_notify(struct notifier_block * nb,
396 unsigned long state,
397 void *ndev)
398{
399 struct net_device *dev = ndev;
400 char buf[10+IFNAMSIZ];
401
402 if (state != NETDEV_CHANGENAME)
403 return 0;
404
405 if (!dev->ieee80211_ptr || !dev->ieee80211_ptr->wiphy)
406 return 0;
407
408 if (dev->ieee80211_ptr->wiphy->privid != mac80211_wiphy_privid)
409 return 0;
410
411 /* TODO
412 sprintf(buf, "netdev:%s", dev->name);
413 debugfs_rename(IEEE80211_DEV_TO_SUB_IF(dev)->debugfsdir, buf);
414 */
415
416 return 0;
417}
418
419static struct notifier_block mac80211_debugfs_netdev_notifier = {
420 .notifier_call = netdev_notify,
421};
422
423void ieee80211_debugfs_netdev_init(void)
424{
425 int err;
426
427 err = register_netdevice_notifier(&mac80211_debugfs_netdev_notifier);
428 if (err) {
429 printk(KERN_ERR
430 "mac80211: failed to install netdev notifier,"
431 " disabling per-netdev debugfs!\n");
432 } else
433 notif_registered = 1;
434}
435
436void ieee80211_debugfs_netdev_exit(void)
437{
438 unregister_netdevice_notifier(&mac80211_debugfs_netdev_notifier);
439 notif_registered = 0;
440}
diff --git a/net/mac80211/debugfs_netdev.h b/net/mac80211/debugfs_netdev.h
new file mode 100644
index 000000000000..a690071fde8a
--- /dev/null
+++ b/net/mac80211/debugfs_netdev.h
@@ -0,0 +1,30 @@
1/* routines exported for debugfs handling */
2
3#ifndef __IEEE80211_DEBUGFS_NETDEV_H
4#define __IEEE80211_DEBUGFS_NETDEV_H
5
6#ifdef CONFIG_MAC80211_DEBUGFS
7void ieee80211_debugfs_add_netdev(struct ieee80211_sub_if_data *sdata);
8void ieee80211_debugfs_remove_netdev(struct ieee80211_sub_if_data *sdata);
9void ieee80211_debugfs_change_if_type(struct ieee80211_sub_if_data *sdata,
10 int oldtype);
11void ieee80211_debugfs_netdev_init(void);
12void ieee80211_debugfs_netdev_exit(void);
13#else
14static inline void ieee80211_debugfs_add_netdev(
15 struct ieee80211_sub_if_data *sdata)
16{}
17static inline void ieee80211_debugfs_remove_netdev(
18 struct ieee80211_sub_if_data *sdata)
19{}
20static inline void ieee80211_debugfs_change_if_type(
21 struct ieee80211_sub_if_data *sdata, int oldtype)
22{}
23static inline void ieee80211_debugfs_netdev_init(void)
24{}
25
26static inline void ieee80211_debugfs_netdev_exit(void)
27{}
28#endif
29
30#endif /* __IEEE80211_DEBUGFS_NETDEV_H */
diff --git a/net/mac80211/debugfs_sta.c b/net/mac80211/debugfs_sta.c
new file mode 100644
index 000000000000..d41e696f3980
--- /dev/null
+++ b/net/mac80211/debugfs_sta.c
@@ -0,0 +1,246 @@
1/*
2 * Copyright 2003-2005 Devicescape Software, Inc.
3 * Copyright (c) 2006 Jiri Benc <jbenc@suse.cz>
4 * Copyright 2007 Johannes Berg <johannes@sipsolutions.net>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#include <linux/debugfs.h>
12#include <linux/ieee80211.h>
13#include "ieee80211_i.h"
14#include "debugfs.h"
15#include "debugfs_sta.h"
16#include "sta_info.h"
17
18/* sta attributtes */
19
20#define STA_READ(name, buflen, field, format_string) \
21static ssize_t sta_ ##name## _read(struct file *file, \
22 char __user *userbuf, \
23 size_t count, loff_t *ppos) \
24{ \
25 int res; \
26 struct sta_info *sta = file->private_data; \
27 char buf[buflen]; \
28 res = scnprintf(buf, buflen, format_string, sta->field); \
29 return simple_read_from_buffer(userbuf, count, ppos, buf, res); \
30}
31#define STA_READ_D(name, field) STA_READ(name, 20, field, "%d\n")
32#define STA_READ_U(name, field) STA_READ(name, 20, field, "%u\n")
33#define STA_READ_LU(name, field) STA_READ(name, 20, field, "%lu\n")
34#define STA_READ_S(name, field) STA_READ(name, 20, field, "%s\n")
35
36#define STA_READ_RATE(name, field) \
37static ssize_t sta_##name##_read(struct file *file, \
38 char __user *userbuf, \
39 size_t count, loff_t *ppos) \
40{ \
41 struct sta_info *sta = file->private_data; \
42 struct ieee80211_local *local = wdev_priv(sta->dev->ieee80211_ptr);\
43 struct ieee80211_hw_mode *mode = local->oper_hw_mode; \
44 char buf[20]; \
45 int res = scnprintf(buf, sizeof(buf), "%d\n", \
46 (sta->field >= 0 && \
47 sta->field < mode->num_rates) ? \
48 mode->rates[sta->field].rate : -1); \
49 return simple_read_from_buffer(userbuf, count, ppos, buf, res); \
50}
51
52#define STA_OPS(name) \
53static const struct file_operations sta_ ##name## _ops = { \
54 .read = sta_##name##_read, \
55 .open = mac80211_open_file_generic, \
56}
57
58#define STA_FILE(name, field, format) \
59 STA_READ_##format(name, field) \
60 STA_OPS(name)
61
62STA_FILE(aid, aid, D);
63STA_FILE(key_idx_compression, key_idx_compression, D);
64STA_FILE(dev, dev->name, S);
65STA_FILE(vlan_id, vlan_id, D);
66STA_FILE(rx_packets, rx_packets, LU);
67STA_FILE(tx_packets, tx_packets, LU);
68STA_FILE(rx_bytes, rx_bytes, LU);
69STA_FILE(tx_bytes, tx_bytes, LU);
70STA_FILE(rx_duplicates, num_duplicates, LU);
71STA_FILE(rx_fragments, rx_fragments, LU);
72STA_FILE(rx_dropped, rx_dropped, LU);
73STA_FILE(tx_fragments, tx_fragments, LU);
74STA_FILE(tx_filtered, tx_filtered_count, LU);
75STA_FILE(txrate, txrate, RATE);
76STA_FILE(last_txrate, last_txrate, RATE);
77STA_FILE(tx_retry_failed, tx_retry_failed, LU);
78STA_FILE(tx_retry_count, tx_retry_count, LU);
79STA_FILE(last_rssi, last_rssi, D);
80STA_FILE(last_signal, last_signal, D);
81STA_FILE(last_noise, last_noise, D);
82STA_FILE(channel_use, channel_use, D);
83STA_FILE(wep_weak_iv_count, wep_weak_iv_count, D);
84
85static ssize_t sta_flags_read(struct file *file, char __user *userbuf,
86 size_t count, loff_t *ppos)
87{
88 char buf[100];
89 struct sta_info *sta = file->private_data;
90 int res = scnprintf(buf, sizeof(buf), "%s%s%s%s%s%s%s%s%s",
91 sta->flags & WLAN_STA_AUTH ? "AUTH\n" : "",
92 sta->flags & WLAN_STA_ASSOC ? "ASSOC\n" : "",
93 sta->flags & WLAN_STA_PS ? "PS\n" : "",
94 sta->flags & WLAN_STA_TIM ? "TIM\n" : "",
95 sta->flags & WLAN_STA_PERM ? "PERM\n" : "",
96 sta->flags & WLAN_STA_AUTHORIZED ? "AUTHORIZED\n" : "",
97 sta->flags & WLAN_STA_SHORT_PREAMBLE ? "SHORT PREAMBLE\n" : "",
98 sta->flags & WLAN_STA_WME ? "WME\n" : "",
99 sta->flags & WLAN_STA_WDS ? "WDS\n" : "");
100 return simple_read_from_buffer(userbuf, count, ppos, buf, res);
101}
102STA_OPS(flags);
103
104static ssize_t sta_num_ps_buf_frames_read(struct file *file,
105 char __user *userbuf,
106 size_t count, loff_t *ppos)
107{
108 char buf[20];
109 struct sta_info *sta = file->private_data;
110 int res = scnprintf(buf, sizeof(buf), "%u\n",
111 skb_queue_len(&sta->ps_tx_buf));
112 return simple_read_from_buffer(userbuf, count, ppos, buf, res);
113}
114STA_OPS(num_ps_buf_frames);
115
116static ssize_t sta_last_ack_rssi_read(struct file *file, char __user *userbuf,
117 size_t count, loff_t *ppos)
118{
119 char buf[100];
120 struct sta_info *sta = file->private_data;
121 int res = scnprintf(buf, sizeof(buf), "%d %d %d\n",
122 sta->last_ack_rssi[0],
123 sta->last_ack_rssi[1],
124 sta->last_ack_rssi[2]);
125 return simple_read_from_buffer(userbuf, count, ppos, buf, res);
126}
127STA_OPS(last_ack_rssi);
128
129static ssize_t sta_last_ack_ms_read(struct file *file, char __user *userbuf,
130 size_t count, loff_t *ppos)
131{
132 char buf[20];
133 struct sta_info *sta = file->private_data;
134 int res = scnprintf(buf, sizeof(buf), "%d\n",
135 sta->last_ack ?
136 jiffies_to_msecs(jiffies - sta->last_ack) : -1);
137 return simple_read_from_buffer(userbuf, count, ppos, buf, res);
138}
139STA_OPS(last_ack_ms);
140
141static ssize_t sta_inactive_ms_read(struct file *file, char __user *userbuf,
142 size_t count, loff_t *ppos)
143{
144 char buf[20];
145 struct sta_info *sta = file->private_data;
146 int res = scnprintf(buf, sizeof(buf), "%d\n",
147 jiffies_to_msecs(jiffies - sta->last_rx));
148 return simple_read_from_buffer(userbuf, count, ppos, buf, res);
149}
150STA_OPS(inactive_ms);
151
152static ssize_t sta_last_seq_ctrl_read(struct file *file, char __user *userbuf,
153 size_t count, loff_t *ppos)
154{
155 char buf[15*NUM_RX_DATA_QUEUES], *p = buf;
156 int i;
157 struct sta_info *sta = file->private_data;
158 for (i = 0; i < NUM_RX_DATA_QUEUES; i++)
159 p += scnprintf(p, sizeof(buf)+buf-p, "%x ",
160 sta->last_seq_ctrl[i]);
161 p += scnprintf(p, sizeof(buf)+buf-p, "\n");
162 return simple_read_from_buffer(userbuf, count, ppos, buf, p - buf);
163}
164STA_OPS(last_seq_ctrl);
165
166#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
167static ssize_t sta_wme_rx_queue_read(struct file *file, char __user *userbuf,
168 size_t count, loff_t *ppos)
169{
170 char buf[15*NUM_RX_DATA_QUEUES], *p = buf;
171 int i;
172 struct sta_info *sta = file->private_data;
173 for (i = 0; i < NUM_RX_DATA_QUEUES; i++)
174 p += scnprintf(p, sizeof(buf)+buf-p, "%u ",
175 sta->wme_rx_queue[i]);
176 p += scnprintf(p, sizeof(buf)+buf-p, "\n");
177 return simple_read_from_buffer(userbuf, count, ppos, buf, p - buf);
178}
179STA_OPS(wme_rx_queue);
180
181static ssize_t sta_wme_tx_queue_read(struct file *file, char __user *userbuf,
182 size_t count, loff_t *ppos)
183{
184 char buf[15*NUM_TX_DATA_QUEUES], *p = buf;
185 int i;
186 struct sta_info *sta = file->private_data;
187 for (i = 0; i < NUM_TX_DATA_QUEUES; i++)
188 p += scnprintf(p, sizeof(buf)+buf-p, "%u ",
189 sta->wme_tx_queue[i]);
190 p += scnprintf(p, sizeof(buf)+buf-p, "\n");
191 return simple_read_from_buffer(userbuf, count, ppos, buf, p - buf);
192}
193STA_OPS(wme_tx_queue);
194#endif
195
196#define DEBUGFS_ADD(name) \
197 sta->debugfs.name = debugfs_create_file(#name, 0444, \
198 sta->debugfs.dir, sta, &sta_ ##name## _ops);
199
200#define DEBUGFS_DEL(name) \
201 debugfs_remove(sta->debugfs.name);\
202 sta->debugfs.name = NULL;
203
204
205void ieee80211_sta_debugfs_add(struct sta_info *sta)
206{
207 char buf[3*6];
208 struct dentry *stations_dir = sta->local->debugfs.stations;
209
210 if (!stations_dir)
211 return;
212
213 sprintf(buf, MAC_FMT, MAC_ARG(sta->addr));
214
215 sta->debugfs.dir = debugfs_create_dir(buf, stations_dir);
216 if (!sta->debugfs.dir)
217 return;
218
219 DEBUGFS_ADD(flags);
220 DEBUGFS_ADD(num_ps_buf_frames);
221 DEBUGFS_ADD(last_ack_rssi);
222 DEBUGFS_ADD(last_ack_ms);
223 DEBUGFS_ADD(inactive_ms);
224 DEBUGFS_ADD(last_seq_ctrl);
225#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
226 DEBUGFS_ADD(wme_rx_queue);
227 DEBUGFS_ADD(wme_tx_queue);
228#endif
229}
230
231void ieee80211_sta_debugfs_remove(struct sta_info *sta)
232{
233 DEBUGFS_DEL(flags);
234 DEBUGFS_DEL(num_ps_buf_frames);
235 DEBUGFS_DEL(last_ack_rssi);
236 DEBUGFS_DEL(last_ack_ms);
237 DEBUGFS_DEL(inactive_ms);
238 DEBUGFS_DEL(last_seq_ctrl);
239#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
240 DEBUGFS_DEL(wme_rx_queue);
241 DEBUGFS_DEL(wme_tx_queue);
242#endif
243
244 debugfs_remove(sta->debugfs.dir);
245 sta->debugfs.dir = NULL;
246}
diff --git a/net/mac80211/debugfs_sta.h b/net/mac80211/debugfs_sta.h
new file mode 100644
index 000000000000..574a1cd54b96
--- /dev/null
+++ b/net/mac80211/debugfs_sta.h
@@ -0,0 +1,12 @@
1#ifndef __MAC80211_DEBUGFS_STA_H
2#define __MAC80211_DEBUGFS_STA_H
3
4#ifdef CONFIG_MAC80211_DEBUGFS
5void ieee80211_sta_debugfs_add(struct sta_info *sta);
6void ieee80211_sta_debugfs_remove(struct sta_info *sta);
7#else
8static inline void ieee80211_sta_debugfs_add(struct sta_info *sta) {}
9static inline void ieee80211_sta_debugfs_remove(struct sta_info *sta) {}
10#endif
11
12#endif /* __MAC80211_DEBUGFS_STA_H */
diff --git a/net/mac80211/hostapd_ioctl.h b/net/mac80211/hostapd_ioctl.h
new file mode 100644
index 000000000000..34fa128e9872
--- /dev/null
+++ b/net/mac80211/hostapd_ioctl.h
@@ -0,0 +1,108 @@
1/*
2 * Host AP (software wireless LAN access point) user space daemon for
3 * Host AP kernel driver
4 * Copyright 2002-2003, Jouni Malinen <jkmaline@cc.hut.fi>
5 * Copyright 2002-2004, Instant802 Networks, Inc.
6 * Copyright 2005, Devicescape Software, Inc.
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License version 2 as
10 * published by the Free Software Foundation.
11 */
12
13#ifndef HOSTAPD_IOCTL_H
14#define HOSTAPD_IOCTL_H
15
16#ifdef __KERNEL__
17#include <linux/types.h>
18#endif /* __KERNEL__ */
19
20#define PRISM2_IOCTL_PRISM2_PARAM (SIOCIWFIRSTPRIV + 0)
21#define PRISM2_IOCTL_GET_PRISM2_PARAM (SIOCIWFIRSTPRIV + 1)
22#define PRISM2_IOCTL_HOSTAPD (SIOCIWFIRSTPRIV + 3)
23
24/* PRISM2_IOCTL_PRISM2_PARAM ioctl() subtypes:
25 * This table is no longer added to, the whole sub-ioctl
26 * mess shall be deleted completely. */
27enum {
28 PRISM2_PARAM_IEEE_802_1X = 23,
29 PRISM2_PARAM_ANTSEL_TX = 24,
30 PRISM2_PARAM_ANTSEL_RX = 25,
31
32 /* Instant802 additions */
33 PRISM2_PARAM_CTS_PROTECT_ERP_FRAMES = 1001,
34 PRISM2_PARAM_DROP_UNENCRYPTED = 1002,
35 PRISM2_PARAM_PREAMBLE = 1003,
36 PRISM2_PARAM_SHORT_SLOT_TIME = 1006,
37 PRISM2_PARAM_NEXT_MODE = 1008,
38 PRISM2_PARAM_CLEAR_KEYS = 1009,
39 PRISM2_PARAM_RADIO_ENABLED = 1010,
40 PRISM2_PARAM_ANTENNA_MODE = 1013,
41 PRISM2_PARAM_STAT_TIME = 1016,
42 PRISM2_PARAM_STA_ANTENNA_SEL = 1017,
43 PRISM2_PARAM_FORCE_UNICAST_RATE = 1018,
44 PRISM2_PARAM_RATE_CTRL_NUM_UP = 1019,
45 PRISM2_PARAM_RATE_CTRL_NUM_DOWN = 1020,
46 PRISM2_PARAM_MAX_RATECTRL_RATE = 1021,
47 PRISM2_PARAM_TX_POWER_REDUCTION = 1022,
48 PRISM2_PARAM_KEY_TX_RX_THRESHOLD = 1024,
49 PRISM2_PARAM_DEFAULT_WEP_ONLY = 1026,
50 PRISM2_PARAM_WIFI_WME_NOACK_TEST = 1033,
51 PRISM2_PARAM_SCAN_FLAGS = 1035,
52 PRISM2_PARAM_HW_MODES = 1036,
53 PRISM2_PARAM_CREATE_IBSS = 1037,
54 PRISM2_PARAM_WMM_ENABLED = 1038,
55 PRISM2_PARAM_MIXED_CELL = 1039,
56 PRISM2_PARAM_RADAR_DETECT = 1043,
57 PRISM2_PARAM_SPECTRUM_MGMT = 1044,
58};
59
60enum {
61 IEEE80211_KEY_MGMT_NONE = 0,
62 IEEE80211_KEY_MGMT_IEEE8021X = 1,
63 IEEE80211_KEY_MGMT_WPA_PSK = 2,
64 IEEE80211_KEY_MGMT_WPA_EAP = 3,
65};
66
67
68/* Data structures used for get_hw_features ioctl */
69struct hostapd_ioctl_hw_modes_hdr {
70 int mode;
71 int num_channels;
72 int num_rates;
73};
74
75struct ieee80211_channel_data {
76 short chan; /* channel number (IEEE 802.11) */
77 short freq; /* frequency in MHz */
78 int flag; /* flag for hostapd use (IEEE80211_CHAN_*) */
79};
80
81struct ieee80211_rate_data {
82 int rate; /* rate in 100 kbps */
83 int flags; /* IEEE80211_RATE_ flags */
84};
85
86
87/* ADD_IF, REMOVE_IF, and UPDATE_IF 'type' argument */
88enum {
89 HOSTAP_IF_WDS = 1, HOSTAP_IF_VLAN = 2, HOSTAP_IF_BSS = 3,
90 HOSTAP_IF_STA = 4
91};
92
93struct hostapd_if_wds {
94 u8 remote_addr[ETH_ALEN];
95};
96
97struct hostapd_if_vlan {
98 u8 id;
99};
100
101struct hostapd_if_bss {
102 u8 bssid[ETH_ALEN];
103};
104
105struct hostapd_if_sta {
106};
107
108#endif /* HOSTAPD_IOCTL_H */
diff --git a/net/mac80211/ieee80211.c b/net/mac80211/ieee80211.c
new file mode 100644
index 000000000000..6e36df67f8d5
--- /dev/null
+++ b/net/mac80211/ieee80211.c
@@ -0,0 +1,4984 @@
1/*
2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#include <net/mac80211.h>
12#include <net/ieee80211_radiotap.h>
13#include <linux/module.h>
14#include <linux/init.h>
15#include <linux/netdevice.h>
16#include <linux/types.h>
17#include <linux/slab.h>
18#include <linux/skbuff.h>
19#include <linux/etherdevice.h>
20#include <linux/if_arp.h>
21#include <linux/wireless.h>
22#include <linux/rtnetlink.h>
23#include <net/iw_handler.h>
24#include <linux/compiler.h>
25#include <linux/bitmap.h>
26#include <net/cfg80211.h>
27
28#include "ieee80211_common.h"
29#include "ieee80211_i.h"
30#include "ieee80211_rate.h"
31#include "wep.h"
32#include "wpa.h"
33#include "tkip.h"
34#include "wme.h"
35#include "aes_ccm.h"
36#include "ieee80211_led.h"
37#include "ieee80211_cfg.h"
38#include "debugfs.h"
39#include "debugfs_netdev.h"
40#include "debugfs_key.h"
41
42/* privid for wiphys to determine whether they belong to us or not */
43void *mac80211_wiphy_privid = &mac80211_wiphy_privid;
44
45/* See IEEE 802.1H for LLC/SNAP encapsulation/decapsulation */
46/* Ethernet-II snap header (RFC1042 for most EtherTypes) */
47static const unsigned char rfc1042_header[] =
48 { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
49
50/* Bridge-Tunnel header (for EtherTypes ETH_P_AARP and ETH_P_IPX) */
51static const unsigned char bridge_tunnel_header[] =
52 { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0xf8 };
53
54/* No encapsulation header if EtherType < 0x600 (=length) */
55static const unsigned char eapol_header[] =
56 { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00, 0x88, 0x8e };
57
58
59static inline void ieee80211_include_sequence(struct ieee80211_sub_if_data *sdata,
60 struct ieee80211_hdr *hdr)
61{
62 /* Set the sequence number for this frame. */
63 hdr->seq_ctrl = cpu_to_le16(sdata->sequence);
64
65 /* Increase the sequence number. */
66 sdata->sequence = (sdata->sequence + 0x10) & IEEE80211_SCTL_SEQ;
67}
68
69struct ieee80211_key_conf *
70ieee80211_key_data2conf(struct ieee80211_local *local,
71 const struct ieee80211_key *data)
72{
73 struct ieee80211_key_conf *conf;
74
75 conf = kmalloc(sizeof(*conf) + data->keylen, GFP_ATOMIC);
76 if (!conf)
77 return NULL;
78
79 conf->hw_key_idx = data->hw_key_idx;
80 conf->alg = data->alg;
81 conf->keylen = data->keylen;
82 conf->flags = 0;
83 if (data->force_sw_encrypt)
84 conf->flags |= IEEE80211_KEY_FORCE_SW_ENCRYPT;
85 conf->keyidx = data->keyidx;
86 if (data->default_tx_key)
87 conf->flags |= IEEE80211_KEY_DEFAULT_TX_KEY;
88 if (local->default_wep_only)
89 conf->flags |= IEEE80211_KEY_DEFAULT_WEP_ONLY;
90 memcpy(conf->key, data->key, data->keylen);
91
92 return conf;
93}
94
95struct ieee80211_key *ieee80211_key_alloc(struct ieee80211_sub_if_data *sdata,
96 int idx, size_t key_len, gfp_t flags)
97{
98 struct ieee80211_key *key;
99
100 key = kzalloc(sizeof(struct ieee80211_key) + key_len, flags);
101 if (!key)
102 return NULL;
103 kref_init(&key->kref);
104 return key;
105}
106
107static void ieee80211_key_release(struct kref *kref)
108{
109 struct ieee80211_key *key;
110
111 key = container_of(kref, struct ieee80211_key, kref);
112 if (key->alg == ALG_CCMP)
113 ieee80211_aes_key_free(key->u.ccmp.tfm);
114 ieee80211_debugfs_key_remove(key);
115 kfree(key);
116}
117
118void ieee80211_key_free(struct ieee80211_key *key)
119{
120 if (key)
121 kref_put(&key->kref, ieee80211_key_release);
122}
123
124static int rate_list_match(const int *rate_list, int rate)
125{
126 int i;
127
128 if (!rate_list)
129 return 0;
130
131 for (i = 0; rate_list[i] >= 0; i++)
132 if (rate_list[i] == rate)
133 return 1;
134
135 return 0;
136}
137
138
139void ieee80211_prepare_rates(struct ieee80211_local *local,
140 struct ieee80211_hw_mode *mode)
141{
142 int i;
143
144 for (i = 0; i < mode->num_rates; i++) {
145 struct ieee80211_rate *rate = &mode->rates[i];
146
147 rate->flags &= ~(IEEE80211_RATE_SUPPORTED |
148 IEEE80211_RATE_BASIC);
149
150 if (local->supp_rates[mode->mode]) {
151 if (!rate_list_match(local->supp_rates[mode->mode],
152 rate->rate))
153 continue;
154 }
155
156 rate->flags |= IEEE80211_RATE_SUPPORTED;
157
158 /* Use configured basic rate set if it is available. If not,
159 * use defaults that are sane for most cases. */
160 if (local->basic_rates[mode->mode]) {
161 if (rate_list_match(local->basic_rates[mode->mode],
162 rate->rate))
163 rate->flags |= IEEE80211_RATE_BASIC;
164 } else switch (mode->mode) {
165 case MODE_IEEE80211A:
166 if (rate->rate == 60 || rate->rate == 120 ||
167 rate->rate == 240)
168 rate->flags |= IEEE80211_RATE_BASIC;
169 break;
170 case MODE_IEEE80211B:
171 if (rate->rate == 10 || rate->rate == 20)
172 rate->flags |= IEEE80211_RATE_BASIC;
173 break;
174 case MODE_ATHEROS_TURBO:
175 if (rate->rate == 120 || rate->rate == 240 ||
176 rate->rate == 480)
177 rate->flags |= IEEE80211_RATE_BASIC;
178 break;
179 case MODE_IEEE80211G:
180 if (rate->rate == 10 || rate->rate == 20 ||
181 rate->rate == 55 || rate->rate == 110)
182 rate->flags |= IEEE80211_RATE_BASIC;
183 break;
184 }
185
186 /* Set ERP and MANDATORY flags based on phymode */
187 switch (mode->mode) {
188 case MODE_IEEE80211A:
189 if (rate->rate == 60 || rate->rate == 120 ||
190 rate->rate == 240)
191 rate->flags |= IEEE80211_RATE_MANDATORY;
192 break;
193 case MODE_IEEE80211B:
194 if (rate->rate == 10)
195 rate->flags |= IEEE80211_RATE_MANDATORY;
196 break;
197 case MODE_ATHEROS_TURBO:
198 break;
199 case MODE_IEEE80211G:
200 if (rate->rate == 10 || rate->rate == 20 ||
201 rate->rate == 55 || rate->rate == 110 ||
202 rate->rate == 60 || rate->rate == 120 ||
203 rate->rate == 240)
204 rate->flags |= IEEE80211_RATE_MANDATORY;
205 break;
206 }
207 if (ieee80211_is_erp_rate(mode->mode, rate->rate))
208 rate->flags |= IEEE80211_RATE_ERP;
209 }
210}
211
212
213static void ieee80211_key_threshold_notify(struct net_device *dev,
214 struct ieee80211_key *key,
215 struct sta_info *sta)
216{
217 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
218 struct sk_buff *skb;
219 struct ieee80211_msg_key_notification *msg;
220
221 /* if no one will get it anyway, don't even allocate it.
222 * unlikely because this is only relevant for APs
223 * where the device must be open... */
224 if (unlikely(!local->apdev))
225 return;
226
227 skb = dev_alloc_skb(sizeof(struct ieee80211_frame_info) +
228 sizeof(struct ieee80211_msg_key_notification));
229 if (!skb)
230 return;
231
232 skb_reserve(skb, sizeof(struct ieee80211_frame_info));
233 msg = (struct ieee80211_msg_key_notification *)
234 skb_put(skb, sizeof(struct ieee80211_msg_key_notification));
235 msg->tx_rx_count = key->tx_rx_count;
236 memcpy(msg->ifname, dev->name, IFNAMSIZ);
237 if (sta)
238 memcpy(msg->addr, sta->addr, ETH_ALEN);
239 else
240 memset(msg->addr, 0xff, ETH_ALEN);
241
242 key->tx_rx_count = 0;
243
244 ieee80211_rx_mgmt(local, skb, NULL,
245 ieee80211_msg_key_threshold_notification);
246}
247
248
249static u8 * ieee80211_get_bssid(struct ieee80211_hdr *hdr, size_t len)
250{
251 u16 fc;
252
253 if (len < 24)
254 return NULL;
255
256 fc = le16_to_cpu(hdr->frame_control);
257
258 switch (fc & IEEE80211_FCTL_FTYPE) {
259 case IEEE80211_FTYPE_DATA:
260 switch (fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) {
261 case IEEE80211_FCTL_TODS:
262 return hdr->addr1;
263 case (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS):
264 return NULL;
265 case IEEE80211_FCTL_FROMDS:
266 return hdr->addr2;
267 case 0:
268 return hdr->addr3;
269 }
270 break;
271 case IEEE80211_FTYPE_MGMT:
272 return hdr->addr3;
273 case IEEE80211_FTYPE_CTL:
274 if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PSPOLL)
275 return hdr->addr1;
276 else
277 return NULL;
278 }
279
280 return NULL;
281}
282
283int ieee80211_get_hdrlen(u16 fc)
284{
285 int hdrlen = 24;
286
287 switch (fc & IEEE80211_FCTL_FTYPE) {
288 case IEEE80211_FTYPE_DATA:
289 if ((fc & IEEE80211_FCTL_FROMDS) && (fc & IEEE80211_FCTL_TODS))
290 hdrlen = 30; /* Addr4 */
291 /*
292 * The QoS Control field is two bytes and its presence is
293 * indicated by the IEEE80211_STYPE_QOS_DATA bit. Add 2 to
294 * hdrlen if that bit is set.
295 * This works by masking out the bit and shifting it to
296 * bit position 1 so the result has the value 0 or 2.
297 */
298 hdrlen += (fc & IEEE80211_STYPE_QOS_DATA)
299 >> (ilog2(IEEE80211_STYPE_QOS_DATA)-1);
300 break;
301 case IEEE80211_FTYPE_CTL:
302 /*
303 * ACK and CTS are 10 bytes, all others 16. To see how
304 * to get this condition consider
305 * subtype mask: 0b0000000011110000 (0x00F0)
306 * ACK subtype: 0b0000000011010000 (0x00D0)
307 * CTS subtype: 0b0000000011000000 (0x00C0)
308 * bits that matter: ^^^ (0x00E0)
309 * value of those: 0b0000000011000000 (0x00C0)
310 */
311 if ((fc & 0xE0) == 0xC0)
312 hdrlen = 10;
313 else
314 hdrlen = 16;
315 break;
316 }
317
318 return hdrlen;
319}
320EXPORT_SYMBOL(ieee80211_get_hdrlen);
321
322int ieee80211_get_hdrlen_from_skb(const struct sk_buff *skb)
323{
324 const struct ieee80211_hdr *hdr = (const struct ieee80211_hdr *) skb->data;
325 int hdrlen;
326
327 if (unlikely(skb->len < 10))
328 return 0;
329 hdrlen = ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_control));
330 if (unlikely(hdrlen > skb->len))
331 return 0;
332 return hdrlen;
333}
334EXPORT_SYMBOL(ieee80211_get_hdrlen_from_skb);
335
336static int ieee80211_get_radiotap_len(struct sk_buff *skb)
337{
338 struct ieee80211_radiotap_header *hdr =
339 (struct ieee80211_radiotap_header *) skb->data;
340
341 return le16_to_cpu(hdr->it_len);
342}
343
344#ifdef CONFIG_MAC80211_LOWTX_FRAME_DUMP
345static void ieee80211_dump_frame(const char *ifname, const char *title,
346 const struct sk_buff *skb)
347{
348 const struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
349 u16 fc;
350 int hdrlen;
351
352 printk(KERN_DEBUG "%s: %s (len=%d)", ifname, title, skb->len);
353 if (skb->len < 4) {
354 printk("\n");
355 return;
356 }
357
358 fc = le16_to_cpu(hdr->frame_control);
359 hdrlen = ieee80211_get_hdrlen(fc);
360 if (hdrlen > skb->len)
361 hdrlen = skb->len;
362 if (hdrlen >= 4)
363 printk(" FC=0x%04x DUR=0x%04x",
364 fc, le16_to_cpu(hdr->duration_id));
365 if (hdrlen >= 10)
366 printk(" A1=" MAC_FMT, MAC_ARG(hdr->addr1));
367 if (hdrlen >= 16)
368 printk(" A2=" MAC_FMT, MAC_ARG(hdr->addr2));
369 if (hdrlen >= 24)
370 printk(" A3=" MAC_FMT, MAC_ARG(hdr->addr3));
371 if (hdrlen >= 30)
372 printk(" A4=" MAC_FMT, MAC_ARG(hdr->addr4));
373 printk("\n");
374}
375#else /* CONFIG_MAC80211_LOWTX_FRAME_DUMP */
376static inline void ieee80211_dump_frame(const char *ifname, const char *title,
377 struct sk_buff *skb)
378{
379}
380#endif /* CONFIG_MAC80211_LOWTX_FRAME_DUMP */
381
382
383static int ieee80211_is_eapol(const struct sk_buff *skb)
384{
385 const struct ieee80211_hdr *hdr;
386 u16 fc;
387 int hdrlen;
388
389 if (unlikely(skb->len < 10))
390 return 0;
391
392 hdr = (const struct ieee80211_hdr *) skb->data;
393 fc = le16_to_cpu(hdr->frame_control);
394
395 if (unlikely(!WLAN_FC_DATA_PRESENT(fc)))
396 return 0;
397
398 hdrlen = ieee80211_get_hdrlen(fc);
399
400 if (unlikely(skb->len >= hdrlen + sizeof(eapol_header) &&
401 memcmp(skb->data + hdrlen, eapol_header,
402 sizeof(eapol_header)) == 0))
403 return 1;
404
405 return 0;
406}
407
408
409static ieee80211_txrx_result
410ieee80211_tx_h_rate_ctrl(struct ieee80211_txrx_data *tx)
411{
412 struct rate_control_extra extra;
413
414 memset(&extra, 0, sizeof(extra));
415 extra.mode = tx->u.tx.mode;
416 extra.mgmt_data = tx->sdata &&
417 tx->sdata->type == IEEE80211_IF_TYPE_MGMT;
418 extra.ethertype = tx->ethertype;
419
420 tx->u.tx.rate = rate_control_get_rate(tx->local, tx->dev, tx->skb,
421 &extra);
422 if (unlikely(extra.probe != NULL)) {
423 tx->u.tx.control->flags |= IEEE80211_TXCTL_RATE_CTRL_PROBE;
424 tx->u.tx.probe_last_frag = 1;
425 tx->u.tx.control->alt_retry_rate = tx->u.tx.rate->val;
426 tx->u.tx.rate = extra.probe;
427 } else {
428 tx->u.tx.control->alt_retry_rate = -1;
429 }
430 if (!tx->u.tx.rate)
431 return TXRX_DROP;
432 if (tx->u.tx.mode->mode == MODE_IEEE80211G &&
433 tx->local->cts_protect_erp_frames && tx->fragmented &&
434 extra.nonerp) {
435 tx->u.tx.last_frag_rate = tx->u.tx.rate;
436 tx->u.tx.probe_last_frag = extra.probe ? 1 : 0;
437
438 tx->u.tx.rate = extra.nonerp;
439 tx->u.tx.control->rate = extra.nonerp;
440 tx->u.tx.control->flags &= ~IEEE80211_TXCTL_RATE_CTRL_PROBE;
441 } else {
442 tx->u.tx.last_frag_rate = tx->u.tx.rate;
443 tx->u.tx.control->rate = tx->u.tx.rate;
444 }
445 tx->u.tx.control->tx_rate = tx->u.tx.rate->val;
446 if ((tx->u.tx.rate->flags & IEEE80211_RATE_PREAMBLE2) &&
447 tx->local->short_preamble &&
448 (!tx->sta || (tx->sta->flags & WLAN_STA_SHORT_PREAMBLE))) {
449 tx->u.tx.short_preamble = 1;
450 tx->u.tx.control->tx_rate = tx->u.tx.rate->val2;
451 }
452
453 return TXRX_CONTINUE;
454}
455
456
457static ieee80211_txrx_result
458ieee80211_tx_h_select_key(struct ieee80211_txrx_data *tx)
459{
460 if (tx->sta)
461 tx->u.tx.control->key_idx = tx->sta->key_idx_compression;
462 else
463 tx->u.tx.control->key_idx = HW_KEY_IDX_INVALID;
464
465 if (unlikely(tx->u.tx.control->flags & IEEE80211_TXCTL_DO_NOT_ENCRYPT))
466 tx->key = NULL;
467 else if (tx->sta && tx->sta->key)
468 tx->key = tx->sta->key;
469 else if (tx->sdata->default_key)
470 tx->key = tx->sdata->default_key;
471 else if (tx->sdata->drop_unencrypted &&
472 !(tx->sdata->eapol && ieee80211_is_eapol(tx->skb))) {
473 I802_DEBUG_INC(tx->local->tx_handlers_drop_unencrypted);
474 return TXRX_DROP;
475 } else
476 tx->key = NULL;
477
478 if (tx->key) {
479 tx->key->tx_rx_count++;
480 if (unlikely(tx->local->key_tx_rx_threshold &&
481 tx->key->tx_rx_count >
482 tx->local->key_tx_rx_threshold)) {
483 ieee80211_key_threshold_notify(tx->dev, tx->key,
484 tx->sta);
485 }
486 }
487
488 return TXRX_CONTINUE;
489}
490
491
492static ieee80211_txrx_result
493ieee80211_tx_h_fragment(struct ieee80211_txrx_data *tx)
494{
495 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
496 size_t hdrlen, per_fragm, num_fragm, payload_len, left;
497 struct sk_buff **frags, *first, *frag;
498 int i;
499 u16 seq;
500 u8 *pos;
501 int frag_threshold = tx->local->fragmentation_threshold;
502
503 if (!tx->fragmented)
504 return TXRX_CONTINUE;
505
506 first = tx->skb;
507
508 hdrlen = ieee80211_get_hdrlen(tx->fc);
509 payload_len = first->len - hdrlen;
510 per_fragm = frag_threshold - hdrlen - FCS_LEN;
511 num_fragm = (payload_len + per_fragm - 1) / per_fragm;
512
513 frags = kzalloc(num_fragm * sizeof(struct sk_buff *), GFP_ATOMIC);
514 if (!frags)
515 goto fail;
516
517 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_MOREFRAGS);
518 seq = le16_to_cpu(hdr->seq_ctrl) & IEEE80211_SCTL_SEQ;
519 pos = first->data + hdrlen + per_fragm;
520 left = payload_len - per_fragm;
521 for (i = 0; i < num_fragm - 1; i++) {
522 struct ieee80211_hdr *fhdr;
523 size_t copylen;
524
525 if (left <= 0)
526 goto fail;
527
528 /* reserve enough extra head and tail room for possible
529 * encryption */
530 frag = frags[i] =
531 dev_alloc_skb(tx->local->hw.extra_tx_headroom +
532 frag_threshold +
533 IEEE80211_ENCRYPT_HEADROOM +
534 IEEE80211_ENCRYPT_TAILROOM);
535 if (!frag)
536 goto fail;
537 /* Make sure that all fragments use the same priority so
538 * that they end up using the same TX queue */
539 frag->priority = first->priority;
540 skb_reserve(frag, tx->local->hw.extra_tx_headroom +
541 IEEE80211_ENCRYPT_HEADROOM);
542 fhdr = (struct ieee80211_hdr *) skb_put(frag, hdrlen);
543 memcpy(fhdr, first->data, hdrlen);
544 if (i == num_fragm - 2)
545 fhdr->frame_control &= cpu_to_le16(~IEEE80211_FCTL_MOREFRAGS);
546 fhdr->seq_ctrl = cpu_to_le16(seq | ((i + 1) & IEEE80211_SCTL_FRAG));
547 copylen = left > per_fragm ? per_fragm : left;
548 memcpy(skb_put(frag, copylen), pos, copylen);
549
550 pos += copylen;
551 left -= copylen;
552 }
553 skb_trim(first, hdrlen + per_fragm);
554
555 tx->u.tx.num_extra_frag = num_fragm - 1;
556 tx->u.tx.extra_frag = frags;
557
558 return TXRX_CONTINUE;
559
560 fail:
561 printk(KERN_DEBUG "%s: failed to fragment frame\n", tx->dev->name);
562 if (frags) {
563 for (i = 0; i < num_fragm - 1; i++)
564 if (frags[i])
565 dev_kfree_skb(frags[i]);
566 kfree(frags);
567 }
568 I802_DEBUG_INC(tx->local->tx_handlers_drop_fragment);
569 return TXRX_DROP;
570}
571
572
573static int wep_encrypt_skb(struct ieee80211_txrx_data *tx, struct sk_buff *skb)
574{
575 if (tx->key->force_sw_encrypt) {
576 if (ieee80211_wep_encrypt(tx->local, skb, tx->key))
577 return -1;
578 } else {
579 tx->u.tx.control->key_idx = tx->key->hw_key_idx;
580 if (tx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) {
581 if (ieee80211_wep_add_iv(tx->local, skb, tx->key) ==
582 NULL)
583 return -1;
584 }
585 }
586 return 0;
587}
588
589
590void ieee80211_tx_set_iswep(struct ieee80211_txrx_data *tx)
591{
592 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
593
594 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
595 if (tx->u.tx.extra_frag) {
596 struct ieee80211_hdr *fhdr;
597 int i;
598 for (i = 0; i < tx->u.tx.num_extra_frag; i++) {
599 fhdr = (struct ieee80211_hdr *)
600 tx->u.tx.extra_frag[i]->data;
601 fhdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
602 }
603 }
604}
605
606
607static ieee80211_txrx_result
608ieee80211_tx_h_wep_encrypt(struct ieee80211_txrx_data *tx)
609{
610 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
611 u16 fc;
612
613 fc = le16_to_cpu(hdr->frame_control);
614
615 if (!tx->key || tx->key->alg != ALG_WEP ||
616 ((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA &&
617 ((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
618 (fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH)))
619 return TXRX_CONTINUE;
620
621 tx->u.tx.control->iv_len = WEP_IV_LEN;
622 tx->u.tx.control->icv_len = WEP_ICV_LEN;
623 ieee80211_tx_set_iswep(tx);
624
625 if (wep_encrypt_skb(tx, tx->skb) < 0) {
626 I802_DEBUG_INC(tx->local->tx_handlers_drop_wep);
627 return TXRX_DROP;
628 }
629
630 if (tx->u.tx.extra_frag) {
631 int i;
632 for (i = 0; i < tx->u.tx.num_extra_frag; i++) {
633 if (wep_encrypt_skb(tx, tx->u.tx.extra_frag[i]) < 0) {
634 I802_DEBUG_INC(tx->local->
635 tx_handlers_drop_wep);
636 return TXRX_DROP;
637 }
638 }
639 }
640
641 return TXRX_CONTINUE;
642}
643
644
645static int ieee80211_frame_duration(struct ieee80211_local *local, size_t len,
646 int rate, int erp, int short_preamble)
647{
648 int dur;
649
650 /* calculate duration (in microseconds, rounded up to next higher
651 * integer if it includes a fractional microsecond) to send frame of
652 * len bytes (does not include FCS) at the given rate. Duration will
653 * also include SIFS.
654 *
655 * rate is in 100 kbps, so divident is multiplied by 10 in the
656 * DIV_ROUND_UP() operations.
657 */
658
659 if (local->hw.conf.phymode == MODE_IEEE80211A || erp ||
660 local->hw.conf.phymode == MODE_ATHEROS_TURBO) {
661 /*
662 * OFDM:
663 *
664 * N_DBPS = DATARATE x 4
665 * N_SYM = Ceiling((16+8xLENGTH+6) / N_DBPS)
666 * (16 = SIGNAL time, 6 = tail bits)
667 * TXTIME = T_PREAMBLE + T_SIGNAL + T_SYM x N_SYM + Signal Ext
668 *
669 * T_SYM = 4 usec
670 * 802.11a - 17.5.2: aSIFSTime = 16 usec
671 * 802.11g - 19.8.4: aSIFSTime = 10 usec +
672 * signal ext = 6 usec
673 */
674 /* FIX: Atheros Turbo may have different (shorter) duration? */
675 dur = 16; /* SIFS + signal ext */
676 dur += 16; /* 17.3.2.3: T_PREAMBLE = 16 usec */
677 dur += 4; /* 17.3.2.3: T_SIGNAL = 4 usec */
678 dur += 4 * DIV_ROUND_UP((16 + 8 * (len + 4) + 6) * 10,
679 4 * rate); /* T_SYM x N_SYM */
680 } else {
681 /*
682 * 802.11b or 802.11g with 802.11b compatibility:
683 * 18.3.4: TXTIME = PreambleLength + PLCPHeaderTime +
684 * Ceiling(((LENGTH+PBCC)x8)/DATARATE). PBCC=0.
685 *
686 * 802.11 (DS): 15.3.3, 802.11b: 18.3.4
687 * aSIFSTime = 10 usec
688 * aPreambleLength = 144 usec or 72 usec with short preamble
689 * aPLCPHeaderLength = 48 usec or 24 usec with short preamble
690 */
691 dur = 10; /* aSIFSTime = 10 usec */
692 dur += short_preamble ? (72 + 24) : (144 + 48);
693
694 dur += DIV_ROUND_UP(8 * (len + 4) * 10, rate);
695 }
696
697 return dur;
698}
699
700
701/* Exported duration function for driver use */
702__le16 ieee80211_generic_frame_duration(struct ieee80211_hw *hw,
703 size_t frame_len, int rate)
704{
705 struct ieee80211_local *local = hw_to_local(hw);
706 u16 dur;
707 int erp;
708
709 erp = ieee80211_is_erp_rate(hw->conf.phymode, rate);
710 dur = ieee80211_frame_duration(local, frame_len, rate,
711 erp, local->short_preamble);
712
713 return cpu_to_le16(dur);
714}
715EXPORT_SYMBOL(ieee80211_generic_frame_duration);
716
717
718static u16 ieee80211_duration(struct ieee80211_txrx_data *tx, int group_addr,
719 int next_frag_len)
720{
721 int rate, mrate, erp, dur, i;
722 struct ieee80211_rate *txrate = tx->u.tx.rate;
723 struct ieee80211_local *local = tx->local;
724 struct ieee80211_hw_mode *mode = tx->u.tx.mode;
725
726 erp = txrate->flags & IEEE80211_RATE_ERP;
727
728 /*
729 * data and mgmt (except PS Poll):
730 * - during CFP: 32768
731 * - during contention period:
732 * if addr1 is group address: 0
733 * if more fragments = 0 and addr1 is individual address: time to
734 * transmit one ACK plus SIFS
735 * if more fragments = 1 and addr1 is individual address: time to
736 * transmit next fragment plus 2 x ACK plus 3 x SIFS
737 *
738 * IEEE 802.11, 9.6:
739 * - control response frame (CTS or ACK) shall be transmitted using the
740 * same rate as the immediately previous frame in the frame exchange
741 * sequence, if this rate belongs to the PHY mandatory rates, or else
742 * at the highest possible rate belonging to the PHY rates in the
743 * BSSBasicRateSet
744 */
745
746 if ((tx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_CTL) {
747 /* TODO: These control frames are not currently sent by
748 * 80211.o, but should they be implemented, this function
749 * needs to be updated to support duration field calculation.
750 *
751 * RTS: time needed to transmit pending data/mgmt frame plus
752 * one CTS frame plus one ACK frame plus 3 x SIFS
753 * CTS: duration of immediately previous RTS minus time
754 * required to transmit CTS and its SIFS
755 * ACK: 0 if immediately previous directed data/mgmt had
756 * more=0, with more=1 duration in ACK frame is duration
757 * from previous frame minus time needed to transmit ACK
758 * and its SIFS
759 * PS Poll: BIT(15) | BIT(14) | aid
760 */
761 return 0;
762 }
763
764 /* data/mgmt */
765 if (0 /* FIX: data/mgmt during CFP */)
766 return 32768;
767
768 if (group_addr) /* Group address as the destination - no ACK */
769 return 0;
770
771 /* Individual destination address:
772 * IEEE 802.11, Ch. 9.6 (after IEEE 802.11g changes)
773 * CTS and ACK frames shall be transmitted using the highest rate in
774 * basic rate set that is less than or equal to the rate of the
775 * immediately previous frame and that is using the same modulation
776 * (CCK or OFDM). If no basic rate set matches with these requirements,
777 * the highest mandatory rate of the PHY that is less than or equal to
778 * the rate of the previous frame is used.
779 * Mandatory rates for IEEE 802.11g PHY: 1, 2, 5.5, 11, 6, 12, 24 Mbps
780 */
781 rate = -1;
782 mrate = 10; /* use 1 Mbps if everything fails */
783 for (i = 0; i < mode->num_rates; i++) {
784 struct ieee80211_rate *r = &mode->rates[i];
785 if (r->rate > txrate->rate)
786 break;
787
788 if (IEEE80211_RATE_MODULATION(txrate->flags) !=
789 IEEE80211_RATE_MODULATION(r->flags))
790 continue;
791
792 if (r->flags & IEEE80211_RATE_BASIC)
793 rate = r->rate;
794 else if (r->flags & IEEE80211_RATE_MANDATORY)
795 mrate = r->rate;
796 }
797 if (rate == -1) {
798 /* No matching basic rate found; use highest suitable mandatory
799 * PHY rate */
800 rate = mrate;
801 }
802
803 /* Time needed to transmit ACK
804 * (10 bytes + 4-byte FCS = 112 bits) plus SIFS; rounded up
805 * to closest integer */
806
807 dur = ieee80211_frame_duration(local, 10, rate, erp,
808 local->short_preamble);
809
810 if (next_frag_len) {
811 /* Frame is fragmented: duration increases with time needed to
812 * transmit next fragment plus ACK and 2 x SIFS. */
813 dur *= 2; /* ACK + SIFS */
814 /* next fragment */
815 dur += ieee80211_frame_duration(local, next_frag_len,
816 txrate->rate, erp,
817 local->short_preamble);
818 }
819
820 return dur;
821}
822
823
824static ieee80211_txrx_result
825ieee80211_tx_h_misc(struct ieee80211_txrx_data *tx)
826{
827 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
828 u16 dur;
829 struct ieee80211_tx_control *control = tx->u.tx.control;
830 struct ieee80211_hw_mode *mode = tx->u.tx.mode;
831
832 if (!is_multicast_ether_addr(hdr->addr1)) {
833 if (tx->skb->len + FCS_LEN > tx->local->rts_threshold &&
834 tx->local->rts_threshold < IEEE80211_MAX_RTS_THRESHOLD) {
835 control->flags |= IEEE80211_TXCTL_USE_RTS_CTS;
836 control->retry_limit =
837 tx->local->long_retry_limit;
838 } else {
839 control->retry_limit =
840 tx->local->short_retry_limit;
841 }
842 } else {
843 control->retry_limit = 1;
844 }
845
846 if (tx->fragmented) {
847 /* Do not use multiple retry rates when sending fragmented
848 * frames.
849 * TODO: The last fragment could still use multiple retry
850 * rates. */
851 control->alt_retry_rate = -1;
852 }
853
854 /* Use CTS protection for unicast frames sent using extended rates if
855 * there are associated non-ERP stations and RTS/CTS is not configured
856 * for the frame. */
857 if (mode->mode == MODE_IEEE80211G &&
858 (tx->u.tx.rate->flags & IEEE80211_RATE_ERP) &&
859 tx->u.tx.unicast &&
860 tx->local->cts_protect_erp_frames &&
861 !(control->flags & IEEE80211_TXCTL_USE_RTS_CTS))
862 control->flags |= IEEE80211_TXCTL_USE_CTS_PROTECT;
863
864 /* Setup duration field for the first fragment of the frame. Duration
865 * for remaining fragments will be updated when they are being sent
866 * to low-level driver in ieee80211_tx(). */
867 dur = ieee80211_duration(tx, is_multicast_ether_addr(hdr->addr1),
868 tx->fragmented ? tx->u.tx.extra_frag[0]->len :
869 0);
870 hdr->duration_id = cpu_to_le16(dur);
871
872 if ((control->flags & IEEE80211_TXCTL_USE_RTS_CTS) ||
873 (control->flags & IEEE80211_TXCTL_USE_CTS_PROTECT)) {
874 struct ieee80211_rate *rate;
875
876 /* Do not use multiple retry rates when using RTS/CTS */
877 control->alt_retry_rate = -1;
878
879 /* Use min(data rate, max base rate) as CTS/RTS rate */
880 rate = tx->u.tx.rate;
881 while (rate > mode->rates &&
882 !(rate->flags & IEEE80211_RATE_BASIC))
883 rate--;
884
885 control->rts_cts_rate = rate->val;
886 control->rts_rate = rate;
887 }
888
889 if (tx->sta) {
890 tx->sta->tx_packets++;
891 tx->sta->tx_fragments++;
892 tx->sta->tx_bytes += tx->skb->len;
893 if (tx->u.tx.extra_frag) {
894 int i;
895 tx->sta->tx_fragments += tx->u.tx.num_extra_frag;
896 for (i = 0; i < tx->u.tx.num_extra_frag; i++) {
897 tx->sta->tx_bytes +=
898 tx->u.tx.extra_frag[i]->len;
899 }
900 }
901 }
902
903 return TXRX_CONTINUE;
904}
905
906
907static ieee80211_txrx_result
908ieee80211_tx_h_check_assoc(struct ieee80211_txrx_data *tx)
909{
910#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
911 struct sk_buff *skb = tx->skb;
912 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
913#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
914 u32 sta_flags;
915
916 if (unlikely(tx->local->sta_scanning != 0) &&
917 ((tx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
918 (tx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_PROBE_REQ))
919 return TXRX_DROP;
920
921 if (tx->u.tx.ps_buffered)
922 return TXRX_CONTINUE;
923
924 sta_flags = tx->sta ? tx->sta->flags : 0;
925
926 if (likely(tx->u.tx.unicast)) {
927 if (unlikely(!(sta_flags & WLAN_STA_ASSOC) &&
928 tx->sdata->type != IEEE80211_IF_TYPE_IBSS &&
929 (tx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA)) {
930#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
931 printk(KERN_DEBUG "%s: dropped data frame to not "
932 "associated station " MAC_FMT "\n",
933 tx->dev->name, MAC_ARG(hdr->addr1));
934#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
935 I802_DEBUG_INC(tx->local->tx_handlers_drop_not_assoc);
936 return TXRX_DROP;
937 }
938 } else {
939 if (unlikely((tx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
940 tx->local->num_sta == 0 &&
941 !tx->local->allow_broadcast_always &&
942 tx->sdata->type != IEEE80211_IF_TYPE_IBSS)) {
943 /*
944 * No associated STAs - no need to send multicast
945 * frames.
946 */
947 return TXRX_DROP;
948 }
949 return TXRX_CONTINUE;
950 }
951
952 if (unlikely(!tx->u.tx.mgmt_interface && tx->sdata->ieee802_1x &&
953 !(sta_flags & WLAN_STA_AUTHORIZED))) {
954#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
955 printk(KERN_DEBUG "%s: dropped frame to " MAC_FMT
956 " (unauthorized port)\n", tx->dev->name,
957 MAC_ARG(hdr->addr1));
958#endif
959 I802_DEBUG_INC(tx->local->tx_handlers_drop_unauth_port);
960 return TXRX_DROP;
961 }
962
963 return TXRX_CONTINUE;
964}
965
966static ieee80211_txrx_result
967ieee80211_tx_h_sequence(struct ieee80211_txrx_data *tx)
968{
969 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data;
970
971 if (ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_control)) >= 24)
972 ieee80211_include_sequence(tx->sdata, hdr);
973
974 return TXRX_CONTINUE;
975}
976
977/* This function is called whenever the AP is about to exceed the maximum limit
978 * of buffered frames for power saving STAs. This situation should not really
979 * happen often during normal operation, so dropping the oldest buffered packet
980 * from each queue should be OK to make some room for new frames. */
981static void purge_old_ps_buffers(struct ieee80211_local *local)
982{
983 int total = 0, purged = 0;
984 struct sk_buff *skb;
985 struct ieee80211_sub_if_data *sdata;
986 struct sta_info *sta;
987
988 read_lock(&local->sub_if_lock);
989 list_for_each_entry(sdata, &local->sub_if_list, list) {
990 struct ieee80211_if_ap *ap;
991 if (sdata->dev == local->mdev ||
992 sdata->type != IEEE80211_IF_TYPE_AP)
993 continue;
994 ap = &sdata->u.ap;
995 skb = skb_dequeue(&ap->ps_bc_buf);
996 if (skb) {
997 purged++;
998 dev_kfree_skb(skb);
999 }
1000 total += skb_queue_len(&ap->ps_bc_buf);
1001 }
1002 read_unlock(&local->sub_if_lock);
1003
1004 spin_lock_bh(&local->sta_lock);
1005 list_for_each_entry(sta, &local->sta_list, list) {
1006 skb = skb_dequeue(&sta->ps_tx_buf);
1007 if (skb) {
1008 purged++;
1009 dev_kfree_skb(skb);
1010 }
1011 total += skb_queue_len(&sta->ps_tx_buf);
1012 }
1013 spin_unlock_bh(&local->sta_lock);
1014
1015 local->total_ps_buffered = total;
1016 printk(KERN_DEBUG "%s: PS buffers full - purged %d frames\n",
1017 local->mdev->name, purged);
1018}
1019
1020
1021static inline ieee80211_txrx_result
1022ieee80211_tx_h_multicast_ps_buf(struct ieee80211_txrx_data *tx)
1023{
1024 /* broadcast/multicast frame */
1025 /* If any of the associated stations is in power save mode,
1026 * the frame is buffered to be sent after DTIM beacon frame */
1027 if ((tx->local->hw.flags & IEEE80211_HW_HOST_BROADCAST_PS_BUFFERING) &&
1028 tx->sdata->type != IEEE80211_IF_TYPE_WDS &&
1029 tx->sdata->bss && atomic_read(&tx->sdata->bss->num_sta_ps) &&
1030 !(tx->fc & IEEE80211_FCTL_ORDER)) {
1031 if (tx->local->total_ps_buffered >= TOTAL_MAX_TX_BUFFER)
1032 purge_old_ps_buffers(tx->local);
1033 if (skb_queue_len(&tx->sdata->bss->ps_bc_buf) >=
1034 AP_MAX_BC_BUFFER) {
1035 if (net_ratelimit()) {
1036 printk(KERN_DEBUG "%s: BC TX buffer full - "
1037 "dropping the oldest frame\n",
1038 tx->dev->name);
1039 }
1040 dev_kfree_skb(skb_dequeue(&tx->sdata->bss->ps_bc_buf));
1041 } else
1042 tx->local->total_ps_buffered++;
1043 skb_queue_tail(&tx->sdata->bss->ps_bc_buf, tx->skb);
1044 return TXRX_QUEUED;
1045 }
1046
1047 return TXRX_CONTINUE;
1048}
1049
1050
1051static inline ieee80211_txrx_result
1052ieee80211_tx_h_unicast_ps_buf(struct ieee80211_txrx_data *tx)
1053{
1054 struct sta_info *sta = tx->sta;
1055
1056 if (unlikely(!sta ||
1057 ((tx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT &&
1058 (tx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PROBE_RESP)))
1059 return TXRX_CONTINUE;
1060
1061 if (unlikely((sta->flags & WLAN_STA_PS) && !sta->pspoll)) {
1062 struct ieee80211_tx_packet_data *pkt_data;
1063#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
1064 printk(KERN_DEBUG "STA " MAC_FMT " aid %d: PS buffer (entries "
1065 "before %d)\n",
1066 MAC_ARG(sta->addr), sta->aid,
1067 skb_queue_len(&sta->ps_tx_buf));
1068#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
1069 sta->flags |= WLAN_STA_TIM;
1070 if (tx->local->total_ps_buffered >= TOTAL_MAX_TX_BUFFER)
1071 purge_old_ps_buffers(tx->local);
1072 if (skb_queue_len(&sta->ps_tx_buf) >= STA_MAX_TX_BUFFER) {
1073 struct sk_buff *old = skb_dequeue(&sta->ps_tx_buf);
1074 if (net_ratelimit()) {
1075 printk(KERN_DEBUG "%s: STA " MAC_FMT " TX "
1076 "buffer full - dropping oldest frame\n",
1077 tx->dev->name, MAC_ARG(sta->addr));
1078 }
1079 dev_kfree_skb(old);
1080 } else
1081 tx->local->total_ps_buffered++;
1082 /* Queue frame to be sent after STA sends an PS Poll frame */
1083 if (skb_queue_empty(&sta->ps_tx_buf)) {
1084 if (tx->local->ops->set_tim)
1085 tx->local->ops->set_tim(local_to_hw(tx->local),
1086 sta->aid, 1);
1087 if (tx->sdata->bss)
1088 bss_tim_set(tx->local, tx->sdata->bss, sta->aid);
1089 }
1090 pkt_data = (struct ieee80211_tx_packet_data *)tx->skb->cb;
1091 pkt_data->jiffies = jiffies;
1092 skb_queue_tail(&sta->ps_tx_buf, tx->skb);
1093 return TXRX_QUEUED;
1094 }
1095#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
1096 else if (unlikely(sta->flags & WLAN_STA_PS)) {
1097 printk(KERN_DEBUG "%s: STA " MAC_FMT " in PS mode, but pspoll "
1098 "set -> send frame\n", tx->dev->name,
1099 MAC_ARG(sta->addr));
1100 }
1101#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
1102 sta->pspoll = 0;
1103
1104 return TXRX_CONTINUE;
1105}
1106
1107
1108static ieee80211_txrx_result
1109ieee80211_tx_h_ps_buf(struct ieee80211_txrx_data *tx)
1110{
1111 if (unlikely(tx->u.tx.ps_buffered))
1112 return TXRX_CONTINUE;
1113
1114 if (tx->u.tx.unicast)
1115 return ieee80211_tx_h_unicast_ps_buf(tx);
1116 else
1117 return ieee80211_tx_h_multicast_ps_buf(tx);
1118}
1119
1120
1121static void inline
1122__ieee80211_tx_prepare(struct ieee80211_txrx_data *tx,
1123 struct sk_buff *skb,
1124 struct net_device *dev,
1125 struct ieee80211_tx_control *control)
1126{
1127 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1128 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
1129 int hdrlen;
1130
1131 memset(tx, 0, sizeof(*tx));
1132 tx->skb = skb;
1133 tx->dev = dev; /* use original interface */
1134 tx->local = local;
1135 tx->sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1136 tx->sta = sta_info_get(local, hdr->addr1);
1137 tx->fc = le16_to_cpu(hdr->frame_control);
1138 control->power_level = local->hw.conf.power_level;
1139 tx->u.tx.control = control;
1140 tx->u.tx.unicast = !is_multicast_ether_addr(hdr->addr1);
1141 if (is_multicast_ether_addr(hdr->addr1))
1142 control->flags |= IEEE80211_TXCTL_NO_ACK;
1143 else
1144 control->flags &= ~IEEE80211_TXCTL_NO_ACK;
1145 tx->fragmented = local->fragmentation_threshold <
1146 IEEE80211_MAX_FRAG_THRESHOLD && tx->u.tx.unicast &&
1147 skb->len + FCS_LEN > local->fragmentation_threshold &&
1148 (!local->ops->set_frag_threshold);
1149 if (!tx->sta)
1150 control->flags |= IEEE80211_TXCTL_CLEAR_DST_MASK;
1151 else if (tx->sta->clear_dst_mask) {
1152 control->flags |= IEEE80211_TXCTL_CLEAR_DST_MASK;
1153 tx->sta->clear_dst_mask = 0;
1154 }
1155 control->antenna_sel_tx = local->hw.conf.antenna_sel_tx;
1156 if (local->sta_antenna_sel != STA_ANTENNA_SEL_AUTO && tx->sta)
1157 control->antenna_sel_tx = tx->sta->antenna_sel_tx;
1158 hdrlen = ieee80211_get_hdrlen(tx->fc);
1159 if (skb->len > hdrlen + sizeof(rfc1042_header) + 2) {
1160 u8 *pos = &skb->data[hdrlen + sizeof(rfc1042_header)];
1161 tx->ethertype = (pos[0] << 8) | pos[1];
1162 }
1163 control->flags |= IEEE80211_TXCTL_FIRST_FRAGMENT;
1164
1165}
1166
1167static int inline is_ieee80211_device(struct net_device *dev,
1168 struct net_device *master)
1169{
1170 return (wdev_priv(dev->ieee80211_ptr) ==
1171 wdev_priv(master->ieee80211_ptr));
1172}
1173
1174/* Device in tx->dev has a reference added; use dev_put(tx->dev) when
1175 * finished with it. */
1176static int inline ieee80211_tx_prepare(struct ieee80211_txrx_data *tx,
1177 struct sk_buff *skb,
1178 struct net_device *mdev,
1179 struct ieee80211_tx_control *control)
1180{
1181 struct ieee80211_tx_packet_data *pkt_data;
1182 struct net_device *dev;
1183
1184 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb;
1185 dev = dev_get_by_index(pkt_data->ifindex);
1186 if (unlikely(dev && !is_ieee80211_device(dev, mdev))) {
1187 dev_put(dev);
1188 dev = NULL;
1189 }
1190 if (unlikely(!dev))
1191 return -ENODEV;
1192 __ieee80211_tx_prepare(tx, skb, dev, control);
1193 return 0;
1194}
1195
1196static inline int __ieee80211_queue_stopped(const struct ieee80211_local *local,
1197 int queue)
1198{
1199 return test_bit(IEEE80211_LINK_STATE_XOFF, &local->state[queue]);
1200}
1201
1202static inline int __ieee80211_queue_pending(const struct ieee80211_local *local,
1203 int queue)
1204{
1205 return test_bit(IEEE80211_LINK_STATE_PENDING, &local->state[queue]);
1206}
1207
1208#define IEEE80211_TX_OK 0
1209#define IEEE80211_TX_AGAIN 1
1210#define IEEE80211_TX_FRAG_AGAIN 2
1211
1212static int __ieee80211_tx(struct ieee80211_local *local, struct sk_buff *skb,
1213 struct ieee80211_txrx_data *tx)
1214{
1215 struct ieee80211_tx_control *control = tx->u.tx.control;
1216 int ret, i;
1217
1218 if (!ieee80211_qdisc_installed(local->mdev) &&
1219 __ieee80211_queue_stopped(local, 0)) {
1220 netif_stop_queue(local->mdev);
1221 return IEEE80211_TX_AGAIN;
1222 }
1223 if (skb) {
1224 ieee80211_dump_frame(local->mdev->name, "TX to low-level driver", skb);
1225 ret = local->ops->tx(local_to_hw(local), skb, control);
1226 if (ret)
1227 return IEEE80211_TX_AGAIN;
1228 local->mdev->trans_start = jiffies;
1229 ieee80211_led_tx(local, 1);
1230 }
1231 if (tx->u.tx.extra_frag) {
1232 control->flags &= ~(IEEE80211_TXCTL_USE_RTS_CTS |
1233 IEEE80211_TXCTL_USE_CTS_PROTECT |
1234 IEEE80211_TXCTL_CLEAR_DST_MASK |
1235 IEEE80211_TXCTL_FIRST_FRAGMENT);
1236 for (i = 0; i < tx->u.tx.num_extra_frag; i++) {
1237 if (!tx->u.tx.extra_frag[i])
1238 continue;
1239 if (__ieee80211_queue_stopped(local, control->queue))
1240 return IEEE80211_TX_FRAG_AGAIN;
1241 if (i == tx->u.tx.num_extra_frag) {
1242 control->tx_rate = tx->u.tx.last_frag_hwrate;
1243 control->rate = tx->u.tx.last_frag_rate;
1244 if (tx->u.tx.probe_last_frag)
1245 control->flags |=
1246 IEEE80211_TXCTL_RATE_CTRL_PROBE;
1247 else
1248 control->flags &=
1249 ~IEEE80211_TXCTL_RATE_CTRL_PROBE;
1250 }
1251
1252 ieee80211_dump_frame(local->mdev->name,
1253 "TX to low-level driver",
1254 tx->u.tx.extra_frag[i]);
1255 ret = local->ops->tx(local_to_hw(local),
1256 tx->u.tx.extra_frag[i],
1257 control);
1258 if (ret)
1259 return IEEE80211_TX_FRAG_AGAIN;
1260 local->mdev->trans_start = jiffies;
1261 ieee80211_led_tx(local, 1);
1262 tx->u.tx.extra_frag[i] = NULL;
1263 }
1264 kfree(tx->u.tx.extra_frag);
1265 tx->u.tx.extra_frag = NULL;
1266 }
1267 return IEEE80211_TX_OK;
1268}
1269
1270static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1271 struct ieee80211_tx_control *control, int mgmt)
1272{
1273 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1274 struct sta_info *sta;
1275 ieee80211_tx_handler *handler;
1276 struct ieee80211_txrx_data tx;
1277 ieee80211_txrx_result res = TXRX_DROP;
1278 int ret, i;
1279
1280 WARN_ON(__ieee80211_queue_pending(local, control->queue));
1281
1282 if (unlikely(skb->len < 10)) {
1283 dev_kfree_skb(skb);
1284 return 0;
1285 }
1286
1287 __ieee80211_tx_prepare(&tx, skb, dev, control);
1288 sta = tx.sta;
1289 tx.u.tx.mgmt_interface = mgmt;
1290 tx.u.tx.mode = local->hw.conf.mode;
1291
1292 for (handler = local->tx_handlers; *handler != NULL; handler++) {
1293 res = (*handler)(&tx);
1294 if (res != TXRX_CONTINUE)
1295 break;
1296 }
1297
1298 skb = tx.skb; /* handlers are allowed to change skb */
1299
1300 if (sta)
1301 sta_info_put(sta);
1302
1303 if (unlikely(res == TXRX_DROP)) {
1304 I802_DEBUG_INC(local->tx_handlers_drop);
1305 goto drop;
1306 }
1307
1308 if (unlikely(res == TXRX_QUEUED)) {
1309 I802_DEBUG_INC(local->tx_handlers_queued);
1310 return 0;
1311 }
1312
1313 if (tx.u.tx.extra_frag) {
1314 for (i = 0; i < tx.u.tx.num_extra_frag; i++) {
1315 int next_len, dur;
1316 struct ieee80211_hdr *hdr =
1317 (struct ieee80211_hdr *)
1318 tx.u.tx.extra_frag[i]->data;
1319
1320 if (i + 1 < tx.u.tx.num_extra_frag) {
1321 next_len = tx.u.tx.extra_frag[i + 1]->len;
1322 } else {
1323 next_len = 0;
1324 tx.u.tx.rate = tx.u.tx.last_frag_rate;
1325 tx.u.tx.last_frag_hwrate = tx.u.tx.rate->val;
1326 }
1327 dur = ieee80211_duration(&tx, 0, next_len);
1328 hdr->duration_id = cpu_to_le16(dur);
1329 }
1330 }
1331
1332retry:
1333 ret = __ieee80211_tx(local, skb, &tx);
1334 if (ret) {
1335 struct ieee80211_tx_stored_packet *store =
1336 &local->pending_packet[control->queue];
1337
1338 if (ret == IEEE80211_TX_FRAG_AGAIN)
1339 skb = NULL;
1340 set_bit(IEEE80211_LINK_STATE_PENDING,
1341 &local->state[control->queue]);
1342 smp_mb();
1343 /* When the driver gets out of buffers during sending of
1344 * fragments and calls ieee80211_stop_queue, there is
1345 * a small window between IEEE80211_LINK_STATE_XOFF and
1346 * IEEE80211_LINK_STATE_PENDING flags are set. If a buffer
1347 * gets available in that window (i.e. driver calls
1348 * ieee80211_wake_queue), we would end up with ieee80211_tx
1349 * called with IEEE80211_LINK_STATE_PENDING. Prevent this by
1350 * continuing transmitting here when that situation is
1351 * possible to have happened. */
1352 if (!__ieee80211_queue_stopped(local, control->queue)) {
1353 clear_bit(IEEE80211_LINK_STATE_PENDING,
1354 &local->state[control->queue]);
1355 goto retry;
1356 }
1357 memcpy(&store->control, control,
1358 sizeof(struct ieee80211_tx_control));
1359 store->skb = skb;
1360 store->extra_frag = tx.u.tx.extra_frag;
1361 store->num_extra_frag = tx.u.tx.num_extra_frag;
1362 store->last_frag_hwrate = tx.u.tx.last_frag_hwrate;
1363 store->last_frag_rate = tx.u.tx.last_frag_rate;
1364 store->last_frag_rate_ctrl_probe = tx.u.tx.probe_last_frag;
1365 }
1366 return 0;
1367
1368 drop:
1369 if (skb)
1370 dev_kfree_skb(skb);
1371 for (i = 0; i < tx.u.tx.num_extra_frag; i++)
1372 if (tx.u.tx.extra_frag[i])
1373 dev_kfree_skb(tx.u.tx.extra_frag[i]);
1374 kfree(tx.u.tx.extra_frag);
1375 return 0;
1376}
1377
1378static void ieee80211_tx_pending(unsigned long data)
1379{
1380 struct ieee80211_local *local = (struct ieee80211_local *)data;
1381 struct net_device *dev = local->mdev;
1382 struct ieee80211_tx_stored_packet *store;
1383 struct ieee80211_txrx_data tx;
1384 int i, ret, reschedule = 0;
1385
1386 netif_tx_lock_bh(dev);
1387 for (i = 0; i < local->hw.queues; i++) {
1388 if (__ieee80211_queue_stopped(local, i))
1389 continue;
1390 if (!__ieee80211_queue_pending(local, i)) {
1391 reschedule = 1;
1392 continue;
1393 }
1394 store = &local->pending_packet[i];
1395 tx.u.tx.control = &store->control;
1396 tx.u.tx.extra_frag = store->extra_frag;
1397 tx.u.tx.num_extra_frag = store->num_extra_frag;
1398 tx.u.tx.last_frag_hwrate = store->last_frag_hwrate;
1399 tx.u.tx.last_frag_rate = store->last_frag_rate;
1400 tx.u.tx.probe_last_frag = store->last_frag_rate_ctrl_probe;
1401 ret = __ieee80211_tx(local, store->skb, &tx);
1402 if (ret) {
1403 if (ret == IEEE80211_TX_FRAG_AGAIN)
1404 store->skb = NULL;
1405 } else {
1406 clear_bit(IEEE80211_LINK_STATE_PENDING,
1407 &local->state[i]);
1408 reschedule = 1;
1409 }
1410 }
1411 netif_tx_unlock_bh(dev);
1412 if (reschedule) {
1413 if (!ieee80211_qdisc_installed(dev)) {
1414 if (!__ieee80211_queue_stopped(local, 0))
1415 netif_wake_queue(dev);
1416 } else
1417 netif_schedule(dev);
1418 }
1419}
1420
1421static void ieee80211_clear_tx_pending(struct ieee80211_local *local)
1422{
1423 int i, j;
1424 struct ieee80211_tx_stored_packet *store;
1425
1426 for (i = 0; i < local->hw.queues; i++) {
1427 if (!__ieee80211_queue_pending(local, i))
1428 continue;
1429 store = &local->pending_packet[i];
1430 kfree_skb(store->skb);
1431 for (j = 0; j < store->num_extra_frag; j++)
1432 kfree_skb(store->extra_frag[j]);
1433 kfree(store->extra_frag);
1434 clear_bit(IEEE80211_LINK_STATE_PENDING, &local->state[i]);
1435 }
1436}
1437
1438static int ieee80211_master_start_xmit(struct sk_buff *skb,
1439 struct net_device *dev)
1440{
1441 struct ieee80211_tx_control control;
1442 struct ieee80211_tx_packet_data *pkt_data;
1443 struct net_device *odev = NULL;
1444 struct ieee80211_sub_if_data *osdata;
1445 int headroom;
1446 int ret;
1447
1448 /*
1449 * copy control out of the skb so other people can use skb->cb
1450 */
1451 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb;
1452 memset(&control, 0, sizeof(struct ieee80211_tx_control));
1453
1454 if (pkt_data->ifindex)
1455 odev = dev_get_by_index(pkt_data->ifindex);
1456 if (unlikely(odev && !is_ieee80211_device(odev, dev))) {
1457 dev_put(odev);
1458 odev = NULL;
1459 }
1460 if (unlikely(!odev)) {
1461#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
1462 printk(KERN_DEBUG "%s: Discarded packet with nonexistent "
1463 "originating device\n", dev->name);
1464#endif
1465 dev_kfree_skb(skb);
1466 return 0;
1467 }
1468 osdata = IEEE80211_DEV_TO_SUB_IF(odev);
1469
1470 headroom = osdata->local->hw.extra_tx_headroom +
1471 IEEE80211_ENCRYPT_HEADROOM;
1472 if (skb_headroom(skb) < headroom) {
1473 if (pskb_expand_head(skb, headroom, 0, GFP_ATOMIC)) {
1474 dev_kfree_skb(skb);
1475 return 0;
1476 }
1477 }
1478
1479 control.ifindex = odev->ifindex;
1480 control.type = osdata->type;
1481 if (pkt_data->req_tx_status)
1482 control.flags |= IEEE80211_TXCTL_REQ_TX_STATUS;
1483 if (pkt_data->do_not_encrypt)
1484 control.flags |= IEEE80211_TXCTL_DO_NOT_ENCRYPT;
1485 if (pkt_data->requeue)
1486 control.flags |= IEEE80211_TXCTL_REQUEUE;
1487 control.queue = pkt_data->queue;
1488
1489 ret = ieee80211_tx(odev, skb, &control,
1490 control.type == IEEE80211_IF_TYPE_MGMT);
1491 dev_put(odev);
1492
1493 return ret;
1494}
1495
1496
1497/**
1498 * ieee80211_subif_start_xmit - netif start_xmit function for Ethernet-type
1499 * subinterfaces (wlan#, WDS, and VLAN interfaces)
1500 * @skb: packet to be sent
1501 * @dev: incoming interface
1502 *
1503 * Returns: 0 on success (and frees skb in this case) or 1 on failure (skb will
1504 * not be freed, and caller is responsible for either retrying later or freeing
1505 * skb).
1506 *
1507 * This function takes in an Ethernet header and encapsulates it with suitable
1508 * IEEE 802.11 header based on which interface the packet is coming in. The
1509 * encapsulated packet will then be passed to master interface, wlan#.11, for
1510 * transmission (through low-level driver).
1511 */
1512static int ieee80211_subif_start_xmit(struct sk_buff *skb,
1513 struct net_device *dev)
1514{
1515 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1516 struct ieee80211_tx_packet_data *pkt_data;
1517 struct ieee80211_sub_if_data *sdata;
1518 int ret = 1, head_need;
1519 u16 ethertype, hdrlen, fc;
1520 struct ieee80211_hdr hdr;
1521 const u8 *encaps_data;
1522 int encaps_len, skip_header_bytes;
1523 int nh_pos, h_pos, no_encrypt = 0;
1524 struct sta_info *sta;
1525
1526 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1527 if (unlikely(skb->len < ETH_HLEN)) {
1528 printk(KERN_DEBUG "%s: short skb (len=%d)\n",
1529 dev->name, skb->len);
1530 ret = 0;
1531 goto fail;
1532 }
1533
1534 nh_pos = skb_network_header(skb) - skb->data;
1535 h_pos = skb_transport_header(skb) - skb->data;
1536
1537 /* convert Ethernet header to proper 802.11 header (based on
1538 * operation mode) */
1539 ethertype = (skb->data[12] << 8) | skb->data[13];
1540 /* TODO: handling for 802.1x authorized/unauthorized port */
1541 fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_DATA;
1542
1543 if (likely(sdata->type == IEEE80211_IF_TYPE_AP ||
1544 sdata->type == IEEE80211_IF_TYPE_VLAN)) {
1545 fc |= IEEE80211_FCTL_FROMDS;
1546 /* DA BSSID SA */
1547 memcpy(hdr.addr1, skb->data, ETH_ALEN);
1548 memcpy(hdr.addr2, dev->dev_addr, ETH_ALEN);
1549 memcpy(hdr.addr3, skb->data + ETH_ALEN, ETH_ALEN);
1550 hdrlen = 24;
1551 } else if (sdata->type == IEEE80211_IF_TYPE_WDS) {
1552 fc |= IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS;
1553 /* RA TA DA SA */
1554 memcpy(hdr.addr1, sdata->u.wds.remote_addr, ETH_ALEN);
1555 memcpy(hdr.addr2, dev->dev_addr, ETH_ALEN);
1556 memcpy(hdr.addr3, skb->data, ETH_ALEN);
1557 memcpy(hdr.addr4, skb->data + ETH_ALEN, ETH_ALEN);
1558 hdrlen = 30;
1559 } else if (sdata->type == IEEE80211_IF_TYPE_STA) {
1560 fc |= IEEE80211_FCTL_TODS;
1561 /* BSSID SA DA */
1562 memcpy(hdr.addr1, sdata->u.sta.bssid, ETH_ALEN);
1563 memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN);
1564 memcpy(hdr.addr3, skb->data, ETH_ALEN);
1565 hdrlen = 24;
1566 } else if (sdata->type == IEEE80211_IF_TYPE_IBSS) {
1567 /* DA SA BSSID */
1568 memcpy(hdr.addr1, skb->data, ETH_ALEN);
1569 memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN);
1570 memcpy(hdr.addr3, sdata->u.sta.bssid, ETH_ALEN);
1571 hdrlen = 24;
1572 } else {
1573 ret = 0;
1574 goto fail;
1575 }
1576
1577 /* receiver is QoS enabled, use a QoS type frame */
1578 sta = sta_info_get(local, hdr.addr1);
1579 if (sta) {
1580 if (sta->flags & WLAN_STA_WME) {
1581 fc |= IEEE80211_STYPE_QOS_DATA;
1582 hdrlen += 2;
1583 }
1584 sta_info_put(sta);
1585 }
1586
1587 hdr.frame_control = cpu_to_le16(fc);
1588 hdr.duration_id = 0;
1589 hdr.seq_ctrl = 0;
1590
1591 skip_header_bytes = ETH_HLEN;
1592 if (ethertype == ETH_P_AARP || ethertype == ETH_P_IPX) {
1593 encaps_data = bridge_tunnel_header;
1594 encaps_len = sizeof(bridge_tunnel_header);
1595 skip_header_bytes -= 2;
1596 } else if (ethertype >= 0x600) {
1597 encaps_data = rfc1042_header;
1598 encaps_len = sizeof(rfc1042_header);
1599 skip_header_bytes -= 2;
1600 } else {
1601 encaps_data = NULL;
1602 encaps_len = 0;
1603 }
1604
1605 skb_pull(skb, skip_header_bytes);
1606 nh_pos -= skip_header_bytes;
1607 h_pos -= skip_header_bytes;
1608
1609 /* TODO: implement support for fragments so that there is no need to
1610 * reallocate and copy payload; it might be enough to support one
1611 * extra fragment that would be copied in the beginning of the frame
1612 * data.. anyway, it would be nice to include this into skb structure
1613 * somehow
1614 *
1615 * There are few options for this:
1616 * use skb->cb as an extra space for 802.11 header
1617 * allocate new buffer if not enough headroom
1618 * make sure that there is enough headroom in every skb by increasing
1619 * build in headroom in __dev_alloc_skb() (linux/skbuff.h) and
1620 * alloc_skb() (net/core/skbuff.c)
1621 */
1622 head_need = hdrlen + encaps_len + local->hw.extra_tx_headroom;
1623 head_need -= skb_headroom(skb);
1624
1625 /* We are going to modify skb data, so make a copy of it if happens to
1626 * be cloned. This could happen, e.g., with Linux bridge code passing
1627 * us broadcast frames. */
1628
1629 if (head_need > 0 || skb_cloned(skb)) {
1630#if 0
1631 printk(KERN_DEBUG "%s: need to reallocate buffer for %d bytes "
1632 "of headroom\n", dev->name, head_need);
1633#endif
1634
1635 if (skb_cloned(skb))
1636 I802_DEBUG_INC(local->tx_expand_skb_head_cloned);
1637 else
1638 I802_DEBUG_INC(local->tx_expand_skb_head);
1639 /* Since we have to reallocate the buffer, make sure that there
1640 * is enough room for possible WEP IV/ICV and TKIP (8 bytes
1641 * before payload and 12 after). */
1642 if (pskb_expand_head(skb, (head_need > 0 ? head_need + 8 : 8),
1643 12, GFP_ATOMIC)) {
1644 printk(KERN_DEBUG "%s: failed to reallocate TX buffer"
1645 "\n", dev->name);
1646 goto fail;
1647 }
1648 }
1649
1650 if (encaps_data) {
1651 memcpy(skb_push(skb, encaps_len), encaps_data, encaps_len);
1652 nh_pos += encaps_len;
1653 h_pos += encaps_len;
1654 }
1655 memcpy(skb_push(skb, hdrlen), &hdr, hdrlen);
1656 nh_pos += hdrlen;
1657 h_pos += hdrlen;
1658
1659 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb;
1660 memset(pkt_data, 0, sizeof(struct ieee80211_tx_packet_data));
1661 pkt_data->ifindex = sdata->dev->ifindex;
1662 pkt_data->mgmt_iface = (sdata->type == IEEE80211_IF_TYPE_MGMT);
1663 pkt_data->do_not_encrypt = no_encrypt;
1664
1665 skb->dev = local->mdev;
1666 sdata->stats.tx_packets++;
1667 sdata->stats.tx_bytes += skb->len;
1668
1669 /* Update skb pointers to various headers since this modified frame
1670 * is going to go through Linux networking code that may potentially
1671 * need things like pointer to IP header. */
1672 skb_set_mac_header(skb, 0);
1673 skb_set_network_header(skb, nh_pos);
1674 skb_set_transport_header(skb, h_pos);
1675
1676 dev->trans_start = jiffies;
1677 dev_queue_xmit(skb);
1678
1679 return 0;
1680
1681 fail:
1682 if (!ret)
1683 dev_kfree_skb(skb);
1684
1685 return ret;
1686}
1687
1688
1689/*
1690 * This is the transmit routine for the 802.11 type interfaces
1691 * called by upper layers of the linux networking
1692 * stack when it has a frame to transmit
1693 */
1694static int
1695ieee80211_mgmt_start_xmit(struct sk_buff *skb, struct net_device *dev)
1696{
1697 struct ieee80211_sub_if_data *sdata;
1698 struct ieee80211_tx_packet_data *pkt_data;
1699 struct ieee80211_hdr *hdr;
1700 u16 fc;
1701
1702 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1703
1704 if (skb->len < 10) {
1705 dev_kfree_skb(skb);
1706 return 0;
1707 }
1708
1709 if (skb_headroom(skb) < sdata->local->hw.extra_tx_headroom) {
1710 if (pskb_expand_head(skb,
1711 sdata->local->hw.extra_tx_headroom, 0, GFP_ATOMIC)) {
1712 dev_kfree_skb(skb);
1713 return 0;
1714 }
1715 }
1716
1717 hdr = (struct ieee80211_hdr *) skb->data;
1718 fc = le16_to_cpu(hdr->frame_control);
1719
1720 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb;
1721 memset(pkt_data, 0, sizeof(struct ieee80211_tx_packet_data));
1722 pkt_data->ifindex = sdata->dev->ifindex;
1723 pkt_data->mgmt_iface = (sdata->type == IEEE80211_IF_TYPE_MGMT);
1724
1725 skb->priority = 20; /* use hardcoded priority for mgmt TX queue */
1726 skb->dev = sdata->local->mdev;
1727
1728 /*
1729 * We're using the protocol field of the the frame control header
1730 * to request TX callback for hostapd. BIT(1) is checked.
1731 */
1732 if ((fc & BIT(1)) == BIT(1)) {
1733 pkt_data->req_tx_status = 1;
1734 fc &= ~BIT(1);
1735 hdr->frame_control = cpu_to_le16(fc);
1736 }
1737
1738 pkt_data->do_not_encrypt = !(fc & IEEE80211_FCTL_PROTECTED);
1739
1740 sdata->stats.tx_packets++;
1741 sdata->stats.tx_bytes += skb->len;
1742
1743 dev_queue_xmit(skb);
1744
1745 return 0;
1746}
1747
1748
1749static void ieee80211_beacon_add_tim(struct ieee80211_local *local,
1750 struct ieee80211_if_ap *bss,
1751 struct sk_buff *skb)
1752{
1753 u8 *pos, *tim;
1754 int aid0 = 0;
1755 int i, have_bits = 0, n1, n2;
1756
1757 /* Generate bitmap for TIM only if there are any STAs in power save
1758 * mode. */
1759 spin_lock_bh(&local->sta_lock);
1760 if (atomic_read(&bss->num_sta_ps) > 0)
1761 /* in the hope that this is faster than
1762 * checking byte-for-byte */
1763 have_bits = !bitmap_empty((unsigned long*)bss->tim,
1764 IEEE80211_MAX_AID+1);
1765
1766 if (bss->dtim_count == 0)
1767 bss->dtim_count = bss->dtim_period - 1;
1768 else
1769 bss->dtim_count--;
1770
1771 tim = pos = (u8 *) skb_put(skb, 6);
1772 *pos++ = WLAN_EID_TIM;
1773 *pos++ = 4;
1774 *pos++ = bss->dtim_count;
1775 *pos++ = bss->dtim_period;
1776
1777 if (bss->dtim_count == 0 && !skb_queue_empty(&bss->ps_bc_buf))
1778 aid0 = 1;
1779
1780 if (have_bits) {
1781 /* Find largest even number N1 so that bits numbered 1 through
1782 * (N1 x 8) - 1 in the bitmap are 0 and number N2 so that bits
1783 * (N2 + 1) x 8 through 2007 are 0. */
1784 n1 = 0;
1785 for (i = 0; i < IEEE80211_MAX_TIM_LEN; i++) {
1786 if (bss->tim[i]) {
1787 n1 = i & 0xfe;
1788 break;
1789 }
1790 }
1791 n2 = n1;
1792 for (i = IEEE80211_MAX_TIM_LEN - 1; i >= n1; i--) {
1793 if (bss->tim[i]) {
1794 n2 = i;
1795 break;
1796 }
1797 }
1798
1799 /* Bitmap control */
1800 *pos++ = n1 | aid0;
1801 /* Part Virt Bitmap */
1802 memcpy(pos, bss->tim + n1, n2 - n1 + 1);
1803
1804 tim[1] = n2 - n1 + 4;
1805 skb_put(skb, n2 - n1);
1806 } else {
1807 *pos++ = aid0; /* Bitmap control */
1808 *pos++ = 0; /* Part Virt Bitmap */
1809 }
1810 spin_unlock_bh(&local->sta_lock);
1811}
1812
1813
1814struct sk_buff * ieee80211_beacon_get(struct ieee80211_hw *hw, int if_id,
1815 struct ieee80211_tx_control *control)
1816{
1817 struct ieee80211_local *local = hw_to_local(hw);
1818 struct sk_buff *skb;
1819 struct net_device *bdev;
1820 struct ieee80211_sub_if_data *sdata = NULL;
1821 struct ieee80211_if_ap *ap = NULL;
1822 struct ieee80211_rate *rate;
1823 struct rate_control_extra extra;
1824 u8 *b_head, *b_tail;
1825 int bh_len, bt_len;
1826
1827 bdev = dev_get_by_index(if_id);
1828 if (bdev) {
1829 sdata = IEEE80211_DEV_TO_SUB_IF(bdev);
1830 ap = &sdata->u.ap;
1831 dev_put(bdev);
1832 }
1833
1834 if (!ap || sdata->type != IEEE80211_IF_TYPE_AP ||
1835 !ap->beacon_head) {
1836#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
1837 if (net_ratelimit())
1838 printk(KERN_DEBUG "no beacon data avail for idx=%d "
1839 "(%s)\n", if_id, bdev ? bdev->name : "N/A");
1840#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
1841 return NULL;
1842 }
1843
1844 /* Assume we are generating the normal beacon locally */
1845 b_head = ap->beacon_head;
1846 b_tail = ap->beacon_tail;
1847 bh_len = ap->beacon_head_len;
1848 bt_len = ap->beacon_tail_len;
1849
1850 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
1851 bh_len + bt_len + 256 /* maximum TIM len */);
1852 if (!skb)
1853 return NULL;
1854
1855 skb_reserve(skb, local->hw.extra_tx_headroom);
1856 memcpy(skb_put(skb, bh_len), b_head, bh_len);
1857
1858 ieee80211_include_sequence(sdata, (struct ieee80211_hdr *)skb->data);
1859
1860 ieee80211_beacon_add_tim(local, ap, skb);
1861
1862 if (b_tail) {
1863 memcpy(skb_put(skb, bt_len), b_tail, bt_len);
1864 }
1865
1866 if (control) {
1867 memset(&extra, 0, sizeof(extra));
1868 extra.mode = local->oper_hw_mode;
1869
1870 rate = rate_control_get_rate(local, local->mdev, skb, &extra);
1871 if (!rate) {
1872 if (net_ratelimit()) {
1873 printk(KERN_DEBUG "%s: ieee80211_beacon_get: no rate "
1874 "found\n", local->mdev->name);
1875 }
1876 dev_kfree_skb(skb);
1877 return NULL;
1878 }
1879
1880 control->tx_rate = (local->short_preamble &&
1881 (rate->flags & IEEE80211_RATE_PREAMBLE2)) ?
1882 rate->val2 : rate->val;
1883 control->antenna_sel_tx = local->hw.conf.antenna_sel_tx;
1884 control->power_level = local->hw.conf.power_level;
1885 control->flags |= IEEE80211_TXCTL_NO_ACK;
1886 control->retry_limit = 1;
1887 control->flags |= IEEE80211_TXCTL_CLEAR_DST_MASK;
1888 }
1889
1890 ap->num_beacons++;
1891 return skb;
1892}
1893EXPORT_SYMBOL(ieee80211_beacon_get);
1894
1895__le16 ieee80211_rts_duration(struct ieee80211_hw *hw,
1896 size_t frame_len,
1897 const struct ieee80211_tx_control *frame_txctl)
1898{
1899 struct ieee80211_local *local = hw_to_local(hw);
1900 struct ieee80211_rate *rate;
1901 int short_preamble = local->short_preamble;
1902 int erp;
1903 u16 dur;
1904
1905 rate = frame_txctl->rts_rate;
1906 erp = !!(rate->flags & IEEE80211_RATE_ERP);
1907
1908 /* CTS duration */
1909 dur = ieee80211_frame_duration(local, 10, rate->rate,
1910 erp, short_preamble);
1911 /* Data frame duration */
1912 dur += ieee80211_frame_duration(local, frame_len, rate->rate,
1913 erp, short_preamble);
1914 /* ACK duration */
1915 dur += ieee80211_frame_duration(local, 10, rate->rate,
1916 erp, short_preamble);
1917
1918 return cpu_to_le16(dur);
1919}
1920EXPORT_SYMBOL(ieee80211_rts_duration);
1921
1922
1923__le16 ieee80211_ctstoself_duration(struct ieee80211_hw *hw,
1924 size_t frame_len,
1925 const struct ieee80211_tx_control *frame_txctl)
1926{
1927 struct ieee80211_local *local = hw_to_local(hw);
1928 struct ieee80211_rate *rate;
1929 int short_preamble = local->short_preamble;
1930 int erp;
1931 u16 dur;
1932
1933 rate = frame_txctl->rts_rate;
1934 erp = !!(rate->flags & IEEE80211_RATE_ERP);
1935
1936 /* Data frame duration */
1937 dur = ieee80211_frame_duration(local, frame_len, rate->rate,
1938 erp, short_preamble);
1939 if (!(frame_txctl->flags & IEEE80211_TXCTL_NO_ACK)) {
1940 /* ACK duration */
1941 dur += ieee80211_frame_duration(local, 10, rate->rate,
1942 erp, short_preamble);
1943 }
1944
1945 return cpu_to_le16(dur);
1946}
1947EXPORT_SYMBOL(ieee80211_ctstoself_duration);
1948
1949void ieee80211_rts_get(struct ieee80211_hw *hw,
1950 const void *frame, size_t frame_len,
1951 const struct ieee80211_tx_control *frame_txctl,
1952 struct ieee80211_rts *rts)
1953{
1954 const struct ieee80211_hdr *hdr = frame;
1955 u16 fctl;
1956
1957 fctl = IEEE80211_FTYPE_CTL | IEEE80211_STYPE_RTS;
1958 rts->frame_control = cpu_to_le16(fctl);
1959 rts->duration = ieee80211_rts_duration(hw, frame_len, frame_txctl);
1960 memcpy(rts->ra, hdr->addr1, sizeof(rts->ra));
1961 memcpy(rts->ta, hdr->addr2, sizeof(rts->ta));
1962}
1963EXPORT_SYMBOL(ieee80211_rts_get);
1964
1965void ieee80211_ctstoself_get(struct ieee80211_hw *hw,
1966 const void *frame, size_t frame_len,
1967 const struct ieee80211_tx_control *frame_txctl,
1968 struct ieee80211_cts *cts)
1969{
1970 const struct ieee80211_hdr *hdr = frame;
1971 u16 fctl;
1972
1973 fctl = IEEE80211_FTYPE_CTL | IEEE80211_STYPE_CTS;
1974 cts->frame_control = cpu_to_le16(fctl);
1975 cts->duration = ieee80211_ctstoself_duration(hw, frame_len, frame_txctl);
1976 memcpy(cts->ra, hdr->addr1, sizeof(cts->ra));
1977}
1978EXPORT_SYMBOL(ieee80211_ctstoself_get);
1979
1980struct sk_buff *
1981ieee80211_get_buffered_bc(struct ieee80211_hw *hw, int if_id,
1982 struct ieee80211_tx_control *control)
1983{
1984 struct ieee80211_local *local = hw_to_local(hw);
1985 struct sk_buff *skb;
1986 struct sta_info *sta;
1987 ieee80211_tx_handler *handler;
1988 struct ieee80211_txrx_data tx;
1989 ieee80211_txrx_result res = TXRX_DROP;
1990 struct net_device *bdev;
1991 struct ieee80211_sub_if_data *sdata;
1992 struct ieee80211_if_ap *bss = NULL;
1993
1994 bdev = dev_get_by_index(if_id);
1995 if (bdev) {
1996 sdata = IEEE80211_DEV_TO_SUB_IF(bdev);
1997 bss = &sdata->u.ap;
1998 dev_put(bdev);
1999 }
2000 if (!bss || sdata->type != IEEE80211_IF_TYPE_AP || !bss->beacon_head)
2001 return NULL;
2002
2003 if (bss->dtim_count != 0)
2004 return NULL; /* send buffered bc/mc only after DTIM beacon */
2005 memset(control, 0, sizeof(*control));
2006 while (1) {
2007 skb = skb_dequeue(&bss->ps_bc_buf);
2008 if (!skb)
2009 return NULL;
2010 local->total_ps_buffered--;
2011
2012 if (!skb_queue_empty(&bss->ps_bc_buf) && skb->len >= 2) {
2013 struct ieee80211_hdr *hdr =
2014 (struct ieee80211_hdr *) skb->data;
2015 /* more buffered multicast/broadcast frames ==> set
2016 * MoreData flag in IEEE 802.11 header to inform PS
2017 * STAs */
2018 hdr->frame_control |=
2019 cpu_to_le16(IEEE80211_FCTL_MOREDATA);
2020 }
2021
2022 if (ieee80211_tx_prepare(&tx, skb, local->mdev, control) == 0)
2023 break;
2024 dev_kfree_skb_any(skb);
2025 }
2026 sta = tx.sta;
2027 tx.u.tx.ps_buffered = 1;
2028
2029 for (handler = local->tx_handlers; *handler != NULL; handler++) {
2030 res = (*handler)(&tx);
2031 if (res == TXRX_DROP || res == TXRX_QUEUED)
2032 break;
2033 }
2034 dev_put(tx.dev);
2035 skb = tx.skb; /* handlers are allowed to change skb */
2036
2037 if (res == TXRX_DROP) {
2038 I802_DEBUG_INC(local->tx_handlers_drop);
2039 dev_kfree_skb(skb);
2040 skb = NULL;
2041 } else if (res == TXRX_QUEUED) {
2042 I802_DEBUG_INC(local->tx_handlers_queued);
2043 skb = NULL;
2044 }
2045
2046 if (sta)
2047 sta_info_put(sta);
2048
2049 return skb;
2050}
2051EXPORT_SYMBOL(ieee80211_get_buffered_bc);
2052
2053static int __ieee80211_if_config(struct net_device *dev,
2054 struct sk_buff *beacon,
2055 struct ieee80211_tx_control *control)
2056{
2057 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2058 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2059 struct ieee80211_if_conf conf;
2060 static u8 scan_bssid[] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
2061
2062 if (!local->ops->config_interface || !netif_running(dev))
2063 return 0;
2064
2065 memset(&conf, 0, sizeof(conf));
2066 conf.type = sdata->type;
2067 if (sdata->type == IEEE80211_IF_TYPE_STA ||
2068 sdata->type == IEEE80211_IF_TYPE_IBSS) {
2069 if (local->sta_scanning &&
2070 local->scan_dev == dev)
2071 conf.bssid = scan_bssid;
2072 else
2073 conf.bssid = sdata->u.sta.bssid;
2074 conf.ssid = sdata->u.sta.ssid;
2075 conf.ssid_len = sdata->u.sta.ssid_len;
2076 conf.generic_elem = sdata->u.sta.extra_ie;
2077 conf.generic_elem_len = sdata->u.sta.extra_ie_len;
2078 } else if (sdata->type == IEEE80211_IF_TYPE_AP) {
2079 conf.ssid = sdata->u.ap.ssid;
2080 conf.ssid_len = sdata->u.ap.ssid_len;
2081 conf.generic_elem = sdata->u.ap.generic_elem;
2082 conf.generic_elem_len = sdata->u.ap.generic_elem_len;
2083 conf.beacon = beacon;
2084 conf.beacon_control = control;
2085 }
2086 return local->ops->config_interface(local_to_hw(local),
2087 dev->ifindex, &conf);
2088}
2089
2090int ieee80211_if_config(struct net_device *dev)
2091{
2092 return __ieee80211_if_config(dev, NULL, NULL);
2093}
2094
2095int ieee80211_if_config_beacon(struct net_device *dev)
2096{
2097 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2098 struct ieee80211_tx_control control;
2099 struct sk_buff *skb;
2100
2101 if (!(local->hw.flags & IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE))
2102 return 0;
2103 skb = ieee80211_beacon_get(local_to_hw(local), dev->ifindex, &control);
2104 if (!skb)
2105 return -ENOMEM;
2106 return __ieee80211_if_config(dev, skb, &control);
2107}
2108
2109int ieee80211_hw_config(struct ieee80211_local *local)
2110{
2111 struct ieee80211_hw_mode *mode;
2112 struct ieee80211_channel *chan;
2113 int ret = 0;
2114
2115 if (local->sta_scanning) {
2116 chan = local->scan_channel;
2117 mode = local->scan_hw_mode;
2118 } else {
2119 chan = local->oper_channel;
2120 mode = local->oper_hw_mode;
2121 }
2122
2123 local->hw.conf.channel = chan->chan;
2124 local->hw.conf.channel_val = chan->val;
2125 local->hw.conf.power_level = chan->power_level;
2126 local->hw.conf.freq = chan->freq;
2127 local->hw.conf.phymode = mode->mode;
2128 local->hw.conf.antenna_max = chan->antenna_max;
2129 local->hw.conf.chan = chan;
2130 local->hw.conf.mode = mode;
2131
2132#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
2133 printk(KERN_DEBUG "HW CONFIG: channel=%d freq=%d "
2134 "phymode=%d\n", local->hw.conf.channel, local->hw.conf.freq,
2135 local->hw.conf.phymode);
2136#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
2137
2138 if (local->ops->config)
2139 ret = local->ops->config(local_to_hw(local), &local->hw.conf);
2140
2141 return ret;
2142}
2143
2144
2145static int ieee80211_change_mtu(struct net_device *dev, int new_mtu)
2146{
2147 /* FIX: what would be proper limits for MTU?
2148 * This interface uses 802.3 frames. */
2149 if (new_mtu < 256 || new_mtu > IEEE80211_MAX_DATA_LEN - 24 - 6) {
2150 printk(KERN_WARNING "%s: invalid MTU %d\n",
2151 dev->name, new_mtu);
2152 return -EINVAL;
2153 }
2154
2155#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
2156 printk(KERN_DEBUG "%s: setting MTU %d\n", dev->name, new_mtu);
2157#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
2158 dev->mtu = new_mtu;
2159 return 0;
2160}
2161
2162
2163static int ieee80211_change_mtu_apdev(struct net_device *dev, int new_mtu)
2164{
2165 /* FIX: what would be proper limits for MTU?
2166 * This interface uses 802.11 frames. */
2167 if (new_mtu < 256 || new_mtu > IEEE80211_MAX_DATA_LEN) {
2168 printk(KERN_WARNING "%s: invalid MTU %d\n",
2169 dev->name, new_mtu);
2170 return -EINVAL;
2171 }
2172
2173#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
2174 printk(KERN_DEBUG "%s: setting MTU %d\n", dev->name, new_mtu);
2175#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
2176 dev->mtu = new_mtu;
2177 return 0;
2178}
2179
2180enum netif_tx_lock_class {
2181 TX_LOCK_NORMAL,
2182 TX_LOCK_MASTER,
2183};
2184
2185static inline void netif_tx_lock_nested(struct net_device *dev, int subclass)
2186{
2187 spin_lock_nested(&dev->_xmit_lock, subclass);
2188 dev->xmit_lock_owner = smp_processor_id();
2189}
2190
2191static void ieee80211_set_multicast_list(struct net_device *dev)
2192{
2193 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2194 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2195 unsigned short flags;
2196
2197 netif_tx_lock_nested(local->mdev, TX_LOCK_MASTER);
2198 if (((dev->flags & IFF_ALLMULTI) != 0) ^ (sdata->allmulti != 0)) {
2199 if (sdata->allmulti) {
2200 sdata->allmulti = 0;
2201 local->iff_allmultis--;
2202 } else {
2203 sdata->allmulti = 1;
2204 local->iff_allmultis++;
2205 }
2206 }
2207 if (((dev->flags & IFF_PROMISC) != 0) ^ (sdata->promisc != 0)) {
2208 if (sdata->promisc) {
2209 sdata->promisc = 0;
2210 local->iff_promiscs--;
2211 } else {
2212 sdata->promisc = 1;
2213 local->iff_promiscs++;
2214 }
2215 }
2216 if (dev->mc_count != sdata->mc_count) {
2217 local->mc_count = local->mc_count - sdata->mc_count +
2218 dev->mc_count;
2219 sdata->mc_count = dev->mc_count;
2220 }
2221 if (local->ops->set_multicast_list) {
2222 flags = local->mdev->flags;
2223 if (local->iff_allmultis)
2224 flags |= IFF_ALLMULTI;
2225 if (local->iff_promiscs)
2226 flags |= IFF_PROMISC;
2227 read_lock(&local->sub_if_lock);
2228 local->ops->set_multicast_list(local_to_hw(local), flags,
2229 local->mc_count);
2230 read_unlock(&local->sub_if_lock);
2231 }
2232 netif_tx_unlock(local->mdev);
2233}
2234
2235struct dev_mc_list *ieee80211_get_mc_list_item(struct ieee80211_hw *hw,
2236 struct dev_mc_list *prev,
2237 void **ptr)
2238{
2239 struct ieee80211_local *local = hw_to_local(hw);
2240 struct ieee80211_sub_if_data *sdata = *ptr;
2241 struct dev_mc_list *mc;
2242
2243 if (!prev) {
2244 WARN_ON(sdata);
2245 sdata = NULL;
2246 }
2247 if (!prev || !prev->next) {
2248 if (sdata)
2249 sdata = list_entry(sdata->list.next,
2250 struct ieee80211_sub_if_data, list);
2251 else
2252 sdata = list_entry(local->sub_if_list.next,
2253 struct ieee80211_sub_if_data, list);
2254 if (&sdata->list != &local->sub_if_list)
2255 mc = sdata->dev->mc_list;
2256 else
2257 mc = NULL;
2258 } else
2259 mc = prev->next;
2260
2261 *ptr = sdata;
2262 return mc;
2263}
2264EXPORT_SYMBOL(ieee80211_get_mc_list_item);
2265
2266static struct net_device_stats *ieee80211_get_stats(struct net_device *dev)
2267{
2268 struct ieee80211_sub_if_data *sdata;
2269 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2270 return &(sdata->stats);
2271}
2272
2273static void ieee80211_if_shutdown(struct net_device *dev)
2274{
2275 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2276 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2277
2278 ASSERT_RTNL();
2279 switch (sdata->type) {
2280 case IEEE80211_IF_TYPE_STA:
2281 case IEEE80211_IF_TYPE_IBSS:
2282 sdata->u.sta.state = IEEE80211_DISABLED;
2283 del_timer_sync(&sdata->u.sta.timer);
2284 skb_queue_purge(&sdata->u.sta.skb_queue);
2285 if (!local->ops->hw_scan &&
2286 local->scan_dev == sdata->dev) {
2287 local->sta_scanning = 0;
2288 cancel_delayed_work(&local->scan_work);
2289 }
2290 flush_workqueue(local->hw.workqueue);
2291 break;
2292 }
2293}
2294
2295static inline int identical_mac_addr_allowed(int type1, int type2)
2296{
2297 return (type1 == IEEE80211_IF_TYPE_MNTR ||
2298 type2 == IEEE80211_IF_TYPE_MNTR ||
2299 (type1 == IEEE80211_IF_TYPE_AP &&
2300 type2 == IEEE80211_IF_TYPE_WDS) ||
2301 (type1 == IEEE80211_IF_TYPE_WDS &&
2302 (type2 == IEEE80211_IF_TYPE_WDS ||
2303 type2 == IEEE80211_IF_TYPE_AP)) ||
2304 (type1 == IEEE80211_IF_TYPE_AP &&
2305 type2 == IEEE80211_IF_TYPE_VLAN) ||
2306 (type1 == IEEE80211_IF_TYPE_VLAN &&
2307 (type2 == IEEE80211_IF_TYPE_AP ||
2308 type2 == IEEE80211_IF_TYPE_VLAN)));
2309}
2310
2311static int ieee80211_master_open(struct net_device *dev)
2312{
2313 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2314 struct ieee80211_sub_if_data *sdata;
2315 int res = -EOPNOTSUPP;
2316
2317 read_lock(&local->sub_if_lock);
2318 list_for_each_entry(sdata, &local->sub_if_list, list) {
2319 if (sdata->dev != dev && netif_running(sdata->dev)) {
2320 res = 0;
2321 break;
2322 }
2323 }
2324 read_unlock(&local->sub_if_lock);
2325 return res;
2326}
2327
2328static int ieee80211_master_stop(struct net_device *dev)
2329{
2330 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2331 struct ieee80211_sub_if_data *sdata;
2332
2333 read_lock(&local->sub_if_lock);
2334 list_for_each_entry(sdata, &local->sub_if_list, list)
2335 if (sdata->dev != dev && netif_running(sdata->dev))
2336 dev_close(sdata->dev);
2337 read_unlock(&local->sub_if_lock);
2338
2339 return 0;
2340}
2341
2342static int ieee80211_mgmt_open(struct net_device *dev)
2343{
2344 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2345
2346 if (!netif_running(local->mdev))
2347 return -EOPNOTSUPP;
2348 return 0;
2349}
2350
2351static int ieee80211_mgmt_stop(struct net_device *dev)
2352{
2353 return 0;
2354}
2355
2356/* Check if running monitor interfaces should go to a "soft monitor" mode
2357 * and switch them if necessary. */
2358static inline void ieee80211_start_soft_monitor(struct ieee80211_local *local)
2359{
2360 struct ieee80211_if_init_conf conf;
2361
2362 if (local->open_count && local->open_count == local->monitors &&
2363 !(local->hw.flags & IEEE80211_HW_MONITOR_DURING_OPER) &&
2364 local->ops->remove_interface) {
2365 conf.if_id = -1;
2366 conf.type = IEEE80211_IF_TYPE_MNTR;
2367 conf.mac_addr = NULL;
2368 local->ops->remove_interface(local_to_hw(local), &conf);
2369 }
2370}
2371
2372/* Check if running monitor interfaces should go to a "hard monitor" mode
2373 * and switch them if necessary. */
2374static void ieee80211_start_hard_monitor(struct ieee80211_local *local)
2375{
2376 struct ieee80211_if_init_conf conf;
2377
2378 if (local->open_count && local->open_count == local->monitors &&
2379 !(local->hw.flags & IEEE80211_HW_MONITOR_DURING_OPER) &&
2380 local->ops->add_interface) {
2381 conf.if_id = -1;
2382 conf.type = IEEE80211_IF_TYPE_MNTR;
2383 conf.mac_addr = NULL;
2384 local->ops->add_interface(local_to_hw(local), &conf);
2385 }
2386}
2387
2388static int ieee80211_open(struct net_device *dev)
2389{
2390 struct ieee80211_sub_if_data *sdata, *nsdata;
2391 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2392 struct ieee80211_if_init_conf conf;
2393 int res;
2394
2395 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2396 read_lock(&local->sub_if_lock);
2397 list_for_each_entry(nsdata, &local->sub_if_list, list) {
2398 struct net_device *ndev = nsdata->dev;
2399
2400 if (ndev != dev && ndev != local->mdev && netif_running(ndev) &&
2401 compare_ether_addr(dev->dev_addr, ndev->dev_addr) == 0 &&
2402 !identical_mac_addr_allowed(sdata->type, nsdata->type)) {
2403 read_unlock(&local->sub_if_lock);
2404 return -ENOTUNIQ;
2405 }
2406 }
2407 read_unlock(&local->sub_if_lock);
2408
2409 if (sdata->type == IEEE80211_IF_TYPE_WDS &&
2410 is_zero_ether_addr(sdata->u.wds.remote_addr))
2411 return -ENOLINK;
2412
2413 if (sdata->type == IEEE80211_IF_TYPE_MNTR && local->open_count &&
2414 !(local->hw.flags & IEEE80211_HW_MONITOR_DURING_OPER)) {
2415 /* run the interface in a "soft monitor" mode */
2416 local->monitors++;
2417 local->open_count++;
2418 local->hw.conf.flags |= IEEE80211_CONF_RADIOTAP;
2419 return 0;
2420 }
2421 ieee80211_start_soft_monitor(local);
2422
2423 if (local->ops->add_interface) {
2424 conf.if_id = dev->ifindex;
2425 conf.type = sdata->type;
2426 conf.mac_addr = dev->dev_addr;
2427 res = local->ops->add_interface(local_to_hw(local), &conf);
2428 if (res) {
2429 if (sdata->type == IEEE80211_IF_TYPE_MNTR)
2430 ieee80211_start_hard_monitor(local);
2431 return res;
2432 }
2433 } else {
2434 if (sdata->type != IEEE80211_IF_TYPE_STA)
2435 return -EOPNOTSUPP;
2436 if (local->open_count > 0)
2437 return -ENOBUFS;
2438 }
2439
2440 if (local->open_count == 0) {
2441 res = 0;
2442 tasklet_enable(&local->tx_pending_tasklet);
2443 tasklet_enable(&local->tasklet);
2444 if (local->ops->open)
2445 res = local->ops->open(local_to_hw(local));
2446 if (res == 0) {
2447 res = dev_open(local->mdev);
2448 if (res) {
2449 if (local->ops->stop)
2450 local->ops->stop(local_to_hw(local));
2451 } else {
2452 res = ieee80211_hw_config(local);
2453 if (res && local->ops->stop)
2454 local->ops->stop(local_to_hw(local));
2455 else if (!res && local->apdev)
2456 dev_open(local->apdev);
2457 }
2458 }
2459 if (res) {
2460 if (local->ops->remove_interface)
2461 local->ops->remove_interface(local_to_hw(local),
2462 &conf);
2463 return res;
2464 }
2465 }
2466 local->open_count++;
2467
2468 if (sdata->type == IEEE80211_IF_TYPE_MNTR) {
2469 local->monitors++;
2470 local->hw.conf.flags |= IEEE80211_CONF_RADIOTAP;
2471 } else
2472 ieee80211_if_config(dev);
2473
2474 if (sdata->type == IEEE80211_IF_TYPE_STA &&
2475 !local->user_space_mlme)
2476 netif_carrier_off(dev);
2477
2478 netif_start_queue(dev);
2479 return 0;
2480}
2481
2482
2483static int ieee80211_stop(struct net_device *dev)
2484{
2485 struct ieee80211_sub_if_data *sdata;
2486 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2487
2488 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2489
2490 if (sdata->type == IEEE80211_IF_TYPE_MNTR &&
2491 local->open_count > 1 &&
2492 !(local->hw.flags & IEEE80211_HW_MONITOR_DURING_OPER)) {
2493 /* remove "soft monitor" interface */
2494 local->open_count--;
2495 local->monitors--;
2496 if (!local->monitors)
2497 local->hw.conf.flags &= ~IEEE80211_CONF_RADIOTAP;
2498 return 0;
2499 }
2500
2501 netif_stop_queue(dev);
2502 ieee80211_if_shutdown(dev);
2503
2504 if (sdata->type == IEEE80211_IF_TYPE_MNTR) {
2505 local->monitors--;
2506 if (!local->monitors)
2507 local->hw.conf.flags &= ~IEEE80211_CONF_RADIOTAP;
2508 }
2509
2510 local->open_count--;
2511 if (local->open_count == 0) {
2512 if (netif_running(local->mdev))
2513 dev_close(local->mdev);
2514 if (local->apdev)
2515 dev_close(local->apdev);
2516 if (local->ops->stop)
2517 local->ops->stop(local_to_hw(local));
2518 tasklet_disable(&local->tx_pending_tasklet);
2519 tasklet_disable(&local->tasklet);
2520 }
2521 if (local->ops->remove_interface) {
2522 struct ieee80211_if_init_conf conf;
2523
2524 conf.if_id = dev->ifindex;
2525 conf.type = sdata->type;
2526 conf.mac_addr = dev->dev_addr;
2527 local->ops->remove_interface(local_to_hw(local), &conf);
2528 }
2529
2530 ieee80211_start_hard_monitor(local);
2531
2532 return 0;
2533}
2534
2535
2536static int header_parse_80211(struct sk_buff *skb, unsigned char *haddr)
2537{
2538 memcpy(haddr, skb_mac_header(skb) + 10, ETH_ALEN); /* addr2 */
2539 return ETH_ALEN;
2540}
2541
2542static inline int ieee80211_bssid_match(const u8 *raddr, const u8 *addr)
2543{
2544 return compare_ether_addr(raddr, addr) == 0 ||
2545 is_broadcast_ether_addr(raddr);
2546}
2547
2548
2549static ieee80211_txrx_result
2550ieee80211_rx_h_data(struct ieee80211_txrx_data *rx)
2551{
2552 struct net_device *dev = rx->dev;
2553 struct ieee80211_local *local = rx->local;
2554 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
2555 u16 fc, hdrlen, ethertype;
2556 u8 *payload;
2557 u8 dst[ETH_ALEN];
2558 u8 src[ETH_ALEN];
2559 struct sk_buff *skb = rx->skb, *skb2;
2560 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2561
2562 fc = rx->fc;
2563 if (unlikely((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA))
2564 return TXRX_CONTINUE;
2565
2566 if (unlikely(!WLAN_FC_DATA_PRESENT(fc)))
2567 return TXRX_DROP;
2568
2569 hdrlen = ieee80211_get_hdrlen(fc);
2570
2571 /* convert IEEE 802.11 header + possible LLC headers into Ethernet
2572 * header
2573 * IEEE 802.11 address fields:
2574 * ToDS FromDS Addr1 Addr2 Addr3 Addr4
2575 * 0 0 DA SA BSSID n/a
2576 * 0 1 DA BSSID SA n/a
2577 * 1 0 BSSID SA DA n/a
2578 * 1 1 RA TA DA SA
2579 */
2580
2581 switch (fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) {
2582 case IEEE80211_FCTL_TODS:
2583 /* BSSID SA DA */
2584 memcpy(dst, hdr->addr3, ETH_ALEN);
2585 memcpy(src, hdr->addr2, ETH_ALEN);
2586
2587 if (unlikely(sdata->type != IEEE80211_IF_TYPE_AP &&
2588 sdata->type != IEEE80211_IF_TYPE_VLAN)) {
2589 printk(KERN_DEBUG "%s: dropped ToDS frame (BSSID="
2590 MAC_FMT " SA=" MAC_FMT " DA=" MAC_FMT ")\n",
2591 dev->name, MAC_ARG(hdr->addr1),
2592 MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr3));
2593 return TXRX_DROP;
2594 }
2595 break;
2596 case (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS):
2597 /* RA TA DA SA */
2598 memcpy(dst, hdr->addr3, ETH_ALEN);
2599 memcpy(src, hdr->addr4, ETH_ALEN);
2600
2601 if (unlikely(sdata->type != IEEE80211_IF_TYPE_WDS)) {
2602 printk(KERN_DEBUG "%s: dropped FromDS&ToDS frame (RA="
2603 MAC_FMT " TA=" MAC_FMT " DA=" MAC_FMT " SA="
2604 MAC_FMT ")\n",
2605 rx->dev->name, MAC_ARG(hdr->addr1),
2606 MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr3),
2607 MAC_ARG(hdr->addr4));
2608 return TXRX_DROP;
2609 }
2610 break;
2611 case IEEE80211_FCTL_FROMDS:
2612 /* DA BSSID SA */
2613 memcpy(dst, hdr->addr1, ETH_ALEN);
2614 memcpy(src, hdr->addr3, ETH_ALEN);
2615
2616 if (sdata->type != IEEE80211_IF_TYPE_STA) {
2617 return TXRX_DROP;
2618 }
2619 break;
2620 case 0:
2621 /* DA SA BSSID */
2622 memcpy(dst, hdr->addr1, ETH_ALEN);
2623 memcpy(src, hdr->addr2, ETH_ALEN);
2624
2625 if (sdata->type != IEEE80211_IF_TYPE_IBSS) {
2626 if (net_ratelimit()) {
2627 printk(KERN_DEBUG "%s: dropped IBSS frame (DA="
2628 MAC_FMT " SA=" MAC_FMT " BSSID=" MAC_FMT
2629 ")\n",
2630 dev->name, MAC_ARG(hdr->addr1),
2631 MAC_ARG(hdr->addr2),
2632 MAC_ARG(hdr->addr3));
2633 }
2634 return TXRX_DROP;
2635 }
2636 break;
2637 }
2638
2639 payload = skb->data + hdrlen;
2640
2641 if (unlikely(skb->len - hdrlen < 8)) {
2642 if (net_ratelimit()) {
2643 printk(KERN_DEBUG "%s: RX too short data frame "
2644 "payload\n", dev->name);
2645 }
2646 return TXRX_DROP;
2647 }
2648
2649 ethertype = (payload[6] << 8) | payload[7];
2650
2651 if (likely((compare_ether_addr(payload, rfc1042_header) == 0 &&
2652 ethertype != ETH_P_AARP && ethertype != ETH_P_IPX) ||
2653 compare_ether_addr(payload, bridge_tunnel_header) == 0)) {
2654 /* remove RFC1042 or Bridge-Tunnel encapsulation and
2655 * replace EtherType */
2656 skb_pull(skb, hdrlen + 6);
2657 memcpy(skb_push(skb, ETH_ALEN), src, ETH_ALEN);
2658 memcpy(skb_push(skb, ETH_ALEN), dst, ETH_ALEN);
2659 } else {
2660 struct ethhdr *ehdr;
2661 __be16 len;
2662 skb_pull(skb, hdrlen);
2663 len = htons(skb->len);
2664 ehdr = (struct ethhdr *) skb_push(skb, sizeof(struct ethhdr));
2665 memcpy(ehdr->h_dest, dst, ETH_ALEN);
2666 memcpy(ehdr->h_source, src, ETH_ALEN);
2667 ehdr->h_proto = len;
2668 }
2669 skb->dev = dev;
2670
2671 skb2 = NULL;
2672
2673 sdata->stats.rx_packets++;
2674 sdata->stats.rx_bytes += skb->len;
2675
2676 if (local->bridge_packets && (sdata->type == IEEE80211_IF_TYPE_AP
2677 || sdata->type == IEEE80211_IF_TYPE_VLAN) && rx->u.rx.ra_match) {
2678 if (is_multicast_ether_addr(skb->data)) {
2679 /* send multicast frames both to higher layers in
2680 * local net stack and back to the wireless media */
2681 skb2 = skb_copy(skb, GFP_ATOMIC);
2682 if (!skb2)
2683 printk(KERN_DEBUG "%s: failed to clone "
2684 "multicast frame\n", dev->name);
2685 } else {
2686 struct sta_info *dsta;
2687 dsta = sta_info_get(local, skb->data);
2688 if (dsta && !dsta->dev) {
2689 printk(KERN_DEBUG "Station with null dev "
2690 "structure!\n");
2691 } else if (dsta && dsta->dev == dev) {
2692 /* Destination station is associated to this
2693 * AP, so send the frame directly to it and
2694 * do not pass the frame to local net stack.
2695 */
2696 skb2 = skb;
2697 skb = NULL;
2698 }
2699 if (dsta)
2700 sta_info_put(dsta);
2701 }
2702 }
2703
2704 if (skb) {
2705 /* deliver to local stack */
2706 skb->protocol = eth_type_trans(skb, dev);
2707 memset(skb->cb, 0, sizeof(skb->cb));
2708 netif_rx(skb);
2709 }
2710
2711 if (skb2) {
2712 /* send to wireless media */
2713 skb2->protocol = __constant_htons(ETH_P_802_3);
2714 skb_set_network_header(skb2, 0);
2715 skb_set_mac_header(skb2, 0);
2716 dev_queue_xmit(skb2);
2717 }
2718
2719 return TXRX_QUEUED;
2720}
2721
2722
2723static struct ieee80211_rate *
2724ieee80211_get_rate(struct ieee80211_local *local, int phymode, int hw_rate)
2725{
2726 struct ieee80211_hw_mode *mode;
2727 int r;
2728
2729 list_for_each_entry(mode, &local->modes_list, list) {
2730 if (mode->mode != phymode)
2731 continue;
2732 for (r = 0; r < mode->num_rates; r++) {
2733 struct ieee80211_rate *rate = &mode->rates[r];
2734 if (rate->val == hw_rate ||
2735 (rate->flags & IEEE80211_RATE_PREAMBLE2 &&
2736 rate->val2 == hw_rate))
2737 return rate;
2738 }
2739 }
2740
2741 return NULL;
2742}
2743
2744static void
2745ieee80211_fill_frame_info(struct ieee80211_local *local,
2746 struct ieee80211_frame_info *fi,
2747 struct ieee80211_rx_status *status)
2748{
2749 if (status) {
2750 struct timespec ts;
2751 struct ieee80211_rate *rate;
2752
2753 jiffies_to_timespec(jiffies, &ts);
2754 fi->hosttime = cpu_to_be64((u64) ts.tv_sec * 1000000 +
2755 ts.tv_nsec / 1000);
2756 fi->mactime = cpu_to_be64(status->mactime);
2757 switch (status->phymode) {
2758 case MODE_IEEE80211A:
2759 fi->phytype = htonl(ieee80211_phytype_ofdm_dot11_a);
2760 break;
2761 case MODE_IEEE80211B:
2762 fi->phytype = htonl(ieee80211_phytype_dsss_dot11_b);
2763 break;
2764 case MODE_IEEE80211G:
2765 fi->phytype = htonl(ieee80211_phytype_pbcc_dot11_g);
2766 break;
2767 case MODE_ATHEROS_TURBO:
2768 fi->phytype =
2769 htonl(ieee80211_phytype_dsss_dot11_turbo);
2770 break;
2771 default:
2772 fi->phytype = htonl(0xAAAAAAAA);
2773 break;
2774 }
2775 fi->channel = htonl(status->channel);
2776 rate = ieee80211_get_rate(local, status->phymode,
2777 status->rate);
2778 if (rate) {
2779 fi->datarate = htonl(rate->rate);
2780 if (rate->flags & IEEE80211_RATE_PREAMBLE2) {
2781 if (status->rate == rate->val)
2782 fi->preamble = htonl(2); /* long */
2783 else if (status->rate == rate->val2)
2784 fi->preamble = htonl(1); /* short */
2785 } else
2786 fi->preamble = htonl(0);
2787 } else {
2788 fi->datarate = htonl(0);
2789 fi->preamble = htonl(0);
2790 }
2791
2792 fi->antenna = htonl(status->antenna);
2793 fi->priority = htonl(0xffffffff); /* no clue */
2794 fi->ssi_type = htonl(ieee80211_ssi_raw);
2795 fi->ssi_signal = htonl(status->ssi);
2796 fi->ssi_noise = 0x00000000;
2797 fi->encoding = 0;
2798 } else {
2799 /* clear everything because we really don't know.
2800 * the msg_type field isn't present on monitor frames
2801 * so we don't know whether it will be present or not,
2802 * but it's ok to not clear it since it'll be assigned
2803 * anyway */
2804 memset(fi, 0, sizeof(*fi) - sizeof(fi->msg_type));
2805
2806 fi->ssi_type = htonl(ieee80211_ssi_none);
2807 }
2808 fi->version = htonl(IEEE80211_FI_VERSION);
2809 fi->length = cpu_to_be32(sizeof(*fi) - sizeof(fi->msg_type));
2810}
2811
2812/* this routine is actually not just for this, but also
2813 * for pushing fake 'management' frames into userspace.
2814 * it shall be replaced by a netlink-based system. */
2815void
2816ieee80211_rx_mgmt(struct ieee80211_local *local, struct sk_buff *skb,
2817 struct ieee80211_rx_status *status, u32 msg_type)
2818{
2819 struct ieee80211_frame_info *fi;
2820 const size_t hlen = sizeof(struct ieee80211_frame_info);
2821 struct ieee80211_sub_if_data *sdata;
2822
2823 skb->dev = local->apdev;
2824
2825 sdata = IEEE80211_DEV_TO_SUB_IF(local->apdev);
2826
2827 if (skb_headroom(skb) < hlen) {
2828 I802_DEBUG_INC(local->rx_expand_skb_head);
2829 if (pskb_expand_head(skb, hlen, 0, GFP_ATOMIC)) {
2830 dev_kfree_skb(skb);
2831 return;
2832 }
2833 }
2834
2835 fi = (struct ieee80211_frame_info *) skb_push(skb, hlen);
2836
2837 ieee80211_fill_frame_info(local, fi, status);
2838 fi->msg_type = htonl(msg_type);
2839
2840 sdata->stats.rx_packets++;
2841 sdata->stats.rx_bytes += skb->len;
2842
2843 skb_set_mac_header(skb, 0);
2844 skb->ip_summed = CHECKSUM_UNNECESSARY;
2845 skb->pkt_type = PACKET_OTHERHOST;
2846 skb->protocol = htons(ETH_P_802_2);
2847 memset(skb->cb, 0, sizeof(skb->cb));
2848 netif_rx(skb);
2849}
2850
2851static void
2852ieee80211_rx_monitor(struct net_device *dev, struct sk_buff *skb,
2853 struct ieee80211_rx_status *status)
2854{
2855 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2856 struct ieee80211_sub_if_data *sdata;
2857 struct ieee80211_rate *rate;
2858 struct ieee80211_rtap_hdr {
2859 struct ieee80211_radiotap_header hdr;
2860 u8 flags;
2861 u8 rate;
2862 __le16 chan_freq;
2863 __le16 chan_flags;
2864 u8 antsignal;
2865 } __attribute__ ((packed)) *rthdr;
2866
2867 skb->dev = dev;
2868
2869 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2870
2871 if (status->flag & RX_FLAG_RADIOTAP)
2872 goto out;
2873
2874 if (skb_headroom(skb) < sizeof(*rthdr)) {
2875 I802_DEBUG_INC(local->rx_expand_skb_head);
2876 if (pskb_expand_head(skb, sizeof(*rthdr), 0, GFP_ATOMIC)) {
2877 dev_kfree_skb(skb);
2878 return;
2879 }
2880 }
2881
2882 rthdr = (struct ieee80211_rtap_hdr *) skb_push(skb, sizeof(*rthdr));
2883 memset(rthdr, 0, sizeof(*rthdr));
2884 rthdr->hdr.it_len = cpu_to_le16(sizeof(*rthdr));
2885 rthdr->hdr.it_present =
2886 cpu_to_le32((1 << IEEE80211_RADIOTAP_FLAGS) |
2887 (1 << IEEE80211_RADIOTAP_RATE) |
2888 (1 << IEEE80211_RADIOTAP_CHANNEL) |
2889 (1 << IEEE80211_RADIOTAP_DB_ANTSIGNAL));
2890 rthdr->flags = local->hw.flags & IEEE80211_HW_RX_INCLUDES_FCS ?
2891 IEEE80211_RADIOTAP_F_FCS : 0;
2892 rate = ieee80211_get_rate(local, status->phymode, status->rate);
2893 if (rate)
2894 rthdr->rate = rate->rate / 5;
2895 rthdr->chan_freq = cpu_to_le16(status->freq);
2896 rthdr->chan_flags =
2897 status->phymode == MODE_IEEE80211A ?
2898 cpu_to_le16(IEEE80211_CHAN_OFDM | IEEE80211_CHAN_5GHZ) :
2899 cpu_to_le16(IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ);
2900 rthdr->antsignal = status->ssi;
2901
2902 out:
2903 sdata->stats.rx_packets++;
2904 sdata->stats.rx_bytes += skb->len;
2905
2906 skb_set_mac_header(skb, 0);
2907 skb->ip_summed = CHECKSUM_UNNECESSARY;
2908 skb->pkt_type = PACKET_OTHERHOST;
2909 skb->protocol = htons(ETH_P_802_2);
2910 memset(skb->cb, 0, sizeof(skb->cb));
2911 netif_rx(skb);
2912}
2913
2914int ieee80211_radar_status(struct ieee80211_hw *hw, int channel,
2915 int radar, int radar_type)
2916{
2917 struct sk_buff *skb;
2918 struct ieee80211_radar_info *msg;
2919 struct ieee80211_local *local = hw_to_local(hw);
2920
2921 if (!local->apdev)
2922 return 0;
2923
2924 skb = dev_alloc_skb(sizeof(struct ieee80211_frame_info) +
2925 sizeof(struct ieee80211_radar_info));
2926
2927 if (!skb)
2928 return -ENOMEM;
2929 skb_reserve(skb, sizeof(struct ieee80211_frame_info));
2930
2931 msg = (struct ieee80211_radar_info *)
2932 skb_put(skb, sizeof(struct ieee80211_radar_info));
2933 msg->channel = channel;
2934 msg->radar = radar;
2935 msg->radar_type = radar_type;
2936
2937 ieee80211_rx_mgmt(local, skb, NULL, ieee80211_msg_radar);
2938 return 0;
2939}
2940EXPORT_SYMBOL(ieee80211_radar_status);
2941
2942int ieee80211_set_aid_for_sta(struct ieee80211_hw *hw, u8 *peer_address,
2943 u16 aid)
2944{
2945 struct sk_buff *skb;
2946 struct ieee80211_msg_set_aid_for_sta *msg;
2947 struct ieee80211_local *local = hw_to_local(hw);
2948
2949 /* unlikely because if this event only happens for APs,
2950 * which require an open ap device. */
2951 if (unlikely(!local->apdev))
2952 return 0;
2953
2954 skb = dev_alloc_skb(sizeof(struct ieee80211_frame_info) +
2955 sizeof(struct ieee80211_msg_set_aid_for_sta));
2956
2957 if (!skb)
2958 return -ENOMEM;
2959 skb_reserve(skb, sizeof(struct ieee80211_frame_info));
2960
2961 msg = (struct ieee80211_msg_set_aid_for_sta *)
2962 skb_put(skb, sizeof(struct ieee80211_msg_set_aid_for_sta));
2963 memcpy(msg->sta_address, peer_address, ETH_ALEN);
2964 msg->aid = aid;
2965
2966 ieee80211_rx_mgmt(local, skb, NULL, ieee80211_msg_set_aid_for_sta);
2967 return 0;
2968}
2969EXPORT_SYMBOL(ieee80211_set_aid_for_sta);
2970
2971static void ap_sta_ps_start(struct net_device *dev, struct sta_info *sta)
2972{
2973 struct ieee80211_sub_if_data *sdata;
2974 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
2975
2976 if (sdata->bss)
2977 atomic_inc(&sdata->bss->num_sta_ps);
2978 sta->flags |= WLAN_STA_PS;
2979 sta->pspoll = 0;
2980#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
2981 printk(KERN_DEBUG "%s: STA " MAC_FMT " aid %d enters power "
2982 "save mode\n", dev->name, MAC_ARG(sta->addr), sta->aid);
2983#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
2984}
2985
2986
2987static int ap_sta_ps_end(struct net_device *dev, struct sta_info *sta)
2988{
2989 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2990 struct sk_buff *skb;
2991 int sent = 0;
2992 struct ieee80211_sub_if_data *sdata;
2993 struct ieee80211_tx_packet_data *pkt_data;
2994
2995 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
2996 if (sdata->bss)
2997 atomic_dec(&sdata->bss->num_sta_ps);
2998 sta->flags &= ~(WLAN_STA_PS | WLAN_STA_TIM);
2999 sta->pspoll = 0;
3000 if (!skb_queue_empty(&sta->ps_tx_buf)) {
3001 if (local->ops->set_tim)
3002 local->ops->set_tim(local_to_hw(local), sta->aid, 0);
3003 if (sdata->bss)
3004 bss_tim_clear(local, sdata->bss, sta->aid);
3005 }
3006#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
3007 printk(KERN_DEBUG "%s: STA " MAC_FMT " aid %d exits power "
3008 "save mode\n", dev->name, MAC_ARG(sta->addr), sta->aid);
3009#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
3010 /* Send all buffered frames to the station */
3011 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) {
3012 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb;
3013 sent++;
3014 pkt_data->requeue = 1;
3015 dev_queue_xmit(skb);
3016 }
3017 while ((skb = skb_dequeue(&sta->ps_tx_buf)) != NULL) {
3018 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb;
3019 local->total_ps_buffered--;
3020 sent++;
3021#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
3022 printk(KERN_DEBUG "%s: STA " MAC_FMT " aid %d send PS frame "
3023 "since STA not sleeping anymore\n", dev->name,
3024 MAC_ARG(sta->addr), sta->aid);
3025#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
3026 pkt_data->requeue = 1;
3027 dev_queue_xmit(skb);
3028 }
3029
3030 return sent;
3031}
3032
3033
3034static ieee80211_txrx_result
3035ieee80211_rx_h_ps_poll(struct ieee80211_txrx_data *rx)
3036{
3037 struct sk_buff *skb;
3038 int no_pending_pkts;
3039
3040 if (likely(!rx->sta ||
3041 (rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_CTL ||
3042 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_PSPOLL ||
3043 !rx->u.rx.ra_match))
3044 return TXRX_CONTINUE;
3045
3046 skb = skb_dequeue(&rx->sta->tx_filtered);
3047 if (!skb) {
3048 skb = skb_dequeue(&rx->sta->ps_tx_buf);
3049 if (skb)
3050 rx->local->total_ps_buffered--;
3051 }
3052 no_pending_pkts = skb_queue_empty(&rx->sta->tx_filtered) &&
3053 skb_queue_empty(&rx->sta->ps_tx_buf);
3054
3055 if (skb) {
3056 struct ieee80211_hdr *hdr =
3057 (struct ieee80211_hdr *) skb->data;
3058
3059 /* tell TX path to send one frame even though the STA may
3060 * still remain is PS mode after this frame exchange */
3061 rx->sta->pspoll = 1;
3062
3063#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
3064 printk(KERN_DEBUG "STA " MAC_FMT " aid %d: PS Poll (entries "
3065 "after %d)\n",
3066 MAC_ARG(rx->sta->addr), rx->sta->aid,
3067 skb_queue_len(&rx->sta->ps_tx_buf));
3068#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
3069
3070 /* Use MoreData flag to indicate whether there are more
3071 * buffered frames for this STA */
3072 if (no_pending_pkts) {
3073 hdr->frame_control &= cpu_to_le16(~IEEE80211_FCTL_MOREDATA);
3074 rx->sta->flags &= ~WLAN_STA_TIM;
3075 } else
3076 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_MOREDATA);
3077
3078 dev_queue_xmit(skb);
3079
3080 if (no_pending_pkts) {
3081 if (rx->local->ops->set_tim)
3082 rx->local->ops->set_tim(local_to_hw(rx->local),
3083 rx->sta->aid, 0);
3084 if (rx->sdata->bss)
3085 bss_tim_clear(rx->local, rx->sdata->bss, rx->sta->aid);
3086 }
3087#ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
3088 } else if (!rx->u.rx.sent_ps_buffered) {
3089 printk(KERN_DEBUG "%s: STA " MAC_FMT " sent PS Poll even "
3090 "though there is no buffered frames for it\n",
3091 rx->dev->name, MAC_ARG(rx->sta->addr));
3092#endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
3093
3094 }
3095
3096 /* Free PS Poll skb here instead of returning TXRX_DROP that would
3097 * count as an dropped frame. */
3098 dev_kfree_skb(rx->skb);
3099
3100 return TXRX_QUEUED;
3101}
3102
3103
3104static inline struct ieee80211_fragment_entry *
3105ieee80211_reassemble_add(struct ieee80211_sub_if_data *sdata,
3106 unsigned int frag, unsigned int seq, int rx_queue,
3107 struct sk_buff **skb)
3108{
3109 struct ieee80211_fragment_entry *entry;
3110 int idx;
3111
3112 idx = sdata->fragment_next;
3113 entry = &sdata->fragments[sdata->fragment_next++];
3114 if (sdata->fragment_next >= IEEE80211_FRAGMENT_MAX)
3115 sdata->fragment_next = 0;
3116
3117 if (!skb_queue_empty(&entry->skb_list)) {
3118#ifdef CONFIG_MAC80211_DEBUG
3119 struct ieee80211_hdr *hdr =
3120 (struct ieee80211_hdr *) entry->skb_list.next->data;
3121 printk(KERN_DEBUG "%s: RX reassembly removed oldest "
3122 "fragment entry (idx=%d age=%lu seq=%d last_frag=%d "
3123 "addr1=" MAC_FMT " addr2=" MAC_FMT "\n",
3124 sdata->dev->name, idx,
3125 jiffies - entry->first_frag_time, entry->seq,
3126 entry->last_frag, MAC_ARG(hdr->addr1),
3127 MAC_ARG(hdr->addr2));
3128#endif /* CONFIG_MAC80211_DEBUG */
3129 __skb_queue_purge(&entry->skb_list);
3130 }
3131
3132 __skb_queue_tail(&entry->skb_list, *skb); /* no need for locking */
3133 *skb = NULL;
3134 entry->first_frag_time = jiffies;
3135 entry->seq = seq;
3136 entry->rx_queue = rx_queue;
3137 entry->last_frag = frag;
3138 entry->ccmp = 0;
3139 entry->extra_len = 0;
3140
3141 return entry;
3142}
3143
3144
3145static inline struct ieee80211_fragment_entry *
3146ieee80211_reassemble_find(struct ieee80211_sub_if_data *sdata,
3147 u16 fc, unsigned int frag, unsigned int seq,
3148 int rx_queue, struct ieee80211_hdr *hdr)
3149{
3150 struct ieee80211_fragment_entry *entry;
3151 int i, idx;
3152
3153 idx = sdata->fragment_next;
3154 for (i = 0; i < IEEE80211_FRAGMENT_MAX; i++) {
3155 struct ieee80211_hdr *f_hdr;
3156 u16 f_fc;
3157
3158 idx--;
3159 if (idx < 0)
3160 idx = IEEE80211_FRAGMENT_MAX - 1;
3161
3162 entry = &sdata->fragments[idx];
3163 if (skb_queue_empty(&entry->skb_list) || entry->seq != seq ||
3164 entry->rx_queue != rx_queue ||
3165 entry->last_frag + 1 != frag)
3166 continue;
3167
3168 f_hdr = (struct ieee80211_hdr *) entry->skb_list.next->data;
3169 f_fc = le16_to_cpu(f_hdr->frame_control);
3170
3171 if ((fc & IEEE80211_FCTL_FTYPE) != (f_fc & IEEE80211_FCTL_FTYPE) ||
3172 compare_ether_addr(hdr->addr1, f_hdr->addr1) != 0 ||
3173 compare_ether_addr(hdr->addr2, f_hdr->addr2) != 0)
3174 continue;
3175
3176 if (entry->first_frag_time + 2 * HZ < jiffies) {
3177 __skb_queue_purge(&entry->skb_list);
3178 continue;
3179 }
3180 return entry;
3181 }
3182
3183 return NULL;
3184}
3185
3186
3187static ieee80211_txrx_result
3188ieee80211_rx_h_defragment(struct ieee80211_txrx_data *rx)
3189{
3190 struct ieee80211_hdr *hdr;
3191 u16 sc;
3192 unsigned int frag, seq;
3193 struct ieee80211_fragment_entry *entry;
3194 struct sk_buff *skb;
3195
3196 hdr = (struct ieee80211_hdr *) rx->skb->data;
3197 sc = le16_to_cpu(hdr->seq_ctrl);
3198 frag = sc & IEEE80211_SCTL_FRAG;
3199
3200 if (likely((!(rx->fc & IEEE80211_FCTL_MOREFRAGS) && frag == 0) ||
3201 (rx->skb)->len < 24 ||
3202 is_multicast_ether_addr(hdr->addr1))) {
3203 /* not fragmented */
3204 goto out;
3205 }
3206 I802_DEBUG_INC(rx->local->rx_handlers_fragments);
3207
3208 seq = (sc & IEEE80211_SCTL_SEQ) >> 4;
3209
3210 if (frag == 0) {
3211 /* This is the first fragment of a new frame. */
3212 entry = ieee80211_reassemble_add(rx->sdata, frag, seq,
3213 rx->u.rx.queue, &(rx->skb));
3214 if (rx->key && rx->key->alg == ALG_CCMP &&
3215 (rx->fc & IEEE80211_FCTL_PROTECTED)) {
3216 /* Store CCMP PN so that we can verify that the next
3217 * fragment has a sequential PN value. */
3218 entry->ccmp = 1;
3219 memcpy(entry->last_pn,
3220 rx->key->u.ccmp.rx_pn[rx->u.rx.queue],
3221 CCMP_PN_LEN);
3222 }
3223 return TXRX_QUEUED;
3224 }
3225
3226 /* This is a fragment for a frame that should already be pending in
3227 * fragment cache. Add this fragment to the end of the pending entry.
3228 */
3229 entry = ieee80211_reassemble_find(rx->sdata, rx->fc, frag, seq,
3230 rx->u.rx.queue, hdr);
3231 if (!entry) {
3232 I802_DEBUG_INC(rx->local->rx_handlers_drop_defrag);
3233 return TXRX_DROP;
3234 }
3235
3236 /* Verify that MPDUs within one MSDU have sequential PN values.
3237 * (IEEE 802.11i, 8.3.3.4.5) */
3238 if (entry->ccmp) {
3239 int i;
3240 u8 pn[CCMP_PN_LEN], *rpn;
3241 if (!rx->key || rx->key->alg != ALG_CCMP)
3242 return TXRX_DROP;
3243 memcpy(pn, entry->last_pn, CCMP_PN_LEN);
3244 for (i = CCMP_PN_LEN - 1; i >= 0; i--) {
3245 pn[i]++;
3246 if (pn[i])
3247 break;
3248 }
3249 rpn = rx->key->u.ccmp.rx_pn[rx->u.rx.queue];
3250 if (memcmp(pn, rpn, CCMP_PN_LEN) != 0) {
3251 printk(KERN_DEBUG "%s: defrag: CCMP PN not sequential"
3252 " A2=" MAC_FMT " PN=%02x%02x%02x%02x%02x%02x "
3253 "(expected %02x%02x%02x%02x%02x%02x)\n",
3254 rx->dev->name, MAC_ARG(hdr->addr2),
3255 rpn[0], rpn[1], rpn[2], rpn[3], rpn[4], rpn[5],
3256 pn[0], pn[1], pn[2], pn[3], pn[4], pn[5]);
3257 return TXRX_DROP;
3258 }
3259 memcpy(entry->last_pn, pn, CCMP_PN_LEN);
3260 }
3261
3262 skb_pull(rx->skb, ieee80211_get_hdrlen(rx->fc));
3263 __skb_queue_tail(&entry->skb_list, rx->skb);
3264 entry->last_frag = frag;
3265 entry->extra_len += rx->skb->len;
3266 if (rx->fc & IEEE80211_FCTL_MOREFRAGS) {
3267 rx->skb = NULL;
3268 return TXRX_QUEUED;
3269 }
3270
3271 rx->skb = __skb_dequeue(&entry->skb_list);
3272 if (skb_tailroom(rx->skb) < entry->extra_len) {
3273 I802_DEBUG_INC(rx->local->rx_expand_skb_head2);
3274 if (unlikely(pskb_expand_head(rx->skb, 0, entry->extra_len,
3275 GFP_ATOMIC))) {
3276 I802_DEBUG_INC(rx->local->rx_handlers_drop_defrag);
3277 __skb_queue_purge(&entry->skb_list);
3278 return TXRX_DROP;
3279 }
3280 }
3281 while ((skb = __skb_dequeue(&entry->skb_list)))
3282 memcpy(skb_put(rx->skb, skb->len), skb->data, skb->len);
3283
3284 /* Complete frame has been reassembled - process it now */
3285 rx->fragmented = 1;
3286
3287 out:
3288 if (rx->sta)
3289 rx->sta->rx_packets++;
3290 if (is_multicast_ether_addr(hdr->addr1))
3291 rx->local->dot11MulticastReceivedFrameCount++;
3292 else
3293 ieee80211_led_rx(rx->local);
3294 return TXRX_CONTINUE;
3295}
3296
3297
3298static ieee80211_txrx_result
3299ieee80211_rx_h_monitor(struct ieee80211_txrx_data *rx)
3300{
3301 if (rx->sdata->type == IEEE80211_IF_TYPE_MNTR) {
3302 ieee80211_rx_monitor(rx->dev, rx->skb, rx->u.rx.status);
3303 return TXRX_QUEUED;
3304 }
3305
3306 if (rx->u.rx.status->flag & RX_FLAG_RADIOTAP)
3307 skb_pull(rx->skb, ieee80211_get_radiotap_len(rx->skb));
3308
3309 return TXRX_CONTINUE;
3310}
3311
3312
3313static ieee80211_txrx_result
3314ieee80211_rx_h_check(struct ieee80211_txrx_data *rx)
3315{
3316 struct ieee80211_hdr *hdr;
3317 int always_sta_key;
3318 hdr = (struct ieee80211_hdr *) rx->skb->data;
3319
3320 /* Drop duplicate 802.11 retransmissions (IEEE 802.11 Chap. 9.2.9) */
3321 if (rx->sta && !is_multicast_ether_addr(hdr->addr1)) {
3322 if (unlikely(rx->fc & IEEE80211_FCTL_RETRY &&
3323 rx->sta->last_seq_ctrl[rx->u.rx.queue] ==
3324 hdr->seq_ctrl)) {
3325 if (rx->u.rx.ra_match) {
3326 rx->local->dot11FrameDuplicateCount++;
3327 rx->sta->num_duplicates++;
3328 }
3329 return TXRX_DROP;
3330 } else
3331 rx->sta->last_seq_ctrl[rx->u.rx.queue] = hdr->seq_ctrl;
3332 }
3333
3334 if ((rx->local->hw.flags & IEEE80211_HW_RX_INCLUDES_FCS) &&
3335 rx->skb->len > FCS_LEN)
3336 skb_trim(rx->skb, rx->skb->len - FCS_LEN);
3337
3338 if (unlikely(rx->skb->len < 16)) {
3339 I802_DEBUG_INC(rx->local->rx_handlers_drop_short);
3340 return TXRX_DROP;
3341 }
3342
3343 if (!rx->u.rx.ra_match)
3344 rx->skb->pkt_type = PACKET_OTHERHOST;
3345 else if (compare_ether_addr(rx->dev->dev_addr, hdr->addr1) == 0)
3346 rx->skb->pkt_type = PACKET_HOST;
3347 else if (is_multicast_ether_addr(hdr->addr1)) {
3348 if (is_broadcast_ether_addr(hdr->addr1))
3349 rx->skb->pkt_type = PACKET_BROADCAST;
3350 else
3351 rx->skb->pkt_type = PACKET_MULTICAST;
3352 } else
3353 rx->skb->pkt_type = PACKET_OTHERHOST;
3354
3355 /* Drop disallowed frame classes based on STA auth/assoc state;
3356 * IEEE 802.11, Chap 5.5.
3357 *
3358 * 80211.o does filtering only based on association state, i.e., it
3359 * drops Class 3 frames from not associated stations. hostapd sends
3360 * deauth/disassoc frames when needed. In addition, hostapd is
3361 * responsible for filtering on both auth and assoc states.
3362 */
3363 if (unlikely(((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA ||
3364 ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_CTL &&
3365 (rx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PSPOLL)) &&
3366 rx->sdata->type != IEEE80211_IF_TYPE_IBSS &&
3367 (!rx->sta || !(rx->sta->flags & WLAN_STA_ASSOC)))) {
3368 if ((!(rx->fc & IEEE80211_FCTL_FROMDS) &&
3369 !(rx->fc & IEEE80211_FCTL_TODS) &&
3370 (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA)
3371 || !rx->u.rx.ra_match) {
3372 /* Drop IBSS frames and frames for other hosts
3373 * silently. */
3374 return TXRX_DROP;
3375 }
3376
3377 if (!rx->local->apdev)
3378 return TXRX_DROP;
3379
3380 ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status,
3381 ieee80211_msg_sta_not_assoc);
3382 return TXRX_QUEUED;
3383 }
3384
3385 if (rx->sdata->type == IEEE80211_IF_TYPE_STA)
3386 always_sta_key = 0;
3387 else
3388 always_sta_key = 1;
3389
3390 if (rx->sta && rx->sta->key && always_sta_key) {
3391 rx->key = rx->sta->key;
3392 } else {
3393 if (rx->sta && rx->sta->key)
3394 rx->key = rx->sta->key;
3395 else
3396 rx->key = rx->sdata->default_key;
3397
3398 if ((rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) &&
3399 rx->fc & IEEE80211_FCTL_PROTECTED) {
3400 int keyidx = ieee80211_wep_get_keyidx(rx->skb);
3401
3402 if (keyidx >= 0 && keyidx < NUM_DEFAULT_KEYS &&
3403 (!rx->sta || !rx->sta->key || keyidx > 0))
3404 rx->key = rx->sdata->keys[keyidx];
3405
3406 if (!rx->key) {
3407 if (!rx->u.rx.ra_match)
3408 return TXRX_DROP;
3409 printk(KERN_DEBUG "%s: RX WEP frame with "
3410 "unknown keyidx %d (A1=" MAC_FMT " A2="
3411 MAC_FMT " A3=" MAC_FMT ")\n",
3412 rx->dev->name, keyidx,
3413 MAC_ARG(hdr->addr1),
3414 MAC_ARG(hdr->addr2),
3415 MAC_ARG(hdr->addr3));
3416 if (!rx->local->apdev)
3417 return TXRX_DROP;
3418 ieee80211_rx_mgmt(
3419 rx->local, rx->skb, rx->u.rx.status,
3420 ieee80211_msg_wep_frame_unknown_key);
3421 return TXRX_QUEUED;
3422 }
3423 }
3424 }
3425
3426 if (rx->fc & IEEE80211_FCTL_PROTECTED && rx->key && rx->u.rx.ra_match) {
3427 rx->key->tx_rx_count++;
3428 if (unlikely(rx->local->key_tx_rx_threshold &&
3429 rx->key->tx_rx_count >
3430 rx->local->key_tx_rx_threshold)) {
3431 ieee80211_key_threshold_notify(rx->dev, rx->key,
3432 rx->sta);
3433 }
3434 }
3435
3436 return TXRX_CONTINUE;
3437}
3438
3439
3440static ieee80211_txrx_result
3441ieee80211_rx_h_sta_process(struct ieee80211_txrx_data *rx)
3442{
3443 struct sta_info *sta = rx->sta;
3444 struct net_device *dev = rx->dev;
3445 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
3446
3447 if (!sta)
3448 return TXRX_CONTINUE;
3449
3450 /* Update last_rx only for IBSS packets which are for the current
3451 * BSSID to avoid keeping the current IBSS network alive in cases where
3452 * other STAs are using different BSSID. */
3453 if (rx->sdata->type == IEEE80211_IF_TYPE_IBSS) {
3454 u8 *bssid = ieee80211_get_bssid(hdr, rx->skb->len);
3455 if (compare_ether_addr(bssid, rx->sdata->u.sta.bssid) == 0)
3456 sta->last_rx = jiffies;
3457 } else
3458 if (!is_multicast_ether_addr(hdr->addr1) ||
3459 rx->sdata->type == IEEE80211_IF_TYPE_STA) {
3460 /* Update last_rx only for unicast frames in order to prevent
3461 * the Probe Request frames (the only broadcast frames from a
3462 * STA in infrastructure mode) from keeping a connection alive.
3463 */
3464 sta->last_rx = jiffies;
3465 }
3466
3467 if (!rx->u.rx.ra_match)
3468 return TXRX_CONTINUE;
3469
3470 sta->rx_fragments++;
3471 sta->rx_bytes += rx->skb->len;
3472 sta->last_rssi = (sta->last_rssi * 15 +
3473 rx->u.rx.status->ssi) / 16;
3474 sta->last_signal = (sta->last_signal * 15 +
3475 rx->u.rx.status->signal) / 16;
3476 sta->last_noise = (sta->last_noise * 15 +
3477 rx->u.rx.status->noise) / 16;
3478
3479 if (!(rx->fc & IEEE80211_FCTL_MOREFRAGS)) {
3480 /* Change STA power saving mode only in the end of a frame
3481 * exchange sequence */
3482 if ((sta->flags & WLAN_STA_PS) && !(rx->fc & IEEE80211_FCTL_PM))
3483 rx->u.rx.sent_ps_buffered += ap_sta_ps_end(dev, sta);
3484 else if (!(sta->flags & WLAN_STA_PS) &&
3485 (rx->fc & IEEE80211_FCTL_PM))
3486 ap_sta_ps_start(dev, sta);
3487 }
3488
3489 /* Drop data::nullfunc frames silently, since they are used only to
3490 * control station power saving mode. */
3491 if ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
3492 (rx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_NULLFUNC) {
3493 I802_DEBUG_INC(rx->local->rx_handlers_drop_nullfunc);
3494 /* Update counter and free packet here to avoid counting this
3495 * as a dropped packed. */
3496 sta->rx_packets++;
3497 dev_kfree_skb(rx->skb);
3498 return TXRX_QUEUED;
3499 }
3500
3501 return TXRX_CONTINUE;
3502} /* ieee80211_rx_h_sta_process */
3503
3504
3505static ieee80211_txrx_result
3506ieee80211_rx_h_wep_weak_iv_detection(struct ieee80211_txrx_data *rx)
3507{
3508 if (!rx->sta || !(rx->fc & IEEE80211_FCTL_PROTECTED) ||
3509 (rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA ||
3510 !rx->key || rx->key->alg != ALG_WEP || !rx->u.rx.ra_match)
3511 return TXRX_CONTINUE;
3512
3513 /* Check for weak IVs, if hwaccel did not remove IV from the frame */
3514 if ((rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) ||
3515 rx->key->force_sw_encrypt) {
3516 u8 *iv = ieee80211_wep_is_weak_iv(rx->skb, rx->key);
3517 if (iv) {
3518 rx->sta->wep_weak_iv_count++;
3519 }
3520 }
3521
3522 return TXRX_CONTINUE;
3523}
3524
3525
3526static ieee80211_txrx_result
3527ieee80211_rx_h_wep_decrypt(struct ieee80211_txrx_data *rx)
3528{
3529 /* If the device handles decryption totally, skip this test */
3530 if (rx->local->hw.flags & IEEE80211_HW_DEVICE_HIDES_WEP)
3531 return TXRX_CONTINUE;
3532
3533 if ((rx->key && rx->key->alg != ALG_WEP) ||
3534 !(rx->fc & IEEE80211_FCTL_PROTECTED) ||
3535 ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA &&
3536 ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
3537 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH)))
3538 return TXRX_CONTINUE;
3539
3540 if (!rx->key) {
3541 printk(KERN_DEBUG "%s: RX WEP frame, but no key set\n",
3542 rx->dev->name);
3543 return TXRX_DROP;
3544 }
3545
3546 if (!(rx->u.rx.status->flag & RX_FLAG_DECRYPTED) ||
3547 rx->key->force_sw_encrypt) {
3548 if (ieee80211_wep_decrypt(rx->local, rx->skb, rx->key)) {
3549 printk(KERN_DEBUG "%s: RX WEP frame, decrypt "
3550 "failed\n", rx->dev->name);
3551 return TXRX_DROP;
3552 }
3553 } else if (rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) {
3554 ieee80211_wep_remove_iv(rx->local, rx->skb, rx->key);
3555 /* remove ICV */
3556 skb_trim(rx->skb, rx->skb->len - 4);
3557 }
3558
3559 return TXRX_CONTINUE;
3560}
3561
3562
3563static ieee80211_txrx_result
3564ieee80211_rx_h_802_1x_pae(struct ieee80211_txrx_data *rx)
3565{
3566 if (rx->sdata->eapol && ieee80211_is_eapol(rx->skb) &&
3567 rx->sdata->type != IEEE80211_IF_TYPE_STA && rx->u.rx.ra_match) {
3568 /* Pass both encrypted and unencrypted EAPOL frames to user
3569 * space for processing. */
3570 if (!rx->local->apdev)
3571 return TXRX_DROP;
3572 ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status,
3573 ieee80211_msg_normal);
3574 return TXRX_QUEUED;
3575 }
3576
3577 if (unlikely(rx->sdata->ieee802_1x &&
3578 (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
3579 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_NULLFUNC &&
3580 (!rx->sta || !(rx->sta->flags & WLAN_STA_AUTHORIZED)) &&
3581 !ieee80211_is_eapol(rx->skb))) {
3582#ifdef CONFIG_MAC80211_DEBUG
3583 struct ieee80211_hdr *hdr =
3584 (struct ieee80211_hdr *) rx->skb->data;
3585 printk(KERN_DEBUG "%s: dropped frame from " MAC_FMT
3586 " (unauthorized port)\n", rx->dev->name,
3587 MAC_ARG(hdr->addr2));
3588#endif /* CONFIG_MAC80211_DEBUG */
3589 return TXRX_DROP;
3590 }
3591
3592 return TXRX_CONTINUE;
3593}
3594
3595
3596static ieee80211_txrx_result
3597ieee80211_rx_h_drop_unencrypted(struct ieee80211_txrx_data *rx)
3598{
3599 /* If the device handles decryption totally, skip this test */
3600 if (rx->local->hw.flags & IEEE80211_HW_DEVICE_HIDES_WEP)
3601 return TXRX_CONTINUE;
3602
3603 /* Drop unencrypted frames if key is set. */
3604 if (unlikely(!(rx->fc & IEEE80211_FCTL_PROTECTED) &&
3605 (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
3606 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_NULLFUNC &&
3607 (rx->key || rx->sdata->drop_unencrypted) &&
3608 (rx->sdata->eapol == 0 ||
3609 !ieee80211_is_eapol(rx->skb)))) {
3610 printk(KERN_DEBUG "%s: RX non-WEP frame, but expected "
3611 "encryption\n", rx->dev->name);
3612 return TXRX_DROP;
3613 }
3614 return TXRX_CONTINUE;
3615}
3616
3617
3618static ieee80211_txrx_result
3619ieee80211_rx_h_mgmt(struct ieee80211_txrx_data *rx)
3620{
3621 struct ieee80211_sub_if_data *sdata;
3622
3623 if (!rx->u.rx.ra_match)
3624 return TXRX_DROP;
3625
3626 sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev);
3627 if ((sdata->type == IEEE80211_IF_TYPE_STA ||
3628 sdata->type == IEEE80211_IF_TYPE_IBSS) &&
3629 !rx->local->user_space_mlme) {
3630 ieee80211_sta_rx_mgmt(rx->dev, rx->skb, rx->u.rx.status);
3631 } else {
3632 /* Management frames are sent to hostapd for processing */
3633 if (!rx->local->apdev)
3634 return TXRX_DROP;
3635 ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status,
3636 ieee80211_msg_normal);
3637 }
3638 return TXRX_QUEUED;
3639}
3640
3641
3642static ieee80211_txrx_result
3643ieee80211_rx_h_passive_scan(struct ieee80211_txrx_data *rx)
3644{
3645 struct ieee80211_local *local = rx->local;
3646 struct sk_buff *skb = rx->skb;
3647
3648 if (unlikely(local->sta_scanning != 0)) {
3649 ieee80211_sta_rx_scan(rx->dev, skb, rx->u.rx.status);
3650 return TXRX_QUEUED;
3651 }
3652
3653 if (unlikely(rx->u.rx.in_scan)) {
3654 /* scanning finished during invoking of handlers */
3655 I802_DEBUG_INC(local->rx_handlers_drop_passive_scan);
3656 return TXRX_DROP;
3657 }
3658
3659 return TXRX_CONTINUE;
3660}
3661
3662
3663static void ieee80211_rx_michael_mic_report(struct net_device *dev,
3664 struct ieee80211_hdr *hdr,
3665 struct sta_info *sta,
3666 struct ieee80211_txrx_data *rx)
3667{
3668 int keyidx, hdrlen;
3669
3670 hdrlen = ieee80211_get_hdrlen_from_skb(rx->skb);
3671 if (rx->skb->len >= hdrlen + 4)
3672 keyidx = rx->skb->data[hdrlen + 3] >> 6;
3673 else
3674 keyidx = -1;
3675
3676 /* TODO: verify that this is not triggered by fragmented
3677 * frames (hw does not verify MIC for them). */
3678 printk(KERN_DEBUG "%s: TKIP hwaccel reported Michael MIC "
3679 "failure from " MAC_FMT " to " MAC_FMT " keyidx=%d\n",
3680 dev->name, MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr1), keyidx);
3681
3682 if (!sta) {
3683 /* Some hardware versions seem to generate incorrect
3684 * Michael MIC reports; ignore them to avoid triggering
3685 * countermeasures. */
3686 printk(KERN_DEBUG "%s: ignored spurious Michael MIC "
3687 "error for unknown address " MAC_FMT "\n",
3688 dev->name, MAC_ARG(hdr->addr2));
3689 goto ignore;
3690 }
3691
3692 if (!(rx->fc & IEEE80211_FCTL_PROTECTED)) {
3693 printk(KERN_DEBUG "%s: ignored spurious Michael MIC "
3694 "error for a frame with no ISWEP flag (src "
3695 MAC_FMT ")\n", dev->name, MAC_ARG(hdr->addr2));
3696 goto ignore;
3697 }
3698
3699 if ((rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) &&
3700 rx->sdata->type == IEEE80211_IF_TYPE_AP) {
3701 keyidx = ieee80211_wep_get_keyidx(rx->skb);
3702 /* AP with Pairwise keys support should never receive Michael
3703 * MIC errors for non-zero keyidx because these are reserved
3704 * for group keys and only the AP is sending real multicast
3705 * frames in BSS. */
3706 if (keyidx) {
3707 printk(KERN_DEBUG "%s: ignored Michael MIC error for "
3708 "a frame with non-zero keyidx (%d) (src " MAC_FMT
3709 ")\n", dev->name, keyidx, MAC_ARG(hdr->addr2));
3710 goto ignore;
3711 }
3712 }
3713
3714 if ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA &&
3715 ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
3716 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH)) {
3717 printk(KERN_DEBUG "%s: ignored spurious Michael MIC "
3718 "error for a frame that cannot be encrypted "
3719 "(fc=0x%04x) (src " MAC_FMT ")\n",
3720 dev->name, rx->fc, MAC_ARG(hdr->addr2));
3721 goto ignore;
3722 }
3723
3724 do {
3725 union iwreq_data wrqu;
3726 char *buf = kmalloc(128, GFP_ATOMIC);
3727 if (!buf)
3728 break;
3729
3730 /* TODO: needed parameters: count, key type, TSC */
3731 sprintf(buf, "MLME-MICHAELMICFAILURE.indication("
3732 "keyid=%d %scast addr=" MAC_FMT ")",
3733 keyidx, hdr->addr1[0] & 0x01 ? "broad" : "uni",
3734 MAC_ARG(hdr->addr2));
3735 memset(&wrqu, 0, sizeof(wrqu));
3736 wrqu.data.length = strlen(buf);
3737 wireless_send_event(rx->dev, IWEVCUSTOM, &wrqu, buf);
3738 kfree(buf);
3739 } while (0);
3740
3741 /* TODO: consider verifying the MIC error report with software
3742 * implementation if we get too many spurious reports from the
3743 * hardware. */
3744 if (!rx->local->apdev)
3745 goto ignore;
3746 ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status,
3747 ieee80211_msg_michael_mic_failure);
3748 return;
3749
3750 ignore:
3751 dev_kfree_skb(rx->skb);
3752 rx->skb = NULL;
3753}
3754
3755static inline ieee80211_txrx_result __ieee80211_invoke_rx_handlers(
3756 struct ieee80211_local *local,
3757 ieee80211_rx_handler *handlers,
3758 struct ieee80211_txrx_data *rx,
3759 struct sta_info *sta)
3760{
3761 ieee80211_rx_handler *handler;
3762 ieee80211_txrx_result res = TXRX_DROP;
3763
3764 for (handler = handlers; *handler != NULL; handler++) {
3765 res = (*handler)(rx);
3766 if (res != TXRX_CONTINUE) {
3767 if (res == TXRX_DROP) {
3768 I802_DEBUG_INC(local->rx_handlers_drop);
3769 if (sta)
3770 sta->rx_dropped++;
3771 }
3772 if (res == TXRX_QUEUED)
3773 I802_DEBUG_INC(local->rx_handlers_queued);
3774 break;
3775 }
3776 }
3777
3778 if (res == TXRX_DROP) {
3779 dev_kfree_skb(rx->skb);
3780 }
3781 return res;
3782}
3783
3784static inline void ieee80211_invoke_rx_handlers(struct ieee80211_local *local,
3785 ieee80211_rx_handler *handlers,
3786 struct ieee80211_txrx_data *rx,
3787 struct sta_info *sta)
3788{
3789 if (__ieee80211_invoke_rx_handlers(local, handlers, rx, sta) ==
3790 TXRX_CONTINUE)
3791 dev_kfree_skb(rx->skb);
3792}
3793
3794/*
3795 * This is the receive path handler. It is called by a low level driver when an
3796 * 802.11 MPDU is received from the hardware.
3797 */
3798void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb,
3799 struct ieee80211_rx_status *status)
3800{
3801 struct ieee80211_local *local = hw_to_local(hw);
3802 struct ieee80211_sub_if_data *sdata;
3803 struct sta_info *sta;
3804 struct ieee80211_hdr *hdr;
3805 struct ieee80211_txrx_data rx;
3806 u16 type;
3807 int multicast;
3808 int radiotap_len = 0;
3809
3810 if (status->flag & RX_FLAG_RADIOTAP) {
3811 radiotap_len = ieee80211_get_radiotap_len(skb);
3812 skb_pull(skb, radiotap_len);
3813 }
3814
3815 hdr = (struct ieee80211_hdr *) skb->data;
3816 memset(&rx, 0, sizeof(rx));
3817 rx.skb = skb;
3818 rx.local = local;
3819
3820 rx.u.rx.status = status;
3821 rx.fc = skb->len >= 2 ? le16_to_cpu(hdr->frame_control) : 0;
3822 type = rx.fc & IEEE80211_FCTL_FTYPE;
3823 if (type == IEEE80211_FTYPE_DATA || type == IEEE80211_FTYPE_MGMT)
3824 local->dot11ReceivedFragmentCount++;
3825 multicast = is_multicast_ether_addr(hdr->addr1);
3826
3827 if (skb->len >= 16)
3828 sta = rx.sta = sta_info_get(local, hdr->addr2);
3829 else
3830 sta = rx.sta = NULL;
3831
3832 if (sta) {
3833 rx.dev = sta->dev;
3834 rx.sdata = IEEE80211_DEV_TO_SUB_IF(rx.dev);
3835 }
3836
3837 if ((status->flag & RX_FLAG_MMIC_ERROR)) {
3838 ieee80211_rx_michael_mic_report(local->mdev, hdr, sta, &rx);
3839 goto end;
3840 }
3841
3842 if (unlikely(local->sta_scanning))
3843 rx.u.rx.in_scan = 1;
3844
3845 if (__ieee80211_invoke_rx_handlers(local, local->rx_pre_handlers, &rx,
3846 sta) != TXRX_CONTINUE)
3847 goto end;
3848 skb = rx.skb;
3849
3850 skb_push(skb, radiotap_len);
3851 if (sta && !sta->assoc_ap && !(sta->flags & WLAN_STA_WDS) &&
3852 !local->iff_promiscs && !multicast) {
3853 rx.u.rx.ra_match = 1;
3854 ieee80211_invoke_rx_handlers(local, local->rx_handlers, &rx,
3855 sta);
3856 } else {
3857 struct ieee80211_sub_if_data *prev = NULL;
3858 struct sk_buff *skb_new;
3859 u8 *bssid = ieee80211_get_bssid(hdr, skb->len - radiotap_len);
3860
3861 read_lock(&local->sub_if_lock);
3862 list_for_each_entry(sdata, &local->sub_if_list, list) {
3863 rx.u.rx.ra_match = 1;
3864 switch (sdata->type) {
3865 case IEEE80211_IF_TYPE_STA:
3866 if (!bssid)
3867 continue;
3868 if (!ieee80211_bssid_match(bssid,
3869 sdata->u.sta.bssid)) {
3870 if (!rx.u.rx.in_scan)
3871 continue;
3872 rx.u.rx.ra_match = 0;
3873 } else if (!multicast &&
3874 compare_ether_addr(sdata->dev->dev_addr,
3875 hdr->addr1) != 0) {
3876 if (!sdata->promisc)
3877 continue;
3878 rx.u.rx.ra_match = 0;
3879 }
3880 break;
3881 case IEEE80211_IF_TYPE_IBSS:
3882 if (!bssid)
3883 continue;
3884 if (!ieee80211_bssid_match(bssid,
3885 sdata->u.sta.bssid)) {
3886 if (!rx.u.rx.in_scan)
3887 continue;
3888 rx.u.rx.ra_match = 0;
3889 } else if (!multicast &&
3890 compare_ether_addr(sdata->dev->dev_addr,
3891 hdr->addr1) != 0) {
3892 if (!sdata->promisc)
3893 continue;
3894 rx.u.rx.ra_match = 0;
3895 } else if (!sta)
3896 sta = rx.sta =
3897 ieee80211_ibss_add_sta(sdata->dev,
3898 skb, bssid,
3899 hdr->addr2);
3900 break;
3901 case IEEE80211_IF_TYPE_AP:
3902 if (!bssid) {
3903 if (compare_ether_addr(sdata->dev->dev_addr,
3904 hdr->addr1) != 0)
3905 continue;
3906 } else if (!ieee80211_bssid_match(bssid,
3907 sdata->dev->dev_addr)) {
3908 if (!rx.u.rx.in_scan)
3909 continue;
3910 rx.u.rx.ra_match = 0;
3911 }
3912 if (sdata->dev == local->mdev &&
3913 !rx.u.rx.in_scan)
3914 /* do not receive anything via
3915 * master device when not scanning */
3916 continue;
3917 break;
3918 case IEEE80211_IF_TYPE_WDS:
3919 if (bssid ||
3920 (rx.fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)
3921 continue;
3922 if (compare_ether_addr(sdata->u.wds.remote_addr,
3923 hdr->addr2) != 0)
3924 continue;
3925 break;
3926 }
3927
3928 if (prev) {
3929 skb_new = skb_copy(skb, GFP_ATOMIC);
3930 if (!skb_new) {
3931 if (net_ratelimit())
3932 printk(KERN_DEBUG "%s: failed to copy "
3933 "multicast frame for %s",
3934 local->mdev->name, prev->dev->name);
3935 continue;
3936 }
3937 rx.skb = skb_new;
3938 rx.dev = prev->dev;
3939 rx.sdata = prev;
3940 ieee80211_invoke_rx_handlers(local,
3941 local->rx_handlers,
3942 &rx, sta);
3943 }
3944 prev = sdata;
3945 }
3946 if (prev) {
3947 rx.skb = skb;
3948 rx.dev = prev->dev;
3949 rx.sdata = prev;
3950 ieee80211_invoke_rx_handlers(local, local->rx_handlers,
3951 &rx, sta);
3952 } else
3953 dev_kfree_skb(skb);
3954 read_unlock(&local->sub_if_lock);
3955 }
3956
3957 end:
3958 if (sta)
3959 sta_info_put(sta);
3960}
3961EXPORT_SYMBOL(__ieee80211_rx);
3962
3963static ieee80211_txrx_result
3964ieee80211_tx_h_load_stats(struct ieee80211_txrx_data *tx)
3965{
3966 struct ieee80211_local *local = tx->local;
3967 struct ieee80211_hw_mode *mode = tx->u.tx.mode;
3968 struct sk_buff *skb = tx->skb;
3969 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
3970 u32 load = 0, hdrtime;
3971
3972 /* TODO: this could be part of tx_status handling, so that the number
3973 * of retries would be known; TX rate should in that case be stored
3974 * somewhere with the packet */
3975
3976 /* Estimate total channel use caused by this frame */
3977
3978 /* 1 bit at 1 Mbit/s takes 1 usec; in channel_use values,
3979 * 1 usec = 1/8 * (1080 / 10) = 13.5 */
3980
3981 if (mode->mode == MODE_IEEE80211A ||
3982 mode->mode == MODE_ATHEROS_TURBO ||
3983 mode->mode == MODE_ATHEROS_TURBOG ||
3984 (mode->mode == MODE_IEEE80211G &&
3985 tx->u.tx.rate->flags & IEEE80211_RATE_ERP))
3986 hdrtime = CHAN_UTIL_HDR_SHORT;
3987 else
3988 hdrtime = CHAN_UTIL_HDR_LONG;
3989
3990 load = hdrtime;
3991 if (!is_multicast_ether_addr(hdr->addr1))
3992 load += hdrtime;
3993
3994 if (tx->u.tx.control->flags & IEEE80211_TXCTL_USE_RTS_CTS)
3995 load += 2 * hdrtime;
3996 else if (tx->u.tx.control->flags & IEEE80211_TXCTL_USE_CTS_PROTECT)
3997 load += hdrtime;
3998
3999 load += skb->len * tx->u.tx.rate->rate_inv;
4000
4001 if (tx->u.tx.extra_frag) {
4002 int i;
4003 for (i = 0; i < tx->u.tx.num_extra_frag; i++) {
4004 load += 2 * hdrtime;
4005 load += tx->u.tx.extra_frag[i]->len *
4006 tx->u.tx.rate->rate;
4007 }
4008 }
4009
4010 /* Divide channel_use by 8 to avoid wrapping around the counter */
4011 load >>= CHAN_UTIL_SHIFT;
4012 local->channel_use_raw += load;
4013 if (tx->sta)
4014 tx->sta->channel_use_raw += load;
4015 tx->sdata->channel_use_raw += load;
4016
4017 return TXRX_CONTINUE;
4018}
4019
4020
4021static ieee80211_txrx_result
4022ieee80211_rx_h_load_stats(struct ieee80211_txrx_data *rx)
4023{
4024 struct ieee80211_local *local = rx->local;
4025 struct sk_buff *skb = rx->skb;
4026 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
4027 u32 load = 0, hdrtime;
4028 struct ieee80211_rate *rate;
4029 struct ieee80211_hw_mode *mode = local->hw.conf.mode;
4030 int i;
4031
4032 /* Estimate total channel use caused by this frame */
4033
4034 if (unlikely(mode->num_rates < 0))
4035 return TXRX_CONTINUE;
4036
4037 rate = &mode->rates[0];
4038 for (i = 0; i < mode->num_rates; i++) {
4039 if (mode->rates[i].val == rx->u.rx.status->rate) {
4040 rate = &mode->rates[i];
4041 break;
4042 }
4043 }
4044
4045 /* 1 bit at 1 Mbit/s takes 1 usec; in channel_use values,
4046 * 1 usec = 1/8 * (1080 / 10) = 13.5 */
4047
4048 if (mode->mode == MODE_IEEE80211A ||
4049 mode->mode == MODE_ATHEROS_TURBO ||
4050 mode->mode == MODE_ATHEROS_TURBOG ||
4051 (mode->mode == MODE_IEEE80211G &&
4052 rate->flags & IEEE80211_RATE_ERP))
4053 hdrtime = CHAN_UTIL_HDR_SHORT;
4054 else
4055 hdrtime = CHAN_UTIL_HDR_LONG;
4056
4057 load = hdrtime;
4058 if (!is_multicast_ether_addr(hdr->addr1))
4059 load += hdrtime;
4060
4061 load += skb->len * rate->rate_inv;
4062
4063 /* Divide channel_use by 8 to avoid wrapping around the counter */
4064 load >>= CHAN_UTIL_SHIFT;
4065 local->channel_use_raw += load;
4066 if (rx->sta)
4067 rx->sta->channel_use_raw += load;
4068 rx->u.rx.load = load;
4069
4070 return TXRX_CONTINUE;
4071}
4072
4073static ieee80211_txrx_result
4074ieee80211_rx_h_if_stats(struct ieee80211_txrx_data *rx)
4075{
4076 rx->sdata->channel_use_raw += rx->u.rx.load;
4077 return TXRX_CONTINUE;
4078}
4079
4080static void ieee80211_stat_refresh(unsigned long data)
4081{
4082 struct ieee80211_local *local = (struct ieee80211_local *) data;
4083 struct sta_info *sta;
4084 struct ieee80211_sub_if_data *sdata;
4085
4086 if (!local->stat_time)
4087 return;
4088
4089 /* go through all stations */
4090 spin_lock_bh(&local->sta_lock);
4091 list_for_each_entry(sta, &local->sta_list, list) {
4092 sta->channel_use = (sta->channel_use_raw / local->stat_time) /
4093 CHAN_UTIL_PER_10MS;
4094 sta->channel_use_raw = 0;
4095 }
4096 spin_unlock_bh(&local->sta_lock);
4097
4098 /* go through all subinterfaces */
4099 read_lock(&local->sub_if_lock);
4100 list_for_each_entry(sdata, &local->sub_if_list, list) {
4101 sdata->channel_use = (sdata->channel_use_raw /
4102 local->stat_time) / CHAN_UTIL_PER_10MS;
4103 sdata->channel_use_raw = 0;
4104 }
4105 read_unlock(&local->sub_if_lock);
4106
4107 /* hardware interface */
4108 local->channel_use = (local->channel_use_raw /
4109 local->stat_time) / CHAN_UTIL_PER_10MS;
4110 local->channel_use_raw = 0;
4111
4112 local->stat_timer.expires = jiffies + HZ * local->stat_time / 100;
4113 add_timer(&local->stat_timer);
4114}
4115
4116
4117/* This is a version of the rx handler that can be called from hard irq
4118 * context. Post the skb on the queue and schedule the tasklet */
4119void ieee80211_rx_irqsafe(struct ieee80211_hw *hw, struct sk_buff *skb,
4120 struct ieee80211_rx_status *status)
4121{
4122 struct ieee80211_local *local = hw_to_local(hw);
4123
4124 BUILD_BUG_ON(sizeof(struct ieee80211_rx_status) > sizeof(skb->cb));
4125
4126 skb->dev = local->mdev;
4127 /* copy status into skb->cb for use by tasklet */
4128 memcpy(skb->cb, status, sizeof(*status));
4129 skb->pkt_type = IEEE80211_RX_MSG;
4130 skb_queue_tail(&local->skb_queue, skb);
4131 tasklet_schedule(&local->tasklet);
4132}
4133EXPORT_SYMBOL(ieee80211_rx_irqsafe);
4134
4135void ieee80211_tx_status_irqsafe(struct ieee80211_hw *hw,
4136 struct sk_buff *skb,
4137 struct ieee80211_tx_status *status)
4138{
4139 struct ieee80211_local *local = hw_to_local(hw);
4140 struct ieee80211_tx_status *saved;
4141 int tmp;
4142
4143 skb->dev = local->mdev;
4144 saved = kmalloc(sizeof(struct ieee80211_tx_status), GFP_ATOMIC);
4145 if (unlikely(!saved)) {
4146 if (net_ratelimit())
4147 printk(KERN_WARNING "%s: Not enough memory, "
4148 "dropping tx status", skb->dev->name);
4149 /* should be dev_kfree_skb_irq, but due to this function being
4150 * named _irqsafe instead of just _irq we can't be sure that
4151 * people won't call it from non-irq contexts */
4152 dev_kfree_skb_any(skb);
4153 return;
4154 }
4155 memcpy(saved, status, sizeof(struct ieee80211_tx_status));
4156 /* copy pointer to saved status into skb->cb for use by tasklet */
4157 memcpy(skb->cb, &saved, sizeof(saved));
4158
4159 skb->pkt_type = IEEE80211_TX_STATUS_MSG;
4160 skb_queue_tail(status->control.flags & IEEE80211_TXCTL_REQ_TX_STATUS ?
4161 &local->skb_queue : &local->skb_queue_unreliable, skb);
4162 tmp = skb_queue_len(&local->skb_queue) +
4163 skb_queue_len(&local->skb_queue_unreliable);
4164 while (tmp > IEEE80211_IRQSAFE_QUEUE_LIMIT &&
4165 (skb = skb_dequeue(&local->skb_queue_unreliable))) {
4166 memcpy(&saved, skb->cb, sizeof(saved));
4167 kfree(saved);
4168 dev_kfree_skb_irq(skb);
4169 tmp--;
4170 I802_DEBUG_INC(local->tx_status_drop);
4171 }
4172 tasklet_schedule(&local->tasklet);
4173}
4174EXPORT_SYMBOL(ieee80211_tx_status_irqsafe);
4175
4176static void ieee80211_tasklet_handler(unsigned long data)
4177{
4178 struct ieee80211_local *local = (struct ieee80211_local *) data;
4179 struct sk_buff *skb;
4180 struct ieee80211_rx_status rx_status;
4181 struct ieee80211_tx_status *tx_status;
4182
4183 while ((skb = skb_dequeue(&local->skb_queue)) ||
4184 (skb = skb_dequeue(&local->skb_queue_unreliable))) {
4185 switch (skb->pkt_type) {
4186 case IEEE80211_RX_MSG:
4187 /* status is in skb->cb */
4188 memcpy(&rx_status, skb->cb, sizeof(rx_status));
4189 /* Clear skb->type in order to not confuse kernel
4190 * netstack. */
4191 skb->pkt_type = 0;
4192 __ieee80211_rx(local_to_hw(local), skb, &rx_status);
4193 break;
4194 case IEEE80211_TX_STATUS_MSG:
4195 /* get pointer to saved status out of skb->cb */
4196 memcpy(&tx_status, skb->cb, sizeof(tx_status));
4197 skb->pkt_type = 0;
4198 ieee80211_tx_status(local_to_hw(local),
4199 skb, tx_status);
4200 kfree(tx_status);
4201 break;
4202 default: /* should never get here! */
4203 printk(KERN_ERR "%s: Unknown message type (%d)\n",
4204 local->mdev->name, skb->pkt_type);
4205 dev_kfree_skb(skb);
4206 break;
4207 }
4208 }
4209}
4210
4211
4212/* Remove added headers (e.g., QoS control), encryption header/MIC, etc. to
4213 * make a prepared TX frame (one that has been given to hw) to look like brand
4214 * new IEEE 802.11 frame that is ready to go through TX processing again.
4215 * Also, tx_packet_data in cb is restored from tx_control. */
4216static void ieee80211_remove_tx_extra(struct ieee80211_local *local,
4217 struct ieee80211_key *key,
4218 struct sk_buff *skb,
4219 struct ieee80211_tx_control *control)
4220{
4221 int hdrlen, iv_len, mic_len;
4222 struct ieee80211_tx_packet_data *pkt_data;
4223
4224 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb;
4225 pkt_data->ifindex = control->ifindex;
4226 pkt_data->mgmt_iface = (control->type == IEEE80211_IF_TYPE_MGMT);
4227 pkt_data->req_tx_status = !!(control->flags & IEEE80211_TXCTL_REQ_TX_STATUS);
4228 pkt_data->do_not_encrypt = !!(control->flags & IEEE80211_TXCTL_DO_NOT_ENCRYPT);
4229 pkt_data->requeue = !!(control->flags & IEEE80211_TXCTL_REQUEUE);
4230 pkt_data->queue = control->queue;
4231
4232 hdrlen = ieee80211_get_hdrlen_from_skb(skb);
4233
4234 if (!key)
4235 goto no_key;
4236
4237 switch (key->alg) {
4238 case ALG_WEP:
4239 iv_len = WEP_IV_LEN;
4240 mic_len = WEP_ICV_LEN;
4241 break;
4242 case ALG_TKIP:
4243 iv_len = TKIP_IV_LEN;
4244 mic_len = TKIP_ICV_LEN;
4245 break;
4246 case ALG_CCMP:
4247 iv_len = CCMP_HDR_LEN;
4248 mic_len = CCMP_MIC_LEN;
4249 break;
4250 default:
4251 goto no_key;
4252 }
4253
4254 if (skb->len >= mic_len && key->force_sw_encrypt)
4255 skb_trim(skb, skb->len - mic_len);
4256 if (skb->len >= iv_len && skb->len > hdrlen) {
4257 memmove(skb->data + iv_len, skb->data, hdrlen);
4258 skb_pull(skb, iv_len);
4259 }
4260
4261no_key:
4262 {
4263 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
4264 u16 fc = le16_to_cpu(hdr->frame_control);
4265 if ((fc & 0x8C) == 0x88) /* QoS Control Field */ {
4266 fc &= ~IEEE80211_STYPE_QOS_DATA;
4267 hdr->frame_control = cpu_to_le16(fc);
4268 memmove(skb->data + 2, skb->data, hdrlen - 2);
4269 skb_pull(skb, 2);
4270 }
4271 }
4272}
4273
4274
4275void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb,
4276 struct ieee80211_tx_status *status)
4277{
4278 struct sk_buff *skb2;
4279 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
4280 struct ieee80211_local *local = hw_to_local(hw);
4281 u16 frag, type;
4282 u32 msg_type;
4283
4284 if (!status) {
4285 printk(KERN_ERR
4286 "%s: ieee80211_tx_status called with NULL status\n",
4287 local->mdev->name);
4288 dev_kfree_skb(skb);
4289 return;
4290 }
4291
4292 if (status->excessive_retries) {
4293 struct sta_info *sta;
4294 sta = sta_info_get(local, hdr->addr1);
4295 if (sta) {
4296 if (sta->flags & WLAN_STA_PS) {
4297 /* The STA is in power save mode, so assume
4298 * that this TX packet failed because of that.
4299 */
4300 status->excessive_retries = 0;
4301 status->flags |= IEEE80211_TX_STATUS_TX_FILTERED;
4302 }
4303 sta_info_put(sta);
4304 }
4305 }
4306
4307 if (status->flags & IEEE80211_TX_STATUS_TX_FILTERED) {
4308 struct sta_info *sta;
4309 sta = sta_info_get(local, hdr->addr1);
4310 if (sta) {
4311 sta->tx_filtered_count++;
4312
4313 /* Clear the TX filter mask for this STA when sending
4314 * the next packet. If the STA went to power save mode,
4315 * this will happen when it is waking up for the next
4316 * time. */
4317 sta->clear_dst_mask = 1;
4318
4319 /* TODO: Is the WLAN_STA_PS flag always set here or is
4320 * the race between RX and TX status causing some
4321 * packets to be filtered out before 80211.o gets an
4322 * update for PS status? This seems to be the case, so
4323 * no changes are likely to be needed. */
4324 if (sta->flags & WLAN_STA_PS &&
4325 skb_queue_len(&sta->tx_filtered) <
4326 STA_MAX_TX_BUFFER) {
4327 ieee80211_remove_tx_extra(local, sta->key,
4328 skb,
4329 &status->control);
4330 skb_queue_tail(&sta->tx_filtered, skb);
4331 } else if (!(sta->flags & WLAN_STA_PS) &&
4332 !(status->control.flags & IEEE80211_TXCTL_REQUEUE)) {
4333 /* Software retry the packet once */
4334 status->control.flags |= IEEE80211_TXCTL_REQUEUE;
4335 ieee80211_remove_tx_extra(local, sta->key,
4336 skb,
4337 &status->control);
4338 dev_queue_xmit(skb);
4339 } else {
4340 if (net_ratelimit()) {
4341 printk(KERN_DEBUG "%s: dropped TX "
4342 "filtered frame queue_len=%d "
4343 "PS=%d @%lu\n",
4344 local->mdev->name,
4345 skb_queue_len(
4346 &sta->tx_filtered),
4347 !!(sta->flags & WLAN_STA_PS),
4348 jiffies);
4349 }
4350 dev_kfree_skb(skb);
4351 }
4352 sta_info_put(sta);
4353 return;
4354 }
4355 } else {
4356 /* FIXME: STUPID to call this with both local and local->mdev */
4357 rate_control_tx_status(local, local->mdev, skb, status);
4358 }
4359
4360 ieee80211_led_tx(local, 0);
4361
4362 /* SNMP counters
4363 * Fragments are passed to low-level drivers as separate skbs, so these
4364 * are actually fragments, not frames. Update frame counters only for
4365 * the first fragment of the frame. */
4366
4367 frag = le16_to_cpu(hdr->seq_ctrl) & IEEE80211_SCTL_FRAG;
4368 type = le16_to_cpu(hdr->frame_control) & IEEE80211_FCTL_FTYPE;
4369
4370 if (status->flags & IEEE80211_TX_STATUS_ACK) {
4371 if (frag == 0) {
4372 local->dot11TransmittedFrameCount++;
4373 if (is_multicast_ether_addr(hdr->addr1))
4374 local->dot11MulticastTransmittedFrameCount++;
4375 if (status->retry_count > 0)
4376 local->dot11RetryCount++;
4377 if (status->retry_count > 1)
4378 local->dot11MultipleRetryCount++;
4379 }
4380
4381 /* This counter shall be incremented for an acknowledged MPDU
4382 * with an individual address in the address 1 field or an MPDU
4383 * with a multicast address in the address 1 field of type Data
4384 * or Management. */
4385 if (!is_multicast_ether_addr(hdr->addr1) ||
4386 type == IEEE80211_FTYPE_DATA ||
4387 type == IEEE80211_FTYPE_MGMT)
4388 local->dot11TransmittedFragmentCount++;
4389 } else {
4390 if (frag == 0)
4391 local->dot11FailedCount++;
4392 }
4393
4394 if (!(status->control.flags & IEEE80211_TXCTL_REQ_TX_STATUS)
4395 || unlikely(!local->apdev)) {
4396 dev_kfree_skb(skb);
4397 return;
4398 }
4399
4400 msg_type = (status->flags & IEEE80211_TX_STATUS_ACK) ?
4401 ieee80211_msg_tx_callback_ack : ieee80211_msg_tx_callback_fail;
4402
4403 /* skb was the original skb used for TX. Clone it and give the clone
4404 * to netif_rx(). Free original skb. */
4405 skb2 = skb_copy(skb, GFP_ATOMIC);
4406 if (!skb2) {
4407 dev_kfree_skb(skb);
4408 return;
4409 }
4410 dev_kfree_skb(skb);
4411 skb = skb2;
4412
4413 /* Send frame to hostapd */
4414 ieee80211_rx_mgmt(local, skb, NULL, msg_type);
4415}
4416EXPORT_SYMBOL(ieee80211_tx_status);
4417
4418/* TODO: implement register/unregister functions for adding TX/RX handlers
4419 * into ordered list */
4420
4421/* rx_pre handlers don't have dev and sdata fields available in
4422 * ieee80211_txrx_data */
4423static ieee80211_rx_handler ieee80211_rx_pre_handlers[] =
4424{
4425 ieee80211_rx_h_parse_qos,
4426 ieee80211_rx_h_load_stats,
4427 NULL
4428};
4429
4430static ieee80211_rx_handler ieee80211_rx_handlers[] =
4431{
4432 ieee80211_rx_h_if_stats,
4433 ieee80211_rx_h_monitor,
4434 ieee80211_rx_h_passive_scan,
4435 ieee80211_rx_h_check,
4436 ieee80211_rx_h_sta_process,
4437 ieee80211_rx_h_ccmp_decrypt,
4438 ieee80211_rx_h_tkip_decrypt,
4439 ieee80211_rx_h_wep_weak_iv_detection,
4440 ieee80211_rx_h_wep_decrypt,
4441 ieee80211_rx_h_defragment,
4442 ieee80211_rx_h_ps_poll,
4443 ieee80211_rx_h_michael_mic_verify,
4444 /* this must be after decryption - so header is counted in MPDU mic
4445 * must be before pae and data, so QOS_DATA format frames
4446 * are not passed to user space by these functions
4447 */
4448 ieee80211_rx_h_remove_qos_control,
4449 ieee80211_rx_h_802_1x_pae,
4450 ieee80211_rx_h_drop_unencrypted,
4451 ieee80211_rx_h_data,
4452 ieee80211_rx_h_mgmt,
4453 NULL
4454};
4455
4456static ieee80211_tx_handler ieee80211_tx_handlers[] =
4457{
4458 ieee80211_tx_h_check_assoc,
4459 ieee80211_tx_h_sequence,
4460 ieee80211_tx_h_ps_buf,
4461 ieee80211_tx_h_select_key,
4462 ieee80211_tx_h_michael_mic_add,
4463 ieee80211_tx_h_fragment,
4464 ieee80211_tx_h_tkip_encrypt,
4465 ieee80211_tx_h_ccmp_encrypt,
4466 ieee80211_tx_h_wep_encrypt,
4467 ieee80211_tx_h_rate_ctrl,
4468 ieee80211_tx_h_misc,
4469 ieee80211_tx_h_load_stats,
4470 NULL
4471};
4472
4473
4474int ieee80211_if_update_wds(struct net_device *dev, u8 *remote_addr)
4475{
4476 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
4477 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
4478 struct sta_info *sta;
4479
4480 if (compare_ether_addr(remote_addr, sdata->u.wds.remote_addr) == 0)
4481 return 0;
4482
4483 /* Create STA entry for the new peer */
4484 sta = sta_info_add(local, dev, remote_addr, GFP_KERNEL);
4485 if (!sta)
4486 return -ENOMEM;
4487 sta_info_put(sta);
4488
4489 /* Remove STA entry for the old peer */
4490 sta = sta_info_get(local, sdata->u.wds.remote_addr);
4491 if (sta) {
4492 sta_info_put(sta);
4493 sta_info_free(sta, 0);
4494 } else {
4495 printk(KERN_DEBUG "%s: could not find STA entry for WDS link "
4496 "peer " MAC_FMT "\n",
4497 dev->name, MAC_ARG(sdata->u.wds.remote_addr));
4498 }
4499
4500 /* Update WDS link data */
4501 memcpy(&sdata->u.wds.remote_addr, remote_addr, ETH_ALEN);
4502
4503 return 0;
4504}
4505
4506/* Must not be called for mdev and apdev */
4507void ieee80211_if_setup(struct net_device *dev)
4508{
4509 ether_setup(dev);
4510 dev->hard_start_xmit = ieee80211_subif_start_xmit;
4511 dev->wireless_handlers = &ieee80211_iw_handler_def;
4512 dev->set_multicast_list = ieee80211_set_multicast_list;
4513 dev->change_mtu = ieee80211_change_mtu;
4514 dev->get_stats = ieee80211_get_stats;
4515 dev->open = ieee80211_open;
4516 dev->stop = ieee80211_stop;
4517 dev->uninit = ieee80211_if_reinit;
4518 dev->destructor = ieee80211_if_free;
4519}
4520
4521void ieee80211_if_mgmt_setup(struct net_device *dev)
4522{
4523 ether_setup(dev);
4524 dev->hard_start_xmit = ieee80211_mgmt_start_xmit;
4525 dev->change_mtu = ieee80211_change_mtu_apdev;
4526 dev->get_stats = ieee80211_get_stats;
4527 dev->open = ieee80211_mgmt_open;
4528 dev->stop = ieee80211_mgmt_stop;
4529 dev->type = ARPHRD_IEEE80211_PRISM;
4530 dev->hard_header_parse = header_parse_80211;
4531 dev->uninit = ieee80211_if_reinit;
4532 dev->destructor = ieee80211_if_free;
4533}
4534
4535int ieee80211_init_rate_ctrl_alg(struct ieee80211_local *local,
4536 const char *name)
4537{
4538 struct rate_control_ref *ref, *old;
4539
4540 ASSERT_RTNL();
4541 if (local->open_count || netif_running(local->mdev) ||
4542 (local->apdev && netif_running(local->apdev)))
4543 return -EBUSY;
4544
4545 ref = rate_control_alloc(name, local);
4546 if (!ref) {
4547 printk(KERN_WARNING "%s: Failed to select rate control "
4548 "algorithm\n", local->mdev->name);
4549 return -ENOENT;
4550 }
4551
4552 old = local->rate_ctrl;
4553 local->rate_ctrl = ref;
4554 if (old) {
4555 rate_control_put(old);
4556 sta_info_flush(local, NULL);
4557 }
4558
4559 printk(KERN_DEBUG "%s: Selected rate control "
4560 "algorithm '%s'\n", local->mdev->name,
4561 ref->ops->name);
4562
4563
4564 return 0;
4565}
4566
4567static void rate_control_deinitialize(struct ieee80211_local *local)
4568{
4569 struct rate_control_ref *ref;
4570
4571 ref = local->rate_ctrl;
4572 local->rate_ctrl = NULL;
4573 rate_control_put(ref);
4574}
4575
4576struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
4577 const struct ieee80211_ops *ops)
4578{
4579 struct net_device *mdev;
4580 struct ieee80211_local *local;
4581 struct ieee80211_sub_if_data *sdata;
4582 int priv_size;
4583 struct wiphy *wiphy;
4584
4585 /* Ensure 32-byte alignment of our private data and hw private data.
4586 * We use the wiphy priv data for both our ieee80211_local and for
4587 * the driver's private data
4588 *
4589 * In memory it'll be like this:
4590 *
4591 * +-------------------------+
4592 * | struct wiphy |
4593 * +-------------------------+
4594 * | struct ieee80211_local |
4595 * +-------------------------+
4596 * | driver's private data |
4597 * +-------------------------+
4598 *
4599 */
4600 priv_size = ((sizeof(struct ieee80211_local) +
4601 NETDEV_ALIGN_CONST) & ~NETDEV_ALIGN_CONST) +
4602 priv_data_len;
4603
4604 wiphy = wiphy_new(&mac80211_config_ops, priv_size);
4605
4606 if (!wiphy)
4607 return NULL;
4608
4609 wiphy->privid = mac80211_wiphy_privid;
4610
4611 local = wiphy_priv(wiphy);
4612 local->hw.wiphy = wiphy;
4613
4614 local->hw.priv = (char *)local +
4615 ((sizeof(struct ieee80211_local) +
4616 NETDEV_ALIGN_CONST) & ~NETDEV_ALIGN_CONST);
4617
4618 local->ops = ops;
4619
4620 /* for now, mdev needs sub_if_data :/ */
4621 mdev = alloc_netdev(sizeof(struct ieee80211_sub_if_data),
4622 "wmaster%d", ether_setup);
4623 if (!mdev) {
4624 wiphy_free(wiphy);
4625 return NULL;
4626 }
4627
4628 sdata = IEEE80211_DEV_TO_SUB_IF(mdev);
4629 mdev->ieee80211_ptr = &sdata->wdev;
4630 sdata->wdev.wiphy = wiphy;
4631
4632 local->hw.queues = 1; /* default */
4633
4634 local->mdev = mdev;
4635 local->rx_pre_handlers = ieee80211_rx_pre_handlers;
4636 local->rx_handlers = ieee80211_rx_handlers;
4637 local->tx_handlers = ieee80211_tx_handlers;
4638
4639 local->bridge_packets = 1;
4640
4641 local->rts_threshold = IEEE80211_MAX_RTS_THRESHOLD;
4642 local->fragmentation_threshold = IEEE80211_MAX_FRAG_THRESHOLD;
4643 local->short_retry_limit = 7;
4644 local->long_retry_limit = 4;
4645 local->hw.conf.radio_enabled = 1;
4646 local->rate_ctrl_num_up = RATE_CONTROL_NUM_UP;
4647 local->rate_ctrl_num_down = RATE_CONTROL_NUM_DOWN;
4648
4649 local->enabled_modes = (unsigned int) -1;
4650
4651 INIT_LIST_HEAD(&local->modes_list);
4652
4653 rwlock_init(&local->sub_if_lock);
4654 INIT_LIST_HEAD(&local->sub_if_list);
4655
4656 INIT_DELAYED_WORK(&local->scan_work, ieee80211_sta_scan_work);
4657 init_timer(&local->stat_timer);
4658 local->stat_timer.function = ieee80211_stat_refresh;
4659 local->stat_timer.data = (unsigned long) local;
4660 ieee80211_rx_bss_list_init(mdev);
4661
4662 sta_info_init(local);
4663
4664 mdev->hard_start_xmit = ieee80211_master_start_xmit;
4665 mdev->open = ieee80211_master_open;
4666 mdev->stop = ieee80211_master_stop;
4667 mdev->type = ARPHRD_IEEE80211;
4668 mdev->hard_header_parse = header_parse_80211;
4669
4670 sdata->type = IEEE80211_IF_TYPE_AP;
4671 sdata->dev = mdev;
4672 sdata->local = local;
4673 sdata->u.ap.force_unicast_rateidx = -1;
4674 sdata->u.ap.max_ratectrl_rateidx = -1;
4675 ieee80211_if_sdata_init(sdata);
4676 list_add_tail(&sdata->list, &local->sub_if_list);
4677
4678 tasklet_init(&local->tx_pending_tasklet, ieee80211_tx_pending,
4679 (unsigned long)local);
4680 tasklet_disable(&local->tx_pending_tasklet);
4681
4682 tasklet_init(&local->tasklet,
4683 ieee80211_tasklet_handler,
4684 (unsigned long) local);
4685 tasklet_disable(&local->tasklet);
4686
4687 skb_queue_head_init(&local->skb_queue);
4688 skb_queue_head_init(&local->skb_queue_unreliable);
4689
4690 return local_to_hw(local);
4691}
4692EXPORT_SYMBOL(ieee80211_alloc_hw);
4693
4694int ieee80211_register_hw(struct ieee80211_hw *hw)
4695{
4696 struct ieee80211_local *local = hw_to_local(hw);
4697 const char *name;
4698 int result;
4699
4700 result = wiphy_register(local->hw.wiphy);
4701 if (result < 0)
4702 return result;
4703
4704 name = wiphy_dev(local->hw.wiphy)->driver->name;
4705 local->hw.workqueue = create_singlethread_workqueue(name);
4706 if (!local->hw.workqueue) {
4707 result = -ENOMEM;
4708 goto fail_workqueue;
4709 }
4710
4711 debugfs_hw_add(local);
4712
4713 local->hw.conf.beacon_int = 1000;
4714
4715 local->wstats_flags |= local->hw.max_rssi ?
4716 IW_QUAL_LEVEL_UPDATED : IW_QUAL_LEVEL_INVALID;
4717 local->wstats_flags |= local->hw.max_signal ?
4718 IW_QUAL_QUAL_UPDATED : IW_QUAL_QUAL_INVALID;
4719 local->wstats_flags |= local->hw.max_noise ?
4720 IW_QUAL_NOISE_UPDATED : IW_QUAL_NOISE_INVALID;
4721 if (local->hw.max_rssi < 0 || local->hw.max_noise < 0)
4722 local->wstats_flags |= IW_QUAL_DBM;
4723
4724 result = sta_info_start(local);
4725 if (result < 0)
4726 goto fail_sta_info;
4727
4728 rtnl_lock();
4729 result = dev_alloc_name(local->mdev, local->mdev->name);
4730 if (result < 0)
4731 goto fail_dev;
4732
4733 memcpy(local->mdev->dev_addr, local->hw.wiphy->perm_addr, ETH_ALEN);
4734 SET_NETDEV_DEV(local->mdev, wiphy_dev(local->hw.wiphy));
4735
4736 result = register_netdevice(local->mdev);
4737 if (result < 0)
4738 goto fail_dev;
4739
4740 ieee80211_debugfs_add_netdev(IEEE80211_DEV_TO_SUB_IF(local->mdev));
4741
4742 result = ieee80211_init_rate_ctrl_alg(local, NULL);
4743 if (result < 0) {
4744 printk(KERN_DEBUG "%s: Failed to initialize rate control "
4745 "algorithm\n", local->mdev->name);
4746 goto fail_rate;
4747 }
4748
4749 result = ieee80211_wep_init(local);
4750
4751 if (result < 0) {
4752 printk(KERN_DEBUG "%s: Failed to initialize wep\n",
4753 local->mdev->name);
4754 goto fail_wep;
4755 }
4756
4757 ieee80211_install_qdisc(local->mdev);
4758
4759 /* add one default STA interface */
4760 result = ieee80211_if_add(local->mdev, "wlan%d", NULL,
4761 IEEE80211_IF_TYPE_STA);
4762 if (result)
4763 printk(KERN_WARNING "%s: Failed to add default virtual iface\n",
4764 local->mdev->name);
4765
4766 local->reg_state = IEEE80211_DEV_REGISTERED;
4767 rtnl_unlock();
4768
4769 ieee80211_led_init(local);
4770
4771 return 0;
4772
4773fail_wep:
4774 rate_control_deinitialize(local);
4775fail_rate:
4776 ieee80211_debugfs_remove_netdev(IEEE80211_DEV_TO_SUB_IF(local->mdev));
4777 unregister_netdevice(local->mdev);
4778fail_dev:
4779 rtnl_unlock();
4780 sta_info_stop(local);
4781fail_sta_info:
4782 debugfs_hw_del(local);
4783 destroy_workqueue(local->hw.workqueue);
4784fail_workqueue:
4785 wiphy_unregister(local->hw.wiphy);
4786 return result;
4787}
4788EXPORT_SYMBOL(ieee80211_register_hw);
4789
4790int ieee80211_register_hwmode(struct ieee80211_hw *hw,
4791 struct ieee80211_hw_mode *mode)
4792{
4793 struct ieee80211_local *local = hw_to_local(hw);
4794 struct ieee80211_rate *rate;
4795 int i;
4796
4797 INIT_LIST_HEAD(&mode->list);
4798 list_add_tail(&mode->list, &local->modes_list);
4799
4800 local->hw_modes |= (1 << mode->mode);
4801 for (i = 0; i < mode->num_rates; i++) {
4802 rate = &(mode->rates[i]);
4803 rate->rate_inv = CHAN_UTIL_RATE_LCM / rate->rate;
4804 }
4805 ieee80211_prepare_rates(local, mode);
4806
4807 if (!local->oper_hw_mode) {
4808 /* Default to this mode */
4809 local->hw.conf.phymode = mode->mode;
4810 local->oper_hw_mode = local->scan_hw_mode = mode;
4811 local->oper_channel = local->scan_channel = &mode->channels[0];
4812 local->hw.conf.mode = local->oper_hw_mode;
4813 local->hw.conf.chan = local->oper_channel;
4814 }
4815
4816 if (!(hw->flags & IEEE80211_HW_DEFAULT_REG_DOMAIN_CONFIGURED))
4817 ieee80211_init_client(local->mdev);
4818
4819 return 0;
4820}
4821EXPORT_SYMBOL(ieee80211_register_hwmode);
4822
4823void ieee80211_unregister_hw(struct ieee80211_hw *hw)
4824{
4825 struct ieee80211_local *local = hw_to_local(hw);
4826 struct ieee80211_sub_if_data *sdata, *tmp;
4827 struct list_head tmp_list;
4828 int i;
4829
4830 tasklet_kill(&local->tx_pending_tasklet);
4831 tasklet_kill(&local->tasklet);
4832
4833 rtnl_lock();
4834
4835 BUG_ON(local->reg_state != IEEE80211_DEV_REGISTERED);
4836
4837 local->reg_state = IEEE80211_DEV_UNREGISTERED;
4838 if (local->apdev)
4839 ieee80211_if_del_mgmt(local);
4840
4841 write_lock_bh(&local->sub_if_lock);
4842 list_replace_init(&local->sub_if_list, &tmp_list);
4843 write_unlock_bh(&local->sub_if_lock);
4844
4845 list_for_each_entry_safe(sdata, tmp, &tmp_list, list)
4846 __ieee80211_if_del(local, sdata);
4847
4848 rtnl_unlock();
4849
4850 if (local->stat_time)
4851 del_timer_sync(&local->stat_timer);
4852
4853 ieee80211_rx_bss_list_deinit(local->mdev);
4854 ieee80211_clear_tx_pending(local);
4855 sta_info_stop(local);
4856 rate_control_deinitialize(local);
4857 debugfs_hw_del(local);
4858
4859 for (i = 0; i < NUM_IEEE80211_MODES; i++) {
4860 kfree(local->supp_rates[i]);
4861 kfree(local->basic_rates[i]);
4862 }
4863
4864 if (skb_queue_len(&local->skb_queue)
4865 || skb_queue_len(&local->skb_queue_unreliable))
4866 printk(KERN_WARNING "%s: skb_queue not empty\n",
4867 local->mdev->name);
4868 skb_queue_purge(&local->skb_queue);
4869 skb_queue_purge(&local->skb_queue_unreliable);
4870
4871 destroy_workqueue(local->hw.workqueue);
4872 wiphy_unregister(local->hw.wiphy);
4873 ieee80211_wep_free(local);
4874 ieee80211_led_exit(local);
4875}
4876EXPORT_SYMBOL(ieee80211_unregister_hw);
4877
4878void ieee80211_free_hw(struct ieee80211_hw *hw)
4879{
4880 struct ieee80211_local *local = hw_to_local(hw);
4881
4882 ieee80211_if_free(local->mdev);
4883 wiphy_free(local->hw.wiphy);
4884}
4885EXPORT_SYMBOL(ieee80211_free_hw);
4886
4887void ieee80211_wake_queue(struct ieee80211_hw *hw, int queue)
4888{
4889 struct ieee80211_local *local = hw_to_local(hw);
4890
4891 if (test_and_clear_bit(IEEE80211_LINK_STATE_XOFF,
4892 &local->state[queue])) {
4893 if (test_bit(IEEE80211_LINK_STATE_PENDING,
4894 &local->state[queue]))
4895 tasklet_schedule(&local->tx_pending_tasklet);
4896 else
4897 if (!ieee80211_qdisc_installed(local->mdev)) {
4898 if (queue == 0)
4899 netif_wake_queue(local->mdev);
4900 } else
4901 __netif_schedule(local->mdev);
4902 }
4903}
4904EXPORT_SYMBOL(ieee80211_wake_queue);
4905
4906void ieee80211_stop_queue(struct ieee80211_hw *hw, int queue)
4907{
4908 struct ieee80211_local *local = hw_to_local(hw);
4909
4910 if (!ieee80211_qdisc_installed(local->mdev) && queue == 0)
4911 netif_stop_queue(local->mdev);
4912 set_bit(IEEE80211_LINK_STATE_XOFF, &local->state[queue]);
4913}
4914EXPORT_SYMBOL(ieee80211_stop_queue);
4915
4916void ieee80211_start_queues(struct ieee80211_hw *hw)
4917{
4918 struct ieee80211_local *local = hw_to_local(hw);
4919 int i;
4920
4921 for (i = 0; i < local->hw.queues; i++)
4922 clear_bit(IEEE80211_LINK_STATE_XOFF, &local->state[i]);
4923 if (!ieee80211_qdisc_installed(local->mdev))
4924 netif_start_queue(local->mdev);
4925}
4926EXPORT_SYMBOL(ieee80211_start_queues);
4927
4928void ieee80211_stop_queues(struct ieee80211_hw *hw)
4929{
4930 int i;
4931
4932 for (i = 0; i < hw->queues; i++)
4933 ieee80211_stop_queue(hw, i);
4934}
4935EXPORT_SYMBOL(ieee80211_stop_queues);
4936
4937void ieee80211_wake_queues(struct ieee80211_hw *hw)
4938{
4939 int i;
4940
4941 for (i = 0; i < hw->queues; i++)
4942 ieee80211_wake_queue(hw, i);
4943}
4944EXPORT_SYMBOL(ieee80211_wake_queues);
4945
4946struct net_device_stats *ieee80211_dev_stats(struct net_device *dev)
4947{
4948 struct ieee80211_sub_if_data *sdata;
4949 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
4950 return &sdata->stats;
4951}
4952
4953static int __init ieee80211_init(void)
4954{
4955 struct sk_buff *skb;
4956 int ret;
4957
4958 BUILD_BUG_ON(sizeof(struct ieee80211_tx_packet_data) > sizeof(skb->cb));
4959
4960 ret = ieee80211_wme_register();
4961 if (ret) {
4962 printk(KERN_DEBUG "ieee80211_init: failed to "
4963 "initialize WME (err=%d)\n", ret);
4964 return ret;
4965 }
4966
4967 ieee80211_debugfs_netdev_init();
4968
4969 return 0;
4970}
4971
4972
4973static void __exit ieee80211_exit(void)
4974{
4975 ieee80211_wme_unregister();
4976 ieee80211_debugfs_netdev_exit();
4977}
4978
4979
4980module_init(ieee80211_init);
4981module_exit(ieee80211_exit);
4982
4983MODULE_DESCRIPTION("IEEE 802.11 subsystem");
4984MODULE_LICENSE("GPL");
diff --git a/net/mac80211/ieee80211_cfg.c b/net/mac80211/ieee80211_cfg.c
new file mode 100644
index 000000000000..509096edb324
--- /dev/null
+++ b/net/mac80211/ieee80211_cfg.c
@@ -0,0 +1,66 @@
1/*
2 * mac80211 configuration hooks for cfg80211
3 *
4 * Copyright 2006 Johannes Berg <johannes@sipsolutions.net>
5 *
6 * This file is GPLv2 as found in COPYING.
7 */
8
9#include <linux/nl80211.h>
10#include <linux/rtnetlink.h>
11#include <net/cfg80211.h>
12#include "ieee80211_i.h"
13#include "ieee80211_cfg.h"
14
15static int ieee80211_add_iface(struct wiphy *wiphy, char *name,
16 unsigned int type)
17{
18 struct ieee80211_local *local = wiphy_priv(wiphy);
19 int itype;
20
21 if (unlikely(local->reg_state != IEEE80211_DEV_REGISTERED))
22 return -ENODEV;
23
24 switch (type) {
25 case NL80211_IFTYPE_UNSPECIFIED:
26 itype = IEEE80211_IF_TYPE_STA;
27 break;
28 case NL80211_IFTYPE_ADHOC:
29 itype = IEEE80211_IF_TYPE_IBSS;
30 break;
31 case NL80211_IFTYPE_STATION:
32 itype = IEEE80211_IF_TYPE_STA;
33 break;
34 case NL80211_IFTYPE_MONITOR:
35 itype = IEEE80211_IF_TYPE_MNTR;
36 break;
37 default:
38 return -EINVAL;
39 }
40
41 return ieee80211_if_add(local->mdev, name, NULL, itype);
42}
43
44static int ieee80211_del_iface(struct wiphy *wiphy, int ifindex)
45{
46 struct ieee80211_local *local = wiphy_priv(wiphy);
47 struct net_device *dev;
48 char *name;
49
50 if (unlikely(local->reg_state != IEEE80211_DEV_REGISTERED))
51 return -ENODEV;
52
53 dev = dev_get_by_index(ifindex);
54 if (!dev)
55 return 0;
56
57 name = dev->name;
58 dev_put(dev);
59
60 return ieee80211_if_remove(local->mdev, name, -1);
61}
62
63struct cfg80211_ops mac80211_config_ops = {
64 .add_virtual_intf = ieee80211_add_iface,
65 .del_virtual_intf = ieee80211_del_iface,
66};
diff --git a/net/mac80211/ieee80211_cfg.h b/net/mac80211/ieee80211_cfg.h
new file mode 100644
index 000000000000..85ed2c924878
--- /dev/null
+++ b/net/mac80211/ieee80211_cfg.h
@@ -0,0 +1,9 @@
1/*
2 * mac80211 configuration hooks for cfg80211
3 */
4#ifndef __IEEE80211_CFG_H
5#define __IEEE80211_CFG_H
6
7extern struct cfg80211_ops mac80211_config_ops;
8
9#endif /* __IEEE80211_CFG_H */
diff --git a/net/mac80211/ieee80211_common.h b/net/mac80211/ieee80211_common.h
new file mode 100644
index 000000000000..b9a73e7f5f75
--- /dev/null
+++ b/net/mac80211/ieee80211_common.h
@@ -0,0 +1,98 @@
1/*
2 * IEEE 802.11 driver (80211.o) -- hostapd interface
3 * Copyright 2002-2004, Instant802 Networks, Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#ifndef IEEE80211_COMMON_H
11#define IEEE80211_COMMON_H
12
13#include <linux/types.h>
14
15/*
16 * This is common header information with user space. It is used on all
17 * frames sent to wlan#ap interface.
18 */
19
20#define IEEE80211_FI_VERSION 0x80211001
21
22struct ieee80211_frame_info {
23 __be32 version;
24 __be32 length;
25 __be64 mactime;
26 __be64 hosttime;
27 __be32 phytype;
28 __be32 channel;
29 __be32 datarate;
30 __be32 antenna;
31 __be32 priority;
32 __be32 ssi_type;
33 __be32 ssi_signal;
34 __be32 ssi_noise;
35 __be32 preamble;
36 __be32 encoding;
37
38 /* Note: this structure is otherwise identical to capture format used
39 * in linux-wlan-ng, but this additional field is used to provide meta
40 * data about the frame to hostapd. This was the easiest method for
41 * providing this information, but this might change in the future. */
42 __be32 msg_type;
43} __attribute__ ((packed));
44
45
46enum ieee80211_msg_type {
47 ieee80211_msg_normal = 0,
48 ieee80211_msg_tx_callback_ack = 1,
49 ieee80211_msg_tx_callback_fail = 2,
50 ieee80211_msg_passive_scan = 3,
51 ieee80211_msg_wep_frame_unknown_key = 4,
52 ieee80211_msg_michael_mic_failure = 5,
53 /* hole at 6, was monitor but never sent to userspace */
54 ieee80211_msg_sta_not_assoc = 7,
55 ieee80211_msg_set_aid_for_sta = 8 /* used by Intersil MVC driver */,
56 ieee80211_msg_key_threshold_notification = 9,
57 ieee80211_msg_radar = 11,
58};
59
60struct ieee80211_msg_set_aid_for_sta {
61 char sta_address[ETH_ALEN];
62 u16 aid;
63};
64
65struct ieee80211_msg_key_notification {
66 int tx_rx_count;
67 char ifname[IFNAMSIZ];
68 u8 addr[ETH_ALEN]; /* ff:ff:ff:ff:ff:ff for broadcast keys */
69};
70
71
72enum ieee80211_phytype {
73 ieee80211_phytype_fhss_dot11_97 = 1,
74 ieee80211_phytype_dsss_dot11_97 = 2,
75 ieee80211_phytype_irbaseband = 3,
76 ieee80211_phytype_dsss_dot11_b = 4,
77 ieee80211_phytype_pbcc_dot11_b = 5,
78 ieee80211_phytype_ofdm_dot11_g = 6,
79 ieee80211_phytype_pbcc_dot11_g = 7,
80 ieee80211_phytype_ofdm_dot11_a = 8,
81 ieee80211_phytype_dsss_dot11_turbog = 255,
82 ieee80211_phytype_dsss_dot11_turbo = 256,
83};
84
85enum ieee80211_ssi_type {
86 ieee80211_ssi_none = 0,
87 ieee80211_ssi_norm = 1, /* normalized, 0-1000 */
88 ieee80211_ssi_dbm = 2,
89 ieee80211_ssi_raw = 3, /* raw SSI */
90};
91
92struct ieee80211_radar_info {
93 int channel;
94 int radar;
95 int radar_type;
96};
97
98#endif /* IEEE80211_COMMON_H */
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
new file mode 100644
index 000000000000..af4d14d0b969
--- /dev/null
+++ b/net/mac80211/ieee80211_i.h
@@ -0,0 +1,798 @@
1/*
2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#ifndef IEEE80211_I_H
12#define IEEE80211_I_H
13
14#include <linux/kernel.h>
15#include <linux/device.h>
16#include <linux/if_ether.h>
17#include <linux/interrupt.h>
18#include <linux/list.h>
19#include <linux/netdevice.h>
20#include <linux/skbuff.h>
21#include <linux/workqueue.h>
22#include <linux/types.h>
23#include <linux/spinlock.h>
24#include <net/wireless.h>
25#include "ieee80211_key.h"
26#include "sta_info.h"
27
28/* ieee80211.o internal definitions, etc. These are not included into
29 * low-level drivers. */
30
31#ifndef ETH_P_PAE
32#define ETH_P_PAE 0x888E /* Port Access Entity (IEEE 802.1X) */
33#endif /* ETH_P_PAE */
34
35#define WLAN_FC_DATA_PRESENT(fc) (((fc) & 0x4c) == 0x08)
36
37struct ieee80211_local;
38
39#define BIT(x) (1 << (x))
40
41#define IEEE80211_ALIGN32_PAD(a) ((4 - ((a) & 3)) & 3)
42
43/* Maximum number of broadcast/multicast frames to buffer when some of the
44 * associated stations are using power saving. */
45#define AP_MAX_BC_BUFFER 128
46
47/* Maximum number of frames buffered to all STAs, including multicast frames.
48 * Note: increasing this limit increases the potential memory requirement. Each
49 * frame can be up to about 2 kB long. */
50#define TOTAL_MAX_TX_BUFFER 512
51
52/* Required encryption head and tailroom */
53#define IEEE80211_ENCRYPT_HEADROOM 8
54#define IEEE80211_ENCRYPT_TAILROOM 12
55
56/* IEEE 802.11 (Ch. 9.5 Defragmentation) requires support for concurrent
57 * reception of at least three fragmented frames. This limit can be increased
58 * by changing this define, at the cost of slower frame reassembly and
59 * increased memory use (about 2 kB of RAM per entry). */
60#define IEEE80211_FRAGMENT_MAX 4
61
62struct ieee80211_fragment_entry {
63 unsigned long first_frag_time;
64 unsigned int seq;
65 unsigned int rx_queue;
66 unsigned int last_frag;
67 unsigned int extra_len;
68 struct sk_buff_head skb_list;
69 int ccmp; /* Whether fragments were encrypted with CCMP */
70 u8 last_pn[6]; /* PN of the last fragment if CCMP was used */
71};
72
73
74struct ieee80211_sta_bss {
75 struct list_head list;
76 struct ieee80211_sta_bss *hnext;
77 atomic_t users;
78
79 u8 bssid[ETH_ALEN];
80 u8 ssid[IEEE80211_MAX_SSID_LEN];
81 size_t ssid_len;
82 u16 capability; /* host byte order */
83 int hw_mode;
84 int channel;
85 int freq;
86 int rssi, signal, noise;
87 u8 *wpa_ie;
88 size_t wpa_ie_len;
89 u8 *rsn_ie;
90 size_t rsn_ie_len;
91 u8 *wmm_ie;
92 size_t wmm_ie_len;
93#define IEEE80211_MAX_SUPP_RATES 32
94 u8 supp_rates[IEEE80211_MAX_SUPP_RATES];
95 size_t supp_rates_len;
96 int beacon_int;
97 u64 timestamp;
98
99 int probe_resp;
100 unsigned long last_update;
101
102};
103
104
105typedef enum {
106 TXRX_CONTINUE, TXRX_DROP, TXRX_QUEUED
107} ieee80211_txrx_result;
108
109struct ieee80211_txrx_data {
110 struct sk_buff *skb;
111 struct net_device *dev;
112 struct ieee80211_local *local;
113 struct ieee80211_sub_if_data *sdata;
114 struct sta_info *sta;
115 u16 fc, ethertype;
116 struct ieee80211_key *key;
117 unsigned int fragmented:1; /* whether the MSDU was fragmented */
118 union {
119 struct {
120 struct ieee80211_tx_control *control;
121 unsigned int unicast:1;
122 unsigned int ps_buffered:1;
123 unsigned int short_preamble:1;
124 unsigned int probe_last_frag:1;
125 struct ieee80211_hw_mode *mode;
126 struct ieee80211_rate *rate;
127 /* use this rate (if set) for last fragment; rate can
128 * be set to lower rate for the first fragments, e.g.,
129 * when using CTS protection with IEEE 802.11g. */
130 struct ieee80211_rate *last_frag_rate;
131 int last_frag_hwrate;
132 int mgmt_interface;
133
134 /* Extra fragments (in addition to the first fragment
135 * in skb) */
136 int num_extra_frag;
137 struct sk_buff **extra_frag;
138 } tx;
139 struct {
140 struct ieee80211_rx_status *status;
141 int sent_ps_buffered;
142 int queue;
143 int load;
144 unsigned int in_scan:1;
145 /* frame is destined to interface currently processed
146 * (including multicast frames) */
147 unsigned int ra_match:1;
148 } rx;
149 } u;
150};
151
152/* Stored in sk_buff->cb */
153struct ieee80211_tx_packet_data {
154 int ifindex;
155 unsigned long jiffies;
156 unsigned int req_tx_status:1;
157 unsigned int do_not_encrypt:1;
158 unsigned int requeue:1;
159 unsigned int mgmt_iface:1;
160 unsigned int queue:4;
161};
162
163struct ieee80211_tx_stored_packet {
164 struct ieee80211_tx_control control;
165 struct sk_buff *skb;
166 int num_extra_frag;
167 struct sk_buff **extra_frag;
168 int last_frag_rateidx;
169 int last_frag_hwrate;
170 struct ieee80211_rate *last_frag_rate;
171 unsigned int last_frag_rate_ctrl_probe:1;
172};
173
174typedef ieee80211_txrx_result (*ieee80211_tx_handler)
175(struct ieee80211_txrx_data *tx);
176
177typedef ieee80211_txrx_result (*ieee80211_rx_handler)
178(struct ieee80211_txrx_data *rx);
179
180struct ieee80211_if_ap {
181 u8 *beacon_head, *beacon_tail;
182 int beacon_head_len, beacon_tail_len;
183
184 u8 ssid[IEEE80211_MAX_SSID_LEN];
185 size_t ssid_len;
186 u8 *generic_elem;
187 size_t generic_elem_len;
188
189 /* yes, this looks ugly, but guarantees that we can later use
190 * bitmap_empty :)
191 * NB: don't ever use set_bit, use bss_tim_set/bss_tim_clear! */
192 u8 tim[sizeof(unsigned long) * BITS_TO_LONGS(IEEE80211_MAX_AID + 1)];
193 atomic_t num_sta_ps; /* number of stations in PS mode */
194 struct sk_buff_head ps_bc_buf;
195 int dtim_period, dtim_count;
196 int force_unicast_rateidx; /* forced TX rateidx for unicast frames */
197 int max_ratectrl_rateidx; /* max TX rateidx for rate control */
198 int num_beacons; /* number of TXed beacon frames for this BSS */
199};
200
201struct ieee80211_if_wds {
202 u8 remote_addr[ETH_ALEN];
203 struct sta_info *sta;
204};
205
206struct ieee80211_if_vlan {
207 u8 id;
208};
209
210struct ieee80211_if_sta {
211 enum {
212 IEEE80211_DISABLED, IEEE80211_AUTHENTICATE,
213 IEEE80211_ASSOCIATE, IEEE80211_ASSOCIATED,
214 IEEE80211_IBSS_SEARCH, IEEE80211_IBSS_JOINED
215 } state;
216 struct timer_list timer;
217 struct work_struct work;
218 u8 bssid[ETH_ALEN], prev_bssid[ETH_ALEN];
219 u8 ssid[IEEE80211_MAX_SSID_LEN];
220 size_t ssid_len;
221 u16 aid;
222 u16 ap_capab, capab;
223 u8 *extra_ie; /* to be added to the end of AssocReq */
224 size_t extra_ie_len;
225
226 /* The last AssocReq/Resp IEs */
227 u8 *assocreq_ies, *assocresp_ies;
228 size_t assocreq_ies_len, assocresp_ies_len;
229
230 int auth_tries, assoc_tries;
231
232 unsigned int ssid_set:1;
233 unsigned int bssid_set:1;
234 unsigned int prev_bssid_set:1;
235 unsigned int authenticated:1;
236 unsigned int associated:1;
237 unsigned int probereq_poll:1;
238 unsigned int use_protection:1;
239 unsigned int create_ibss:1;
240 unsigned int mixed_cell:1;
241 unsigned int wmm_enabled:1;
242 unsigned int auto_ssid_sel:1;
243 unsigned int auto_bssid_sel:1;
244 unsigned int auto_channel_sel:1;
245#define IEEE80211_STA_REQ_SCAN 0
246#define IEEE80211_STA_REQ_AUTH 1
247#define IEEE80211_STA_REQ_RUN 2
248 unsigned long request;
249 struct sk_buff_head skb_queue;
250
251 int key_mgmt;
252 unsigned long last_probe;
253
254#define IEEE80211_AUTH_ALG_OPEN BIT(0)
255#define IEEE80211_AUTH_ALG_SHARED_KEY BIT(1)
256#define IEEE80211_AUTH_ALG_LEAP BIT(2)
257 unsigned int auth_algs; /* bitfield of allowed auth algs */
258 int auth_alg; /* currently used IEEE 802.11 authentication algorithm */
259 int auth_transaction;
260
261 unsigned long ibss_join_req;
262 struct sk_buff *probe_resp; /* ProbeResp template for IBSS */
263 u32 supp_rates_bits;
264
265 int wmm_last_param_set;
266};
267
268
269struct ieee80211_sub_if_data {
270 struct list_head list;
271 unsigned int type;
272
273 struct wireless_dev wdev;
274
275 struct net_device *dev;
276 struct ieee80211_local *local;
277
278 int mc_count;
279 unsigned int allmulti:1;
280 unsigned int promisc:1;
281
282 struct net_device_stats stats;
283 int drop_unencrypted;
284 int eapol; /* 0 = process EAPOL frames as normal data frames,
285 * 1 = send EAPOL frames through wlan#ap to hostapd
286 * (default) */
287 int ieee802_1x; /* IEEE 802.1X PAE - drop packet to/from unauthorized
288 * port */
289
290 u16 sequence;
291
292 /* Fragment table for host-based reassembly */
293 struct ieee80211_fragment_entry fragments[IEEE80211_FRAGMENT_MAX];
294 unsigned int fragment_next;
295
296#define NUM_DEFAULT_KEYS 4
297 struct ieee80211_key *keys[NUM_DEFAULT_KEYS];
298 struct ieee80211_key *default_key;
299
300 struct ieee80211_if_ap *bss; /* BSS that this device belongs to */
301
302 union {
303 struct ieee80211_if_ap ap;
304 struct ieee80211_if_wds wds;
305 struct ieee80211_if_vlan vlan;
306 struct ieee80211_if_sta sta;
307 } u;
308 int channel_use;
309 int channel_use_raw;
310
311#ifdef CONFIG_MAC80211_DEBUGFS
312 struct dentry *debugfsdir;
313 union {
314 struct {
315 struct dentry *channel_use;
316 struct dentry *drop_unencrypted;
317 struct dentry *eapol;
318 struct dentry *ieee8021_x;
319 struct dentry *state;
320 struct dentry *bssid;
321 struct dentry *prev_bssid;
322 struct dentry *ssid_len;
323 struct dentry *aid;
324 struct dentry *ap_capab;
325 struct dentry *capab;
326 struct dentry *extra_ie_len;
327 struct dentry *auth_tries;
328 struct dentry *assoc_tries;
329 struct dentry *auth_algs;
330 struct dentry *auth_alg;
331 struct dentry *auth_transaction;
332 struct dentry *flags;
333 } sta;
334 struct {
335 struct dentry *channel_use;
336 struct dentry *drop_unencrypted;
337 struct dentry *eapol;
338 struct dentry *ieee8021_x;
339 struct dentry *num_sta_ps;
340 struct dentry *dtim_period;
341 struct dentry *dtim_count;
342 struct dentry *num_beacons;
343 struct dentry *force_unicast_rateidx;
344 struct dentry *max_ratectrl_rateidx;
345 struct dentry *num_buffered_multicast;
346 struct dentry *beacon_head_len;
347 struct dentry *beacon_tail_len;
348 } ap;
349 struct {
350 struct dentry *channel_use;
351 struct dentry *drop_unencrypted;
352 struct dentry *eapol;
353 struct dentry *ieee8021_x;
354 struct dentry *peer;
355 } wds;
356 struct {
357 struct dentry *channel_use;
358 struct dentry *drop_unencrypted;
359 struct dentry *eapol;
360 struct dentry *ieee8021_x;
361 struct dentry *vlan_id;
362 } vlan;
363 struct {
364 struct dentry *mode;
365 } monitor;
366 struct dentry *default_key;
367 } debugfs;
368#endif
369};
370
371#define IEEE80211_DEV_TO_SUB_IF(dev) netdev_priv(dev)
372
373enum {
374 IEEE80211_RX_MSG = 1,
375 IEEE80211_TX_STATUS_MSG = 2,
376};
377
378struct ieee80211_local {
379 /* embed the driver visible part.
380 * don't cast (use the static inlines below), but we keep
381 * it first anyway so they become a no-op */
382 struct ieee80211_hw hw;
383
384 const struct ieee80211_ops *ops;
385
386 /* List of registered struct ieee80211_hw_mode */
387 struct list_head modes_list;
388
389 struct net_device *mdev; /* wmaster# - "master" 802.11 device */
390 struct net_device *apdev; /* wlan#ap - management frames (hostapd) */
391 int open_count;
392 int monitors;
393 struct iw_statistics wstats;
394 u8 wstats_flags;
395
396 enum {
397 IEEE80211_DEV_UNINITIALIZED = 0,
398 IEEE80211_DEV_REGISTERED,
399 IEEE80211_DEV_UNREGISTERED,
400 } reg_state;
401
402 /* Tasklet and skb queue to process calls from IRQ mode. All frames
403 * added to skb_queue will be processed, but frames in
404 * skb_queue_unreliable may be dropped if the total length of these
405 * queues increases over the limit. */
406#define IEEE80211_IRQSAFE_QUEUE_LIMIT 128
407 struct tasklet_struct tasklet;
408 struct sk_buff_head skb_queue;
409 struct sk_buff_head skb_queue_unreliable;
410
411 /* Station data structures */
412 spinlock_t sta_lock; /* mutex for STA data structures */
413 int num_sta; /* number of stations in sta_list */
414 struct list_head sta_list;
415 struct list_head deleted_sta_list;
416 struct sta_info *sta_hash[STA_HASH_SIZE];
417 struct timer_list sta_cleanup;
418
419 unsigned long state[NUM_TX_DATA_QUEUES];
420 struct ieee80211_tx_stored_packet pending_packet[NUM_TX_DATA_QUEUES];
421 struct tasklet_struct tx_pending_tasklet;
422
423 int mc_count; /* total count of multicast entries in all interfaces */
424 int iff_allmultis, iff_promiscs;
425 /* number of interfaces with corresponding IFF_ flags */
426
427 struct rate_control_ref *rate_ctrl;
428
429 int next_mode; /* MODE_IEEE80211*
430 * The mode preference for next channel change. This is
431 * used to select .11g vs. .11b channels (or 4.9 GHz vs.
432 * .11a) when the channel number is not unique. */
433
434 /* Supported and basic rate filters for different modes. These are
435 * pointers to -1 terminated lists and rates in 100 kbps units. */
436 int *supp_rates[NUM_IEEE80211_MODES];
437 int *basic_rates[NUM_IEEE80211_MODES];
438
439 int rts_threshold;
440 int cts_protect_erp_frames;
441 int fragmentation_threshold;
442 int short_retry_limit; /* dot11ShortRetryLimit */
443 int long_retry_limit; /* dot11LongRetryLimit */
444 int short_preamble; /* use short preamble with IEEE 802.11b */
445
446 struct crypto_blkcipher *wep_tx_tfm;
447 struct crypto_blkcipher *wep_rx_tfm;
448 u32 wep_iv;
449 int key_tx_rx_threshold; /* number of times any key can be used in TX
450 * or RX before generating a rekey
451 * notification; 0 = notification disabled. */
452
453 int bridge_packets; /* bridge packets between associated stations and
454 * deliver multicast frames both back to wireless
455 * media and to the local net stack */
456
457 ieee80211_rx_handler *rx_pre_handlers;
458 ieee80211_rx_handler *rx_handlers;
459 ieee80211_tx_handler *tx_handlers;
460
461 rwlock_t sub_if_lock; /* Protects sub_if_list. Cannot be taken under
462 * sta_bss_lock or sta_lock. */
463 struct list_head sub_if_list;
464 int sta_scanning;
465 int scan_channel_idx;
466 enum { SCAN_SET_CHANNEL, SCAN_SEND_PROBE } scan_state;
467 unsigned long last_scan_completed;
468 struct delayed_work scan_work;
469 struct net_device *scan_dev;
470 struct ieee80211_channel *oper_channel, *scan_channel;
471 struct ieee80211_hw_mode *oper_hw_mode, *scan_hw_mode;
472 u8 scan_ssid[IEEE80211_MAX_SSID_LEN];
473 size_t scan_ssid_len;
474 struct list_head sta_bss_list;
475 struct ieee80211_sta_bss *sta_bss_hash[STA_HASH_SIZE];
476 spinlock_t sta_bss_lock;
477#define IEEE80211_SCAN_MATCH_SSID BIT(0)
478#define IEEE80211_SCAN_WPA_ONLY BIT(1)
479#define IEEE80211_SCAN_EXTRA_INFO BIT(2)
480 int scan_flags;
481
482 /* SNMP counters */
483 /* dot11CountersTable */
484 u32 dot11TransmittedFragmentCount;
485 u32 dot11MulticastTransmittedFrameCount;
486 u32 dot11FailedCount;
487 u32 dot11RetryCount;
488 u32 dot11MultipleRetryCount;
489 u32 dot11FrameDuplicateCount;
490 u32 dot11ReceivedFragmentCount;
491 u32 dot11MulticastReceivedFrameCount;
492 u32 dot11TransmittedFrameCount;
493 u32 dot11WEPUndecryptableCount;
494
495#ifdef CONFIG_MAC80211_LEDS
496 int tx_led_counter, rx_led_counter;
497 struct led_trigger *tx_led, *rx_led;
498 char tx_led_name[32], rx_led_name[32];
499#endif
500
501 u32 channel_use;
502 u32 channel_use_raw;
503 u32 stat_time;
504 struct timer_list stat_timer;
505
506#ifdef CONFIG_MAC80211_DEBUGFS
507 struct work_struct sta_debugfs_add;
508#endif
509
510 enum {
511 STA_ANTENNA_SEL_AUTO = 0,
512 STA_ANTENNA_SEL_SW_CTRL = 1,
513 STA_ANTENNA_SEL_SW_CTRL_DEBUG = 2
514 } sta_antenna_sel;
515
516 int rate_ctrl_num_up, rate_ctrl_num_down;
517
518#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
519 /* TX/RX handler statistics */
520 unsigned int tx_handlers_drop;
521 unsigned int tx_handlers_queued;
522 unsigned int tx_handlers_drop_unencrypted;
523 unsigned int tx_handlers_drop_fragment;
524 unsigned int tx_handlers_drop_wep;
525 unsigned int tx_handlers_drop_not_assoc;
526 unsigned int tx_handlers_drop_unauth_port;
527 unsigned int rx_handlers_drop;
528 unsigned int rx_handlers_queued;
529 unsigned int rx_handlers_drop_nullfunc;
530 unsigned int rx_handlers_drop_defrag;
531 unsigned int rx_handlers_drop_short;
532 unsigned int rx_handlers_drop_passive_scan;
533 unsigned int tx_expand_skb_head;
534 unsigned int tx_expand_skb_head_cloned;
535 unsigned int rx_expand_skb_head;
536 unsigned int rx_expand_skb_head2;
537 unsigned int rx_handlers_fragments;
538 unsigned int tx_status_drop;
539 unsigned int wme_rx_queue[NUM_RX_DATA_QUEUES];
540 unsigned int wme_tx_queue[NUM_RX_DATA_QUEUES];
541#define I802_DEBUG_INC(c) (c)++
542#else /* CONFIG_MAC80211_DEBUG_COUNTERS */
543#define I802_DEBUG_INC(c) do { } while (0)
544#endif /* CONFIG_MAC80211_DEBUG_COUNTERS */
545
546
547 int default_wep_only; /* only default WEP keys are used with this
548 * interface; this is used to decide when hwaccel
549 * can be used with default keys */
550 int total_ps_buffered; /* total number of all buffered unicast and
551 * multicast packets for power saving stations
552 */
553 int allow_broadcast_always; /* whether to allow TX of broadcast frames
554 * even when there are no associated STAs
555 */
556
557 int wifi_wme_noack_test;
558 unsigned int wmm_acm; /* bit field of ACM bits (BIT(802.1D tag)) */
559
560 unsigned int enabled_modes; /* bitfield of allowed modes;
561 * (1 << MODE_*) */
562 unsigned int hw_modes; /* bitfield of supported hardware modes;
563 * (1 << MODE_*) */
564
565 int user_space_mlme;
566
567#ifdef CONFIG_MAC80211_DEBUGFS
568 struct local_debugfsdentries {
569 struct dentry *channel;
570 struct dentry *frequency;
571 struct dentry *radar_detect;
572 struct dentry *antenna_sel_tx;
573 struct dentry *antenna_sel_rx;
574 struct dentry *bridge_packets;
575 struct dentry *key_tx_rx_threshold;
576 struct dentry *rts_threshold;
577 struct dentry *fragmentation_threshold;
578 struct dentry *short_retry_limit;
579 struct dentry *long_retry_limit;
580 struct dentry *total_ps_buffered;
581 struct dentry *mode;
582 struct dentry *wep_iv;
583 struct dentry *tx_power_reduction;
584 struct dentry *modes;
585 struct dentry *statistics;
586 struct local_debugfsdentries_statsdentries {
587 struct dentry *transmitted_fragment_count;
588 struct dentry *multicast_transmitted_frame_count;
589 struct dentry *failed_count;
590 struct dentry *retry_count;
591 struct dentry *multiple_retry_count;
592 struct dentry *frame_duplicate_count;
593 struct dentry *received_fragment_count;
594 struct dentry *multicast_received_frame_count;
595 struct dentry *transmitted_frame_count;
596 struct dentry *wep_undecryptable_count;
597 struct dentry *num_scans;
598#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
599 struct dentry *tx_handlers_drop;
600 struct dentry *tx_handlers_queued;
601 struct dentry *tx_handlers_drop_unencrypted;
602 struct dentry *tx_handlers_drop_fragment;
603 struct dentry *tx_handlers_drop_wep;
604 struct dentry *tx_handlers_drop_not_assoc;
605 struct dentry *tx_handlers_drop_unauth_port;
606 struct dentry *rx_handlers_drop;
607 struct dentry *rx_handlers_queued;
608 struct dentry *rx_handlers_drop_nullfunc;
609 struct dentry *rx_handlers_drop_defrag;
610 struct dentry *rx_handlers_drop_short;
611 struct dentry *rx_handlers_drop_passive_scan;
612 struct dentry *tx_expand_skb_head;
613 struct dentry *tx_expand_skb_head_cloned;
614 struct dentry *rx_expand_skb_head;
615 struct dentry *rx_expand_skb_head2;
616 struct dentry *rx_handlers_fragments;
617 struct dentry *tx_status_drop;
618 struct dentry *wme_tx_queue;
619 struct dentry *wme_rx_queue;
620#endif
621 struct dentry *dot11ACKFailureCount;
622 struct dentry *dot11RTSFailureCount;
623 struct dentry *dot11FCSErrorCount;
624 struct dentry *dot11RTSSuccessCount;
625 } stats;
626 struct dentry *stations;
627 struct dentry *keys;
628 } debugfs;
629#endif
630};
631
632static inline struct ieee80211_local *hw_to_local(
633 struct ieee80211_hw *hw)
634{
635 return container_of(hw, struct ieee80211_local, hw);
636}
637
638static inline struct ieee80211_hw *local_to_hw(
639 struct ieee80211_local *local)
640{
641 return &local->hw;
642}
643
644enum ieee80211_link_state_t {
645 IEEE80211_LINK_STATE_XOFF = 0,
646 IEEE80211_LINK_STATE_PENDING,
647};
648
649struct sta_attribute {
650 struct attribute attr;
651 ssize_t (*show)(const struct sta_info *, char *buf);
652 ssize_t (*store)(struct sta_info *, const char *buf, size_t count);
653};
654
655static inline void __bss_tim_set(struct ieee80211_if_ap *bss, int aid)
656{
657 /*
658 * This format has ben mandated by the IEEE specifications,
659 * so this line may not be changed to use the __set_bit() format.
660 */
661 bss->tim[(aid)/8] |= 1<<((aid) % 8);
662}
663
664static inline void bss_tim_set(struct ieee80211_local *local,
665 struct ieee80211_if_ap *bss, int aid)
666{
667 spin_lock_bh(&local->sta_lock);
668 __bss_tim_set(bss, aid);
669 spin_unlock_bh(&local->sta_lock);
670}
671
672static inline void __bss_tim_clear(struct ieee80211_if_ap *bss, int aid)
673{
674 /*
675 * This format has ben mandated by the IEEE specifications,
676 * so this line may not be changed to use the __clear_bit() format.
677 */
678 bss->tim[(aid)/8] &= !(1<<((aid) % 8));
679}
680
681static inline void bss_tim_clear(struct ieee80211_local *local,
682 struct ieee80211_if_ap *bss, int aid)
683{
684 spin_lock_bh(&local->sta_lock);
685 __bss_tim_clear(bss, aid);
686 spin_unlock_bh(&local->sta_lock);
687}
688
689/**
690 * ieee80211_is_erp_rate - Check if a rate is an ERP rate
691 * @phymode: The PHY-mode for this rate (MODE_IEEE80211...)
692 * @rate: Transmission rate to check, in 100 kbps
693 *
694 * Check if a given rate is an Extended Rate PHY (ERP) rate.
695 */
696static inline int ieee80211_is_erp_rate(int phymode, int rate)
697{
698 if (phymode == MODE_IEEE80211G) {
699 if (rate != 10 && rate != 20 &&
700 rate != 55 && rate != 110)
701 return 1;
702 }
703 return 0;
704}
705
706/* ieee80211.c */
707int ieee80211_hw_config(struct ieee80211_local *local);
708int ieee80211_if_config(struct net_device *dev);
709int ieee80211_if_config_beacon(struct net_device *dev);
710struct ieee80211_key_conf *
711ieee80211_key_data2conf(struct ieee80211_local *local,
712 const struct ieee80211_key *data);
713struct ieee80211_key *ieee80211_key_alloc(struct ieee80211_sub_if_data *sdata,
714 int idx, size_t key_len, gfp_t flags);
715void ieee80211_key_free(struct ieee80211_key *key);
716void ieee80211_rx_mgmt(struct ieee80211_local *local, struct sk_buff *skb,
717 struct ieee80211_rx_status *status, u32 msg_type);
718void ieee80211_prepare_rates(struct ieee80211_local *local,
719 struct ieee80211_hw_mode *mode);
720void ieee80211_tx_set_iswep(struct ieee80211_txrx_data *tx);
721int ieee80211_if_update_wds(struct net_device *dev, u8 *remote_addr);
722void ieee80211_if_setup(struct net_device *dev);
723void ieee80211_if_mgmt_setup(struct net_device *dev);
724int ieee80211_init_rate_ctrl_alg(struct ieee80211_local *local,
725 const char *name);
726struct net_device_stats *ieee80211_dev_stats(struct net_device *dev);
727
728/* ieee80211_ioctl.c */
729extern const struct iw_handler_def ieee80211_iw_handler_def;
730
731void ieee80211_update_default_wep_only(struct ieee80211_local *local);
732
733
734/* Least common multiple of the used rates (in 100 kbps). This is used to
735 * calculate rate_inv values for each rate so that only integers are needed. */
736#define CHAN_UTIL_RATE_LCM 95040
737/* 1 usec is 1/8 * (95040/10) = 1188 */
738#define CHAN_UTIL_PER_USEC 1188
739/* Amount of bits to shift the result right to scale the total utilization
740 * to values that will not wrap around 32-bit integers. */
741#define CHAN_UTIL_SHIFT 9
742/* Theoretical maximum of channel utilization counter in 10 ms (stat_time=1):
743 * (CHAN_UTIL_PER_USEC * 10000) >> CHAN_UTIL_SHIFT = 23203. So dividing the
744 * raw value with about 23 should give utilization in 10th of a percentage
745 * (1/1000). However, utilization is only estimated and not all intervals
746 * between frames etc. are calculated. 18 seems to give numbers that are closer
747 * to the real maximum. */
748#define CHAN_UTIL_PER_10MS 18
749#define CHAN_UTIL_HDR_LONG (202 * CHAN_UTIL_PER_USEC)
750#define CHAN_UTIL_HDR_SHORT (40 * CHAN_UTIL_PER_USEC)
751
752
753/* ieee80211_ioctl.c */
754int ieee80211_set_compression(struct ieee80211_local *local,
755 struct net_device *dev, struct sta_info *sta);
756int ieee80211_init_client(struct net_device *dev);
757int ieee80211_set_channel(struct ieee80211_local *local, int channel, int freq);
758/* ieee80211_sta.c */
759void ieee80211_sta_timer(unsigned long data);
760void ieee80211_sta_work(struct work_struct *work);
761void ieee80211_sta_scan_work(struct work_struct *work);
762void ieee80211_sta_rx_mgmt(struct net_device *dev, struct sk_buff *skb,
763 struct ieee80211_rx_status *rx_status);
764int ieee80211_sta_set_ssid(struct net_device *dev, char *ssid, size_t len);
765int ieee80211_sta_get_ssid(struct net_device *dev, char *ssid, size_t *len);
766int ieee80211_sta_set_bssid(struct net_device *dev, u8 *bssid);
767int ieee80211_sta_req_scan(struct net_device *dev, u8 *ssid, size_t ssid_len);
768void ieee80211_sta_req_auth(struct net_device *dev,
769 struct ieee80211_if_sta *ifsta);
770int ieee80211_sta_scan_results(struct net_device *dev, char *buf, size_t len);
771void ieee80211_sta_rx_scan(struct net_device *dev, struct sk_buff *skb,
772 struct ieee80211_rx_status *rx_status);
773void ieee80211_rx_bss_list_init(struct net_device *dev);
774void ieee80211_rx_bss_list_deinit(struct net_device *dev);
775int ieee80211_sta_set_extra_ie(struct net_device *dev, char *ie, size_t len);
776struct sta_info * ieee80211_ibss_add_sta(struct net_device *dev,
777 struct sk_buff *skb, u8 *bssid,
778 u8 *addr);
779int ieee80211_sta_deauthenticate(struct net_device *dev, u16 reason);
780int ieee80211_sta_disassociate(struct net_device *dev, u16 reason);
781
782/* ieee80211_iface.c */
783int ieee80211_if_add(struct net_device *dev, const char *name,
784 struct net_device **new_dev, int type);
785void ieee80211_if_set_type(struct net_device *dev, int type);
786void ieee80211_if_reinit(struct net_device *dev);
787void __ieee80211_if_del(struct ieee80211_local *local,
788 struct ieee80211_sub_if_data *sdata);
789int ieee80211_if_remove(struct net_device *dev, const char *name, int id);
790void ieee80211_if_free(struct net_device *dev);
791void ieee80211_if_sdata_init(struct ieee80211_sub_if_data *sdata);
792int ieee80211_if_add_mgmt(struct ieee80211_local *local);
793void ieee80211_if_del_mgmt(struct ieee80211_local *local);
794
795/* for wiphy privid */
796extern void *mac80211_wiphy_privid;
797
798#endif /* IEEE80211_I_H */
diff --git a/net/mac80211/ieee80211_iface.c b/net/mac80211/ieee80211_iface.c
new file mode 100644
index 000000000000..cf0f32e8c2a2
--- /dev/null
+++ b/net/mac80211/ieee80211_iface.c
@@ -0,0 +1,352 @@
1/*
2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 * Copyright (c) 2006 Jiri Benc <jbenc@suse.cz>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10#include <linux/kernel.h>
11#include <linux/if_arp.h>
12#include <linux/netdevice.h>
13#include <linux/rtnetlink.h>
14#include <net/mac80211.h>
15#include "ieee80211_i.h"
16#include "sta_info.h"
17#include "debugfs_netdev.h"
18
19void ieee80211_if_sdata_init(struct ieee80211_sub_if_data *sdata)
20{
21 int i;
22
23 /* Default values for sub-interface parameters */
24 sdata->drop_unencrypted = 0;
25 sdata->eapol = 1;
26 for (i = 0; i < IEEE80211_FRAGMENT_MAX; i++)
27 skb_queue_head_init(&sdata->fragments[i].skb_list);
28}
29
30static void ieee80211_if_sdata_deinit(struct ieee80211_sub_if_data *sdata)
31{
32 int i;
33
34 for (i = 0; i < IEEE80211_FRAGMENT_MAX; i++) {
35 __skb_queue_purge(&sdata->fragments[i].skb_list);
36 }
37}
38
39/* Must be called with rtnl lock held. */
40int ieee80211_if_add(struct net_device *dev, const char *name,
41 struct net_device **new_dev, int type)
42{
43 struct net_device *ndev;
44 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
45 struct ieee80211_sub_if_data *sdata = NULL;
46 int ret;
47
48 ASSERT_RTNL();
49 ndev = alloc_netdev(sizeof(struct ieee80211_sub_if_data),
50 name, ieee80211_if_setup);
51 if (!ndev)
52 return -ENOMEM;
53
54 ret = dev_alloc_name(ndev, ndev->name);
55 if (ret < 0)
56 goto fail;
57
58 memcpy(ndev->dev_addr, local->hw.wiphy->perm_addr, ETH_ALEN);
59 ndev->base_addr = dev->base_addr;
60 ndev->irq = dev->irq;
61 ndev->mem_start = dev->mem_start;
62 ndev->mem_end = dev->mem_end;
63 SET_NETDEV_DEV(ndev, wiphy_dev(local->hw.wiphy));
64
65 sdata = IEEE80211_DEV_TO_SUB_IF(ndev);
66 ndev->ieee80211_ptr = &sdata->wdev;
67 sdata->wdev.wiphy = local->hw.wiphy;
68 sdata->type = IEEE80211_IF_TYPE_AP;
69 sdata->dev = ndev;
70 sdata->local = local;
71 ieee80211_if_sdata_init(sdata);
72
73 ret = register_netdevice(ndev);
74 if (ret)
75 goto fail;
76
77 ieee80211_debugfs_add_netdev(sdata);
78 ieee80211_if_set_type(ndev, type);
79
80 write_lock_bh(&local->sub_if_lock);
81 if (unlikely(local->reg_state == IEEE80211_DEV_UNREGISTERED)) {
82 write_unlock_bh(&local->sub_if_lock);
83 __ieee80211_if_del(local, sdata);
84 return -ENODEV;
85 }
86 list_add(&sdata->list, &local->sub_if_list);
87 if (new_dev)
88 *new_dev = ndev;
89 write_unlock_bh(&local->sub_if_lock);
90
91 ieee80211_update_default_wep_only(local);
92
93 return 0;
94
95fail:
96 free_netdev(ndev);
97 return ret;
98}
99
100int ieee80211_if_add_mgmt(struct ieee80211_local *local)
101{
102 struct net_device *ndev;
103 struct ieee80211_sub_if_data *nsdata;
104 int ret;
105
106 ASSERT_RTNL();
107
108 ndev = alloc_netdev(sizeof(struct ieee80211_sub_if_data), "wmgmt%d",
109 ieee80211_if_mgmt_setup);
110 if (!ndev)
111 return -ENOMEM;
112 ret = dev_alloc_name(ndev, ndev->name);
113 if (ret < 0)
114 goto fail;
115
116 memcpy(ndev->dev_addr, local->hw.wiphy->perm_addr, ETH_ALEN);
117 SET_NETDEV_DEV(ndev, wiphy_dev(local->hw.wiphy));
118
119 nsdata = IEEE80211_DEV_TO_SUB_IF(ndev);
120 ndev->ieee80211_ptr = &nsdata->wdev;
121 nsdata->wdev.wiphy = local->hw.wiphy;
122 nsdata->type = IEEE80211_IF_TYPE_MGMT;
123 nsdata->dev = ndev;
124 nsdata->local = local;
125 ieee80211_if_sdata_init(nsdata);
126
127 ret = register_netdevice(ndev);
128 if (ret)
129 goto fail;
130
131 ieee80211_debugfs_add_netdev(nsdata);
132
133 if (local->open_count > 0)
134 dev_open(ndev);
135 local->apdev = ndev;
136 return 0;
137
138fail:
139 free_netdev(ndev);
140 return ret;
141}
142
143void ieee80211_if_del_mgmt(struct ieee80211_local *local)
144{
145 struct net_device *apdev;
146
147 ASSERT_RTNL();
148 apdev = local->apdev;
149 ieee80211_debugfs_remove_netdev(IEEE80211_DEV_TO_SUB_IF(apdev));
150 local->apdev = NULL;
151 unregister_netdevice(apdev);
152}
153
154void ieee80211_if_set_type(struct net_device *dev, int type)
155{
156 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
157 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
158 int oldtype = sdata->type;
159
160 sdata->type = type;
161 switch (type) {
162 case IEEE80211_IF_TYPE_WDS:
163 sdata->bss = NULL;
164 break;
165 case IEEE80211_IF_TYPE_VLAN:
166 break;
167 case IEEE80211_IF_TYPE_AP:
168 sdata->u.ap.dtim_period = 2;
169 sdata->u.ap.force_unicast_rateidx = -1;
170 sdata->u.ap.max_ratectrl_rateidx = -1;
171 skb_queue_head_init(&sdata->u.ap.ps_bc_buf);
172 sdata->bss = &sdata->u.ap;
173 break;
174 case IEEE80211_IF_TYPE_STA:
175 case IEEE80211_IF_TYPE_IBSS: {
176 struct ieee80211_sub_if_data *msdata;
177 struct ieee80211_if_sta *ifsta;
178
179 ifsta = &sdata->u.sta;
180 INIT_WORK(&ifsta->work, ieee80211_sta_work);
181 setup_timer(&ifsta->timer, ieee80211_sta_timer,
182 (unsigned long) sdata);
183 skb_queue_head_init(&ifsta->skb_queue);
184
185 ifsta->capab = WLAN_CAPABILITY_ESS;
186 ifsta->auth_algs = IEEE80211_AUTH_ALG_OPEN |
187 IEEE80211_AUTH_ALG_SHARED_KEY;
188 ifsta->create_ibss = 1;
189 ifsta->wmm_enabled = 1;
190 ifsta->auto_channel_sel = 1;
191 ifsta->auto_bssid_sel = 1;
192
193 msdata = IEEE80211_DEV_TO_SUB_IF(sdata->local->mdev);
194 sdata->bss = &msdata->u.ap;
195 break;
196 }
197 case IEEE80211_IF_TYPE_MNTR:
198 dev->type = ARPHRD_IEEE80211_RADIOTAP;
199 break;
200 default:
201 printk(KERN_WARNING "%s: %s: Unknown interface type 0x%x",
202 dev->name, __FUNCTION__, type);
203 }
204 ieee80211_debugfs_change_if_type(sdata, oldtype);
205 ieee80211_update_default_wep_only(local);
206}
207
208/* Must be called with rtnl lock held. */
209void ieee80211_if_reinit(struct net_device *dev)
210{
211 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
212 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
213 struct sta_info *sta;
214 int i;
215
216 ASSERT_RTNL();
217 ieee80211_if_sdata_deinit(sdata);
218 for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
219 if (!sdata->keys[i])
220 continue;
221#if 0
222 /* The interface is down at the moment, so there is not
223 * really much point in disabling the keys at this point. */
224 memset(addr, 0xff, ETH_ALEN);
225 if (local->ops->set_key)
226 local->ops->set_key(local_to_hw(local), DISABLE_KEY, addr,
227 local->keys[i], 0);
228#endif
229 ieee80211_key_free(sdata->keys[i]);
230 sdata->keys[i] = NULL;
231 }
232
233 switch (sdata->type) {
234 case IEEE80211_IF_TYPE_AP: {
235 /* Remove all virtual interfaces that use this BSS
236 * as their sdata->bss */
237 struct ieee80211_sub_if_data *tsdata, *n;
238 LIST_HEAD(tmp_list);
239
240 write_lock_bh(&local->sub_if_lock);
241 list_for_each_entry_safe(tsdata, n, &local->sub_if_list, list) {
242 if (tsdata != sdata && tsdata->bss == &sdata->u.ap) {
243 printk(KERN_DEBUG "%s: removing virtual "
244 "interface %s because its BSS interface"
245 " is being removed\n",
246 sdata->dev->name, tsdata->dev->name);
247 list_move_tail(&tsdata->list, &tmp_list);
248 }
249 }
250 write_unlock_bh(&local->sub_if_lock);
251
252 list_for_each_entry_safe(tsdata, n, &tmp_list, list)
253 __ieee80211_if_del(local, tsdata);
254
255 kfree(sdata->u.ap.beacon_head);
256 kfree(sdata->u.ap.beacon_tail);
257 kfree(sdata->u.ap.generic_elem);
258
259 if (dev != local->mdev) {
260 struct sk_buff *skb;
261 while ((skb = skb_dequeue(&sdata->u.ap.ps_bc_buf))) {
262 local->total_ps_buffered--;
263 dev_kfree_skb(skb);
264 }
265 }
266
267 break;
268 }
269 case IEEE80211_IF_TYPE_WDS:
270 sta = sta_info_get(local, sdata->u.wds.remote_addr);
271 if (sta) {
272 sta_info_put(sta);
273 sta_info_free(sta, 0);
274 } else {
275#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
276 printk(KERN_DEBUG "%s: Someone had deleted my STA "
277 "entry for the WDS link\n", dev->name);
278#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
279 }
280 break;
281 case IEEE80211_IF_TYPE_STA:
282 case IEEE80211_IF_TYPE_IBSS:
283 kfree(sdata->u.sta.extra_ie);
284 sdata->u.sta.extra_ie = NULL;
285 kfree(sdata->u.sta.assocreq_ies);
286 sdata->u.sta.assocreq_ies = NULL;
287 kfree(sdata->u.sta.assocresp_ies);
288 sdata->u.sta.assocresp_ies = NULL;
289 if (sdata->u.sta.probe_resp) {
290 dev_kfree_skb(sdata->u.sta.probe_resp);
291 sdata->u.sta.probe_resp = NULL;
292 }
293
294 break;
295 case IEEE80211_IF_TYPE_MNTR:
296 dev->type = ARPHRD_ETHER;
297 break;
298 }
299
300 /* remove all STAs that are bound to this virtual interface */
301 sta_info_flush(local, dev);
302
303 memset(&sdata->u, 0, sizeof(sdata->u));
304 ieee80211_if_sdata_init(sdata);
305}
306
307/* Must be called with rtnl lock held. */
308void __ieee80211_if_del(struct ieee80211_local *local,
309 struct ieee80211_sub_if_data *sdata)
310{
311 struct net_device *dev = sdata->dev;
312
313 ieee80211_debugfs_remove_netdev(sdata);
314 unregister_netdevice(dev);
315 /* Except master interface, the net_device will be freed by
316 * net_device->destructor (i. e. ieee80211_if_free). */
317}
318
319/* Must be called with rtnl lock held. */
320int ieee80211_if_remove(struct net_device *dev, const char *name, int id)
321{
322 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
323 struct ieee80211_sub_if_data *sdata, *n;
324
325 ASSERT_RTNL();
326
327 write_lock_bh(&local->sub_if_lock);
328 list_for_each_entry_safe(sdata, n, &local->sub_if_list, list) {
329 if ((sdata->type == id || id == -1) &&
330 strcmp(name, sdata->dev->name) == 0 &&
331 sdata->dev != local->mdev) {
332 list_del(&sdata->list);
333 write_unlock_bh(&local->sub_if_lock);
334 __ieee80211_if_del(local, sdata);
335 ieee80211_update_default_wep_only(local);
336 return 0;
337 }
338 }
339 write_unlock_bh(&local->sub_if_lock);
340 return -ENODEV;
341}
342
343void ieee80211_if_free(struct net_device *dev)
344{
345 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
346 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
347
348 /* local->apdev must be NULL when freeing management interface */
349 BUG_ON(dev == local->apdev);
350 ieee80211_if_sdata_deinit(sdata);
351 free_netdev(dev);
352}
diff --git a/net/mac80211/ieee80211_ioctl.c b/net/mac80211/ieee80211_ioctl.c
new file mode 100644
index 000000000000..352f03bd8a3a
--- /dev/null
+++ b/net/mac80211/ieee80211_ioctl.c
@@ -0,0 +1,1822 @@
1/*
2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <linux/module.h>
11#include <linux/init.h>
12#include <linux/netdevice.h>
13#include <linux/types.h>
14#include <linux/slab.h>
15#include <linux/skbuff.h>
16#include <linux/etherdevice.h>
17#include <linux/if_arp.h>
18#include <linux/wireless.h>
19#include <net/iw_handler.h>
20#include <asm/uaccess.h>
21
22#include <net/mac80211.h>
23#include "ieee80211_i.h"
24#include "hostapd_ioctl.h"
25#include "ieee80211_rate.h"
26#include "wpa.h"
27#include "aes_ccm.h"
28#include "debugfs_key.h"
29
30static int ieee80211_regdom = 0x10; /* FCC */
31module_param(ieee80211_regdom, int, 0444);
32MODULE_PARM_DESC(ieee80211_regdom, "IEEE 802.11 regulatory domain; 64=MKK");
33
34/*
35 * If firmware is upgraded by the vendor, additional channels can be used based
36 * on the new Japanese regulatory rules. This is indicated by setting
37 * ieee80211_japan_5ghz module parameter to one when loading the 80211 kernel
38 * module.
39 */
40static int ieee80211_japan_5ghz /* = 0 */;
41module_param(ieee80211_japan_5ghz, int, 0444);
42MODULE_PARM_DESC(ieee80211_japan_5ghz, "Vendor-updated firmware for 5 GHz");
43
44static void ieee80211_set_hw_encryption(struct net_device *dev,
45 struct sta_info *sta, u8 addr[ETH_ALEN],
46 struct ieee80211_key *key)
47{
48 struct ieee80211_key_conf *keyconf = NULL;
49 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
50
51 /* default to sw encryption; this will be cleared by low-level
52 * driver if the hw supports requested encryption */
53 if (key)
54 key->force_sw_encrypt = 1;
55
56 if (key && local->ops->set_key &&
57 (keyconf = ieee80211_key_data2conf(local, key))) {
58 if (local->ops->set_key(local_to_hw(local), SET_KEY, addr,
59 keyconf, sta ? sta->aid : 0)) {
60 key->force_sw_encrypt = 1;
61 key->hw_key_idx = HW_KEY_IDX_INVALID;
62 } else {
63 key->force_sw_encrypt =
64 !!(keyconf->flags & IEEE80211_KEY_FORCE_SW_ENCRYPT);
65 key->hw_key_idx =
66 keyconf->hw_key_idx;
67
68 }
69 }
70 kfree(keyconf);
71}
72
73
74static int ieee80211_set_encryption(struct net_device *dev, u8 *sta_addr,
75 int idx, int alg, int set_tx_key,
76 const u8 *_key, size_t key_len)
77{
78 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
79 int ret = 0;
80 struct sta_info *sta;
81 struct ieee80211_key *key, *old_key;
82 int try_hwaccel = 1;
83 struct ieee80211_key_conf *keyconf;
84 struct ieee80211_sub_if_data *sdata;
85
86 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
87
88 if (is_broadcast_ether_addr(sta_addr)) {
89 sta = NULL;
90 if (idx >= NUM_DEFAULT_KEYS) {
91 printk(KERN_DEBUG "%s: set_encrypt - invalid idx=%d\n",
92 dev->name, idx);
93 return -EINVAL;
94 }
95 key = sdata->keys[idx];
96
97 /* TODO: consider adding hwaccel support for these; at least
98 * Atheros key cache should be able to handle this since AP is
99 * only transmitting frames with default keys. */
100 /* FIX: hw key cache can be used when only one virtual
101 * STA is associated with each AP. If more than one STA
102 * is associated to the same AP, software encryption
103 * must be used. This should be done automatically
104 * based on configured station devices. For the time
105 * being, this can be only set at compile time. */
106 } else {
107 set_tx_key = 0;
108 if (idx != 0) {
109 printk(KERN_DEBUG "%s: set_encrypt - non-zero idx for "
110 "individual key\n", dev->name);
111 return -EINVAL;
112 }
113
114 sta = sta_info_get(local, sta_addr);
115 if (!sta) {
116#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
117 printk(KERN_DEBUG "%s: set_encrypt - unknown addr "
118 MAC_FMT "\n",
119 dev->name, MAC_ARG(sta_addr));
120#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
121
122 return -ENOENT;
123 }
124
125 key = sta->key;
126 }
127
128 /* FIX:
129 * Cannot configure default hwaccel keys with WEP algorithm, if
130 * any of the virtual interfaces is using static WEP
131 * configuration because hwaccel would otherwise try to decrypt
132 * these frames.
133 *
134 * For now, just disable WEP hwaccel for broadcast when there is
135 * possibility of conflict with default keys. This can maybe later be
136 * optimized by using non-default keys (at least with Atheros ar521x).
137 */
138 if (!sta && alg == ALG_WEP && !local->default_wep_only &&
139 sdata->type != IEEE80211_IF_TYPE_IBSS &&
140 sdata->type != IEEE80211_IF_TYPE_AP) {
141 try_hwaccel = 0;
142 }
143
144 if (local->hw.flags & IEEE80211_HW_DEVICE_HIDES_WEP) {
145 /* Software encryption cannot be used with devices that hide
146 * encryption from the host system, so always try to use
147 * hardware acceleration with such devices. */
148 try_hwaccel = 1;
149 }
150
151 if ((local->hw.flags & IEEE80211_HW_NO_TKIP_WMM_HWACCEL) &&
152 alg == ALG_TKIP) {
153 if (sta && (sta->flags & WLAN_STA_WME)) {
154 /* Hardware does not support hwaccel with TKIP when using WMM.
155 */
156 try_hwaccel = 0;
157 }
158 else if (sdata->type == IEEE80211_IF_TYPE_STA) {
159 sta = sta_info_get(local, sdata->u.sta.bssid);
160 if (sta) {
161 if (sta->flags & WLAN_STA_WME) {
162 try_hwaccel = 0;
163 }
164 sta_info_put(sta);
165 sta = NULL;
166 }
167 }
168 }
169
170 if (alg == ALG_NONE) {
171 keyconf = NULL;
172 if (try_hwaccel && key &&
173 key->hw_key_idx != HW_KEY_IDX_INVALID &&
174 local->ops->set_key &&
175 (keyconf = ieee80211_key_data2conf(local, key)) != NULL &&
176 local->ops->set_key(local_to_hw(local), DISABLE_KEY,
177 sta_addr, keyconf, sta ? sta->aid : 0)) {
178 printk(KERN_DEBUG "%s: set_encrypt - low-level disable"
179 " failed\n", dev->name);
180 ret = -EINVAL;
181 }
182 kfree(keyconf);
183
184 if (set_tx_key || sdata->default_key == key) {
185 ieee80211_debugfs_key_remove_default(sdata);
186 sdata->default_key = NULL;
187 }
188 ieee80211_debugfs_key_remove(key);
189 if (sta)
190 sta->key = NULL;
191 else
192 sdata->keys[idx] = NULL;
193 ieee80211_key_free(key);
194 key = NULL;
195 } else {
196 old_key = key;
197 key = ieee80211_key_alloc(sta ? NULL : sdata, idx, key_len,
198 GFP_KERNEL);
199 if (!key) {
200 ret = -ENOMEM;
201 goto err_out;
202 }
203
204 /* default to sw encryption; low-level driver sets these if the
205 * requested encryption is supported */
206 key->hw_key_idx = HW_KEY_IDX_INVALID;
207 key->force_sw_encrypt = 1;
208
209 key->alg = alg;
210 key->keyidx = idx;
211 key->keylen = key_len;
212 memcpy(key->key, _key, key_len);
213 if (set_tx_key)
214 key->default_tx_key = 1;
215
216 if (alg == ALG_CCMP) {
217 /* Initialize AES key state here as an optimization
218 * so that it does not need to be initialized for every
219 * packet. */
220 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(
221 key->key);
222 if (!key->u.ccmp.tfm) {
223 ret = -ENOMEM;
224 goto err_free;
225 }
226 }
227
228 if (set_tx_key || sdata->default_key == old_key) {
229 ieee80211_debugfs_key_remove_default(sdata);
230 sdata->default_key = NULL;
231 }
232 ieee80211_debugfs_key_remove(old_key);
233 if (sta)
234 sta->key = key;
235 else
236 sdata->keys[idx] = key;
237 ieee80211_key_free(old_key);
238 ieee80211_debugfs_key_add(local, key);
239 if (sta)
240 ieee80211_debugfs_key_sta_link(key, sta);
241
242 if (try_hwaccel &&
243 (alg == ALG_WEP || alg == ALG_TKIP || alg == ALG_CCMP))
244 ieee80211_set_hw_encryption(dev, sta, sta_addr, key);
245 }
246
247 if (set_tx_key || (!sta && !sdata->default_key && key)) {
248 sdata->default_key = key;
249 if (key)
250 ieee80211_debugfs_key_add_default(sdata);
251
252 if (local->ops->set_key_idx &&
253 local->ops->set_key_idx(local_to_hw(local), idx))
254 printk(KERN_DEBUG "%s: failed to set TX key idx for "
255 "low-level driver\n", dev->name);
256 }
257
258 if (sta)
259 sta_info_put(sta);
260
261 return 0;
262
263err_free:
264 ieee80211_key_free(key);
265err_out:
266 if (sta)
267 sta_info_put(sta);
268 return ret;
269}
270
271static int ieee80211_ioctl_siwgenie(struct net_device *dev,
272 struct iw_request_info *info,
273 struct iw_point *data, char *extra)
274{
275 struct ieee80211_sub_if_data *sdata;
276 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
277
278 if (local->user_space_mlme)
279 return -EOPNOTSUPP;
280
281 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
282 if (sdata->type == IEEE80211_IF_TYPE_STA ||
283 sdata->type == IEEE80211_IF_TYPE_IBSS) {
284 int ret = ieee80211_sta_set_extra_ie(dev, extra, data->length);
285 if (ret)
286 return ret;
287 sdata->u.sta.auto_bssid_sel = 0;
288 ieee80211_sta_req_auth(dev, &sdata->u.sta);
289 return 0;
290 }
291
292 if (sdata->type == IEEE80211_IF_TYPE_AP) {
293 kfree(sdata->u.ap.generic_elem);
294 sdata->u.ap.generic_elem = kmalloc(data->length, GFP_KERNEL);
295 if (!sdata->u.ap.generic_elem)
296 return -ENOMEM;
297 memcpy(sdata->u.ap.generic_elem, extra, data->length);
298 sdata->u.ap.generic_elem_len = data->length;
299 return ieee80211_if_config(dev);
300 }
301 return -EOPNOTSUPP;
302}
303
304static int ieee80211_ioctl_set_radio_enabled(struct net_device *dev,
305 int val)
306{
307 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
308 struct ieee80211_conf *conf = &local->hw.conf;
309
310 conf->radio_enabled = val;
311 return ieee80211_hw_config(wdev_priv(dev->ieee80211_ptr));
312}
313
314static int ieee80211_ioctl_giwname(struct net_device *dev,
315 struct iw_request_info *info,
316 char *name, char *extra)
317{
318 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
319
320 switch (local->hw.conf.phymode) {
321 case MODE_IEEE80211A:
322 strcpy(name, "IEEE 802.11a");
323 break;
324 case MODE_IEEE80211B:
325 strcpy(name, "IEEE 802.11b");
326 break;
327 case MODE_IEEE80211G:
328 strcpy(name, "IEEE 802.11g");
329 break;
330 case MODE_ATHEROS_TURBO:
331 strcpy(name, "5GHz Turbo");
332 break;
333 default:
334 strcpy(name, "IEEE 802.11");
335 break;
336 }
337
338 return 0;
339}
340
341
342static int ieee80211_ioctl_giwrange(struct net_device *dev,
343 struct iw_request_info *info,
344 struct iw_point *data, char *extra)
345{
346 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
347 struct iw_range *range = (struct iw_range *) extra;
348
349 data->length = sizeof(struct iw_range);
350 memset(range, 0, sizeof(struct iw_range));
351
352 range->we_version_compiled = WIRELESS_EXT;
353 range->we_version_source = 21;
354 range->retry_capa = IW_RETRY_LIMIT;
355 range->retry_flags = IW_RETRY_LIMIT;
356 range->min_retry = 0;
357 range->max_retry = 255;
358 range->min_rts = 0;
359 range->max_rts = 2347;
360 range->min_frag = 256;
361 range->max_frag = 2346;
362
363 range->encoding_size[0] = 5;
364 range->encoding_size[1] = 13;
365 range->num_encoding_sizes = 2;
366 range->max_encoding_tokens = NUM_DEFAULT_KEYS;
367
368 range->max_qual.qual = local->hw.max_signal;
369 range->max_qual.level = local->hw.max_rssi;
370 range->max_qual.noise = local->hw.max_noise;
371 range->max_qual.updated = local->wstats_flags;
372
373 range->avg_qual.qual = local->hw.max_signal/2;
374 range->avg_qual.level = 0;
375 range->avg_qual.noise = 0;
376 range->avg_qual.updated = local->wstats_flags;
377
378 range->enc_capa = IW_ENC_CAPA_WPA | IW_ENC_CAPA_WPA2 |
379 IW_ENC_CAPA_CIPHER_TKIP | IW_ENC_CAPA_CIPHER_CCMP;
380
381 IW_EVENT_CAPA_SET_KERNEL(range->event_capa);
382 IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWTHRSPY);
383 IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWAP);
384 IW_EVENT_CAPA_SET(range->event_capa, SIOCGIWSCAN);
385
386 return 0;
387}
388
389
390struct ieee80211_channel_range {
391 short start_freq;
392 short end_freq;
393 unsigned char power_level;
394 unsigned char antenna_max;
395};
396
397static const struct ieee80211_channel_range ieee80211_fcc_channels[] = {
398 { 2412, 2462, 27, 6 } /* IEEE 802.11b/g, channels 1..11 */,
399 { 5180, 5240, 17, 6 } /* IEEE 802.11a, channels 36..48 */,
400 { 5260, 5320, 23, 6 } /* IEEE 802.11a, channels 52..64 */,
401 { 5745, 5825, 30, 6 } /* IEEE 802.11a, channels 149..165, outdoor */,
402 { 0 }
403};
404
405static const struct ieee80211_channel_range ieee80211_mkk_channels[] = {
406 { 2412, 2472, 20, 6 } /* IEEE 802.11b/g, channels 1..13 */,
407 { 5170, 5240, 20, 6 } /* IEEE 802.11a, channels 34..48 */,
408 { 5260, 5320, 20, 6 } /* IEEE 802.11a, channels 52..64 */,
409 { 0 }
410};
411
412
413static const struct ieee80211_channel_range *channel_range =
414 ieee80211_fcc_channels;
415
416
417static void ieee80211_unmask_channel(struct net_device *dev, int mode,
418 struct ieee80211_channel *chan)
419{
420 int i;
421
422 chan->flag = 0;
423
424 if (ieee80211_regdom == 64 &&
425 (mode == MODE_ATHEROS_TURBO || mode == MODE_ATHEROS_TURBOG)) {
426 /* Do not allow Turbo modes in Japan. */
427 return;
428 }
429
430 for (i = 0; channel_range[i].start_freq; i++) {
431 const struct ieee80211_channel_range *r = &channel_range[i];
432 if (r->start_freq <= chan->freq && r->end_freq >= chan->freq) {
433 if (ieee80211_regdom == 64 && !ieee80211_japan_5ghz &&
434 chan->freq >= 5260 && chan->freq <= 5320) {
435 /*
436 * Skip new channels in Japan since the
437 * firmware was not marked having been upgraded
438 * by the vendor.
439 */
440 continue;
441 }
442
443 if (ieee80211_regdom == 0x10 &&
444 (chan->freq == 5190 || chan->freq == 5210 ||
445 chan->freq == 5230)) {
446 /* Skip MKK channels when in FCC domain. */
447 continue;
448 }
449
450 chan->flag |= IEEE80211_CHAN_W_SCAN |
451 IEEE80211_CHAN_W_ACTIVE_SCAN |
452 IEEE80211_CHAN_W_IBSS;
453 chan->power_level = r->power_level;
454 chan->antenna_max = r->antenna_max;
455
456 if (ieee80211_regdom == 64 &&
457 (chan->freq == 5170 || chan->freq == 5190 ||
458 chan->freq == 5210 || chan->freq == 5230)) {
459 /*
460 * New regulatory rules in Japan have backwards
461 * compatibility with old channels in 5.15-5.25
462 * GHz band, but the station is not allowed to
463 * use active scan on these old channels.
464 */
465 chan->flag &= ~IEEE80211_CHAN_W_ACTIVE_SCAN;
466 }
467
468 if (ieee80211_regdom == 64 &&
469 (chan->freq == 5260 || chan->freq == 5280 ||
470 chan->freq == 5300 || chan->freq == 5320)) {
471 /*
472 * IBSS is not allowed on 5.25-5.35 GHz band
473 * due to radar detection requirements.
474 */
475 chan->flag &= ~IEEE80211_CHAN_W_IBSS;
476 }
477
478 break;
479 }
480 }
481}
482
483
484static int ieee80211_unmask_channels(struct net_device *dev)
485{
486 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
487 struct ieee80211_hw_mode *mode;
488 int c;
489
490 list_for_each_entry(mode, &local->modes_list, list) {
491 for (c = 0; c < mode->num_channels; c++) {
492 ieee80211_unmask_channel(dev, mode->mode,
493 &mode->channels[c]);
494 }
495 }
496 return 0;
497}
498
499
500int ieee80211_init_client(struct net_device *dev)
501{
502 if (ieee80211_regdom == 0x40)
503 channel_range = ieee80211_mkk_channels;
504 ieee80211_unmask_channels(dev);
505 return 0;
506}
507
508
509static int ieee80211_ioctl_siwmode(struct net_device *dev,
510 struct iw_request_info *info,
511 __u32 *mode, char *extra)
512{
513 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
514 int type;
515
516 if (sdata->type == IEEE80211_IF_TYPE_VLAN)
517 return -EOPNOTSUPP;
518
519 switch (*mode) {
520 case IW_MODE_INFRA:
521 type = IEEE80211_IF_TYPE_STA;
522 break;
523 case IW_MODE_ADHOC:
524 type = IEEE80211_IF_TYPE_IBSS;
525 break;
526 case IW_MODE_MONITOR:
527 type = IEEE80211_IF_TYPE_MNTR;
528 break;
529 default:
530 return -EINVAL;
531 }
532
533 if (type == sdata->type)
534 return 0;
535 if (netif_running(dev))
536 return -EBUSY;
537
538 ieee80211_if_reinit(dev);
539 ieee80211_if_set_type(dev, type);
540
541 return 0;
542}
543
544
545static int ieee80211_ioctl_giwmode(struct net_device *dev,
546 struct iw_request_info *info,
547 __u32 *mode, char *extra)
548{
549 struct ieee80211_sub_if_data *sdata;
550
551 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
552 switch (sdata->type) {
553 case IEEE80211_IF_TYPE_AP:
554 *mode = IW_MODE_MASTER;
555 break;
556 case IEEE80211_IF_TYPE_STA:
557 *mode = IW_MODE_INFRA;
558 break;
559 case IEEE80211_IF_TYPE_IBSS:
560 *mode = IW_MODE_ADHOC;
561 break;
562 case IEEE80211_IF_TYPE_MNTR:
563 *mode = IW_MODE_MONITOR;
564 break;
565 case IEEE80211_IF_TYPE_WDS:
566 *mode = IW_MODE_REPEAT;
567 break;
568 case IEEE80211_IF_TYPE_VLAN:
569 *mode = IW_MODE_SECOND; /* FIXME */
570 break;
571 default:
572 *mode = IW_MODE_AUTO;
573 break;
574 }
575 return 0;
576}
577
578int ieee80211_set_channel(struct ieee80211_local *local, int channel, int freq)
579{
580 struct ieee80211_hw_mode *mode;
581 int c, set = 0;
582 int ret = -EINVAL;
583
584 list_for_each_entry(mode, &local->modes_list, list) {
585 if (!(local->enabled_modes & (1 << mode->mode)))
586 continue;
587 for (c = 0; c < mode->num_channels; c++) {
588 struct ieee80211_channel *chan = &mode->channels[c];
589 if (chan->flag & IEEE80211_CHAN_W_SCAN &&
590 ((chan->chan == channel) || (chan->freq == freq))) {
591 /* Use next_mode as the mode preference to
592 * resolve non-unique channel numbers. */
593 if (set && mode->mode != local->next_mode)
594 continue;
595
596 local->oper_channel = chan;
597 local->oper_hw_mode = mode;
598 set++;
599 }
600 }
601 }
602
603 if (set) {
604 if (local->sta_scanning)
605 ret = 0;
606 else
607 ret = ieee80211_hw_config(local);
608
609 rate_control_clear(local);
610 }
611
612 return ret;
613}
614
615static int ieee80211_ioctl_siwfreq(struct net_device *dev,
616 struct iw_request_info *info,
617 struct iw_freq *freq, char *extra)
618{
619 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
620 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
621
622 if (sdata->type == IEEE80211_IF_TYPE_STA)
623 sdata->u.sta.auto_channel_sel = 0;
624
625 /* freq->e == 0: freq->m = channel; otherwise freq = m * 10^e */
626 if (freq->e == 0) {
627 if (freq->m < 0) {
628 if (sdata->type == IEEE80211_IF_TYPE_STA)
629 sdata->u.sta.auto_channel_sel = 1;
630 return 0;
631 } else
632 return ieee80211_set_channel(local, freq->m, -1);
633 } else {
634 int i, div = 1000000;
635 for (i = 0; i < freq->e; i++)
636 div /= 10;
637 if (div > 0)
638 return ieee80211_set_channel(local, -1, freq->m / div);
639 else
640 return -EINVAL;
641 }
642}
643
644
645static int ieee80211_ioctl_giwfreq(struct net_device *dev,
646 struct iw_request_info *info,
647 struct iw_freq *freq, char *extra)
648{
649 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
650
651 /* TODO: in station mode (Managed/Ad-hoc) might need to poll low-level
652 * driver for the current channel with firmware-based management */
653
654 freq->m = local->hw.conf.freq;
655 freq->e = 6;
656
657 return 0;
658}
659
660
661static int ieee80211_ioctl_siwessid(struct net_device *dev,
662 struct iw_request_info *info,
663 struct iw_point *data, char *ssid)
664{
665 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
666 struct ieee80211_sub_if_data *sdata;
667 size_t len = data->length;
668
669 /* iwconfig uses nul termination in SSID.. */
670 if (len > 0 && ssid[len - 1] == '\0')
671 len--;
672
673 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
674 if (sdata->type == IEEE80211_IF_TYPE_STA ||
675 sdata->type == IEEE80211_IF_TYPE_IBSS) {
676 int ret;
677 if (local->user_space_mlme) {
678 if (len > IEEE80211_MAX_SSID_LEN)
679 return -EINVAL;
680 memcpy(sdata->u.sta.ssid, ssid, len);
681 sdata->u.sta.ssid_len = len;
682 return 0;
683 }
684 sdata->u.sta.auto_ssid_sel = !data->flags;
685 ret = ieee80211_sta_set_ssid(dev, ssid, len);
686 if (ret)
687 return ret;
688 ieee80211_sta_req_auth(dev, &sdata->u.sta);
689 return 0;
690 }
691
692 if (sdata->type == IEEE80211_IF_TYPE_AP) {
693 memcpy(sdata->u.ap.ssid, ssid, len);
694 memset(sdata->u.ap.ssid + len, 0,
695 IEEE80211_MAX_SSID_LEN - len);
696 sdata->u.ap.ssid_len = len;
697 return ieee80211_if_config(dev);
698 }
699 return -EOPNOTSUPP;
700}
701
702
703static int ieee80211_ioctl_giwessid(struct net_device *dev,
704 struct iw_request_info *info,
705 struct iw_point *data, char *ssid)
706{
707 size_t len;
708
709 struct ieee80211_sub_if_data *sdata;
710 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
711 if (sdata->type == IEEE80211_IF_TYPE_STA ||
712 sdata->type == IEEE80211_IF_TYPE_IBSS) {
713 int res = ieee80211_sta_get_ssid(dev, ssid, &len);
714 if (res == 0) {
715 data->length = len;
716 data->flags = 1;
717 } else
718 data->flags = 0;
719 return res;
720 }
721
722 if (sdata->type == IEEE80211_IF_TYPE_AP) {
723 len = sdata->u.ap.ssid_len;
724 if (len > IW_ESSID_MAX_SIZE)
725 len = IW_ESSID_MAX_SIZE;
726 memcpy(ssid, sdata->u.ap.ssid, len);
727 data->length = len;
728 data->flags = 1;
729 return 0;
730 }
731 return -EOPNOTSUPP;
732}
733
734
735static int ieee80211_ioctl_siwap(struct net_device *dev,
736 struct iw_request_info *info,
737 struct sockaddr *ap_addr, char *extra)
738{
739 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
740 struct ieee80211_sub_if_data *sdata;
741
742 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
743 if (sdata->type == IEEE80211_IF_TYPE_STA ||
744 sdata->type == IEEE80211_IF_TYPE_IBSS) {
745 int ret;
746 if (local->user_space_mlme) {
747 memcpy(sdata->u.sta.bssid, (u8 *) &ap_addr->sa_data,
748 ETH_ALEN);
749 return 0;
750 }
751 if (is_zero_ether_addr((u8 *) &ap_addr->sa_data)) {
752 sdata->u.sta.auto_bssid_sel = 1;
753 sdata->u.sta.auto_channel_sel = 1;
754 } else if (is_broadcast_ether_addr((u8 *) &ap_addr->sa_data))
755 sdata->u.sta.auto_bssid_sel = 1;
756 else
757 sdata->u.sta.auto_bssid_sel = 0;
758 ret = ieee80211_sta_set_bssid(dev, (u8 *) &ap_addr->sa_data);
759 if (ret)
760 return ret;
761 ieee80211_sta_req_auth(dev, &sdata->u.sta);
762 return 0;
763 } else if (sdata->type == IEEE80211_IF_TYPE_WDS) {
764 if (memcmp(sdata->u.wds.remote_addr, (u8 *) &ap_addr->sa_data,
765 ETH_ALEN) == 0)
766 return 0;
767 return ieee80211_if_update_wds(dev, (u8 *) &ap_addr->sa_data);
768 }
769
770 return -EOPNOTSUPP;
771}
772
773
774static int ieee80211_ioctl_giwap(struct net_device *dev,
775 struct iw_request_info *info,
776 struct sockaddr *ap_addr, char *extra)
777{
778 struct ieee80211_sub_if_data *sdata;
779
780 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
781 if (sdata->type == IEEE80211_IF_TYPE_STA ||
782 sdata->type == IEEE80211_IF_TYPE_IBSS) {
783 ap_addr->sa_family = ARPHRD_ETHER;
784 memcpy(&ap_addr->sa_data, sdata->u.sta.bssid, ETH_ALEN);
785 return 0;
786 } else if (sdata->type == IEEE80211_IF_TYPE_WDS) {
787 ap_addr->sa_family = ARPHRD_ETHER;
788 memcpy(&ap_addr->sa_data, sdata->u.wds.remote_addr, ETH_ALEN);
789 return 0;
790 }
791
792 return -EOPNOTSUPP;
793}
794
795
796static int ieee80211_ioctl_siwscan(struct net_device *dev,
797 struct iw_request_info *info,
798 struct iw_point *data, char *extra)
799{
800 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
801 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
802 u8 *ssid = NULL;
803 size_t ssid_len = 0;
804
805 if (!netif_running(dev))
806 return -ENETDOWN;
807
808 if (local->scan_flags & IEEE80211_SCAN_MATCH_SSID) {
809 if (sdata->type == IEEE80211_IF_TYPE_STA ||
810 sdata->type == IEEE80211_IF_TYPE_IBSS) {
811 ssid = sdata->u.sta.ssid;
812 ssid_len = sdata->u.sta.ssid_len;
813 } else if (sdata->type == IEEE80211_IF_TYPE_AP) {
814 ssid = sdata->u.ap.ssid;
815 ssid_len = sdata->u.ap.ssid_len;
816 } else
817 return -EINVAL;
818 }
819 return ieee80211_sta_req_scan(dev, ssid, ssid_len);
820}
821
822
823static int ieee80211_ioctl_giwscan(struct net_device *dev,
824 struct iw_request_info *info,
825 struct iw_point *data, char *extra)
826{
827 int res;
828 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
829 if (local->sta_scanning)
830 return -EAGAIN;
831 res = ieee80211_sta_scan_results(dev, extra, data->length);
832 if (res >= 0) {
833 data->length = res;
834 return 0;
835 }
836 data->length = 0;
837 return res;
838}
839
840
841static int ieee80211_ioctl_siwrts(struct net_device *dev,
842 struct iw_request_info *info,
843 struct iw_param *rts, char *extra)
844{
845 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
846
847 if (rts->disabled)
848 local->rts_threshold = IEEE80211_MAX_RTS_THRESHOLD;
849 else if (rts->value < 0 || rts->value > IEEE80211_MAX_RTS_THRESHOLD)
850 return -EINVAL;
851 else
852 local->rts_threshold = rts->value;
853
854 /* If the wlan card performs RTS/CTS in hardware/firmware,
855 * configure it here */
856
857 if (local->ops->set_rts_threshold)
858 local->ops->set_rts_threshold(local_to_hw(local),
859 local->rts_threshold);
860
861 return 0;
862}
863
864static int ieee80211_ioctl_giwrts(struct net_device *dev,
865 struct iw_request_info *info,
866 struct iw_param *rts, char *extra)
867{
868 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
869
870 rts->value = local->rts_threshold;
871 rts->disabled = (rts->value >= IEEE80211_MAX_RTS_THRESHOLD);
872 rts->fixed = 1;
873
874 return 0;
875}
876
877
878static int ieee80211_ioctl_siwfrag(struct net_device *dev,
879 struct iw_request_info *info,
880 struct iw_param *frag, char *extra)
881{
882 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
883
884 if (frag->disabled)
885 local->fragmentation_threshold = IEEE80211_MAX_FRAG_THRESHOLD;
886 else if (frag->value < 256 ||
887 frag->value > IEEE80211_MAX_FRAG_THRESHOLD)
888 return -EINVAL;
889 else {
890 /* Fragment length must be even, so strip LSB. */
891 local->fragmentation_threshold = frag->value & ~0x1;
892 }
893
894 /* If the wlan card performs fragmentation in hardware/firmware,
895 * configure it here */
896
897 if (local->ops->set_frag_threshold)
898 local->ops->set_frag_threshold(
899 local_to_hw(local),
900 local->fragmentation_threshold);
901
902 return 0;
903}
904
905static int ieee80211_ioctl_giwfrag(struct net_device *dev,
906 struct iw_request_info *info,
907 struct iw_param *frag, char *extra)
908{
909 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
910
911 frag->value = local->fragmentation_threshold;
912 frag->disabled = (frag->value >= IEEE80211_MAX_RTS_THRESHOLD);
913 frag->fixed = 1;
914
915 return 0;
916}
917
918
919static int ieee80211_ioctl_siwretry(struct net_device *dev,
920 struct iw_request_info *info,
921 struct iw_param *retry, char *extra)
922{
923 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
924
925 if (retry->disabled ||
926 (retry->flags & IW_RETRY_TYPE) != IW_RETRY_LIMIT)
927 return -EINVAL;
928
929 if (retry->flags & IW_RETRY_MAX)
930 local->long_retry_limit = retry->value;
931 else if (retry->flags & IW_RETRY_MIN)
932 local->short_retry_limit = retry->value;
933 else {
934 local->long_retry_limit = retry->value;
935 local->short_retry_limit = retry->value;
936 }
937
938 if (local->ops->set_retry_limit) {
939 return local->ops->set_retry_limit(
940 local_to_hw(local),
941 local->short_retry_limit,
942 local->long_retry_limit);
943 }
944
945 return 0;
946}
947
948
949static int ieee80211_ioctl_giwretry(struct net_device *dev,
950 struct iw_request_info *info,
951 struct iw_param *retry, char *extra)
952{
953 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
954
955 retry->disabled = 0;
956 if (retry->flags == 0 || retry->flags & IW_RETRY_MIN) {
957 /* first return min value, iwconfig will ask max value
958 * later if needed */
959 retry->flags |= IW_RETRY_LIMIT;
960 retry->value = local->short_retry_limit;
961 if (local->long_retry_limit != local->short_retry_limit)
962 retry->flags |= IW_RETRY_MIN;
963 return 0;
964 }
965 if (retry->flags & IW_RETRY_MAX) {
966 retry->flags = IW_RETRY_LIMIT | IW_RETRY_MAX;
967 retry->value = local->long_retry_limit;
968 }
969
970 return 0;
971}
972
973static int ieee80211_ioctl_clear_keys(struct net_device *dev)
974{
975 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
976 struct ieee80211_key_conf key;
977 int i;
978 u8 addr[ETH_ALEN];
979 struct ieee80211_key_conf *keyconf;
980 struct ieee80211_sub_if_data *sdata;
981 struct sta_info *sta;
982
983 memset(addr, 0xff, ETH_ALEN);
984 read_lock(&local->sub_if_lock);
985 list_for_each_entry(sdata, &local->sub_if_list, list) {
986 for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
987 keyconf = NULL;
988 if (sdata->keys[i] &&
989 !sdata->keys[i]->force_sw_encrypt &&
990 local->ops->set_key &&
991 (keyconf = ieee80211_key_data2conf(local,
992 sdata->keys[i])))
993 local->ops->set_key(local_to_hw(local),
994 DISABLE_KEY, addr,
995 keyconf, 0);
996 kfree(keyconf);
997 ieee80211_key_free(sdata->keys[i]);
998 sdata->keys[i] = NULL;
999 }
1000 sdata->default_key = NULL;
1001 }
1002 read_unlock(&local->sub_if_lock);
1003
1004 spin_lock_bh(&local->sta_lock);
1005 list_for_each_entry(sta, &local->sta_list, list) {
1006 keyconf = NULL;
1007 if (sta->key && !sta->key->force_sw_encrypt &&
1008 local->ops->set_key &&
1009 (keyconf = ieee80211_key_data2conf(local, sta->key)))
1010 local->ops->set_key(local_to_hw(local), DISABLE_KEY,
1011 sta->addr, keyconf, sta->aid);
1012 kfree(keyconf);
1013 ieee80211_key_free(sta->key);
1014 sta->key = NULL;
1015 }
1016 spin_unlock_bh(&local->sta_lock);
1017
1018 memset(&key, 0, sizeof(key));
1019 if (local->ops->set_key &&
1020 local->ops->set_key(local_to_hw(local), REMOVE_ALL_KEYS,
1021 NULL, &key, 0))
1022 printk(KERN_DEBUG "%s: failed to remove hwaccel keys\n",
1023 dev->name);
1024
1025 return 0;
1026}
1027
1028
1029static int
1030ieee80211_ioctl_force_unicast_rate(struct net_device *dev,
1031 struct ieee80211_sub_if_data *sdata,
1032 int rate)
1033{
1034 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1035 struct ieee80211_hw_mode *mode;
1036 int i;
1037
1038 if (sdata->type != IEEE80211_IF_TYPE_AP)
1039 return -ENOENT;
1040
1041 if (rate == 0) {
1042 sdata->u.ap.force_unicast_rateidx = -1;
1043 return 0;
1044 }
1045
1046 mode = local->oper_hw_mode;
1047 for (i = 0; i < mode->num_rates; i++) {
1048 if (mode->rates[i].rate == rate) {
1049 sdata->u.ap.force_unicast_rateidx = i;
1050 return 0;
1051 }
1052 }
1053 return -EINVAL;
1054}
1055
1056
1057static int
1058ieee80211_ioctl_max_ratectrl_rate(struct net_device *dev,
1059 struct ieee80211_sub_if_data *sdata,
1060 int rate)
1061{
1062 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1063 struct ieee80211_hw_mode *mode;
1064 int i;
1065
1066 if (sdata->type != IEEE80211_IF_TYPE_AP)
1067 return -ENOENT;
1068
1069 if (rate == 0) {
1070 sdata->u.ap.max_ratectrl_rateidx = -1;
1071 return 0;
1072 }
1073
1074 mode = local->oper_hw_mode;
1075 for (i = 0; i < mode->num_rates; i++) {
1076 if (mode->rates[i].rate == rate) {
1077 sdata->u.ap.max_ratectrl_rateidx = i;
1078 return 0;
1079 }
1080 }
1081 return -EINVAL;
1082}
1083
1084
1085static void ieee80211_key_enable_hwaccel(struct ieee80211_local *local,
1086 struct ieee80211_key *key)
1087{
1088 struct ieee80211_key_conf *keyconf;
1089 u8 addr[ETH_ALEN];
1090
1091 if (!key || key->alg != ALG_WEP || !key->force_sw_encrypt ||
1092 (local->hw.flags & IEEE80211_HW_DEVICE_HIDES_WEP))
1093 return;
1094
1095 memset(addr, 0xff, ETH_ALEN);
1096 keyconf = ieee80211_key_data2conf(local, key);
1097 if (keyconf && local->ops->set_key &&
1098 local->ops->set_key(local_to_hw(local),
1099 SET_KEY, addr, keyconf, 0) == 0) {
1100 key->force_sw_encrypt =
1101 !!(keyconf->flags & IEEE80211_KEY_FORCE_SW_ENCRYPT);
1102 key->hw_key_idx = keyconf->hw_key_idx;
1103 }
1104 kfree(keyconf);
1105}
1106
1107
1108static void ieee80211_key_disable_hwaccel(struct ieee80211_local *local,
1109 struct ieee80211_key *key)
1110{
1111 struct ieee80211_key_conf *keyconf;
1112 u8 addr[ETH_ALEN];
1113
1114 if (!key || key->alg != ALG_WEP || key->force_sw_encrypt ||
1115 (local->hw.flags & IEEE80211_HW_DEVICE_HIDES_WEP))
1116 return;
1117
1118 memset(addr, 0xff, ETH_ALEN);
1119 keyconf = ieee80211_key_data2conf(local, key);
1120 if (keyconf && local->ops->set_key)
1121 local->ops->set_key(local_to_hw(local), DISABLE_KEY,
1122 addr, keyconf, 0);
1123 kfree(keyconf);
1124 key->force_sw_encrypt = 1;
1125}
1126
1127
1128static int ieee80211_ioctl_default_wep_only(struct ieee80211_local *local,
1129 int value)
1130{
1131 int i;
1132 struct ieee80211_sub_if_data *sdata;
1133
1134 local->default_wep_only = value;
1135 read_lock(&local->sub_if_lock);
1136 list_for_each_entry(sdata, &local->sub_if_list, list)
1137 for (i = 0; i < NUM_DEFAULT_KEYS; i++)
1138 if (value)
1139 ieee80211_key_enable_hwaccel(local,
1140 sdata->keys[i]);
1141 else
1142 ieee80211_key_disable_hwaccel(local,
1143 sdata->keys[i]);
1144 read_unlock(&local->sub_if_lock);
1145
1146 return 0;
1147}
1148
1149
1150void ieee80211_update_default_wep_only(struct ieee80211_local *local)
1151{
1152 int i = 0;
1153 struct ieee80211_sub_if_data *sdata;
1154
1155 read_lock(&local->sub_if_lock);
1156 list_for_each_entry(sdata, &local->sub_if_list, list) {
1157
1158 if (sdata->dev == local->mdev)
1159 continue;
1160
1161 /* If there is an AP interface then depend on userspace to
1162 set default_wep_only correctly. */
1163 if (sdata->type == IEEE80211_IF_TYPE_AP) {
1164 read_unlock(&local->sub_if_lock);
1165 return;
1166 }
1167
1168 i++;
1169 }
1170
1171 read_unlock(&local->sub_if_lock);
1172
1173 if (i <= 1)
1174 ieee80211_ioctl_default_wep_only(local, 1);
1175 else
1176 ieee80211_ioctl_default_wep_only(local, 0);
1177}
1178
1179
1180static int ieee80211_ioctl_prism2_param(struct net_device *dev,
1181 struct iw_request_info *info,
1182 void *wrqu, char *extra)
1183{
1184 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1185 struct ieee80211_sub_if_data *sdata;
1186 int *i = (int *) extra;
1187 int param = *i;
1188 int value = *(i + 1);
1189 int ret = 0;
1190
1191 if (!capable(CAP_NET_ADMIN))
1192 return -EPERM;
1193
1194 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1195
1196 switch (param) {
1197 case PRISM2_PARAM_IEEE_802_1X:
1198 if (local->ops->set_ieee8021x)
1199 ret = local->ops->set_ieee8021x(local_to_hw(local),
1200 value);
1201 if (ret)
1202 printk(KERN_DEBUG "%s: failed to set IEEE 802.1X (%d) "
1203 "for low-level driver\n", dev->name, value);
1204 else
1205 sdata->ieee802_1x = value;
1206 break;
1207
1208 case PRISM2_PARAM_ANTSEL_TX:
1209 local->hw.conf.antenna_sel_tx = value;
1210 if (ieee80211_hw_config(local))
1211 ret = -EINVAL;
1212 break;
1213
1214 case PRISM2_PARAM_ANTSEL_RX:
1215 local->hw.conf.antenna_sel_rx = value;
1216 if (ieee80211_hw_config(local))
1217 ret = -EINVAL;
1218 break;
1219
1220 case PRISM2_PARAM_CTS_PROTECT_ERP_FRAMES:
1221 local->cts_protect_erp_frames = value;
1222 break;
1223
1224 case PRISM2_PARAM_DROP_UNENCRYPTED:
1225 sdata->drop_unencrypted = value;
1226 break;
1227
1228 case PRISM2_PARAM_PREAMBLE:
1229 local->short_preamble = value;
1230 break;
1231
1232 case PRISM2_PARAM_STAT_TIME:
1233 if (!local->stat_time && value) {
1234 local->stat_timer.expires = jiffies + HZ * value / 100;
1235 add_timer(&local->stat_timer);
1236 } else if (local->stat_time && !value) {
1237 del_timer_sync(&local->stat_timer);
1238 }
1239 local->stat_time = value;
1240 break;
1241 case PRISM2_PARAM_SHORT_SLOT_TIME:
1242 if (value)
1243 local->hw.conf.flags |= IEEE80211_CONF_SHORT_SLOT_TIME;
1244 else
1245 local->hw.conf.flags &= ~IEEE80211_CONF_SHORT_SLOT_TIME;
1246 if (ieee80211_hw_config(local))
1247 ret = -EINVAL;
1248 break;
1249
1250 case PRISM2_PARAM_NEXT_MODE:
1251 local->next_mode = value;
1252 break;
1253
1254 case PRISM2_PARAM_CLEAR_KEYS:
1255 ret = ieee80211_ioctl_clear_keys(dev);
1256 break;
1257
1258 case PRISM2_PARAM_RADIO_ENABLED:
1259 ret = ieee80211_ioctl_set_radio_enabled(dev, value);
1260 break;
1261
1262 case PRISM2_PARAM_ANTENNA_MODE:
1263 local->hw.conf.antenna_mode = value;
1264 if (ieee80211_hw_config(local))
1265 ret = -EINVAL;
1266 break;
1267
1268 case PRISM2_PARAM_STA_ANTENNA_SEL:
1269 local->sta_antenna_sel = value;
1270 break;
1271
1272 case PRISM2_PARAM_FORCE_UNICAST_RATE:
1273 ret = ieee80211_ioctl_force_unicast_rate(dev, sdata, value);
1274 break;
1275
1276 case PRISM2_PARAM_MAX_RATECTRL_RATE:
1277 ret = ieee80211_ioctl_max_ratectrl_rate(dev, sdata, value);
1278 break;
1279
1280 case PRISM2_PARAM_RATE_CTRL_NUM_UP:
1281 local->rate_ctrl_num_up = value;
1282 break;
1283
1284 case PRISM2_PARAM_RATE_CTRL_NUM_DOWN:
1285 local->rate_ctrl_num_down = value;
1286 break;
1287
1288 case PRISM2_PARAM_TX_POWER_REDUCTION:
1289 if (value < 0)
1290 ret = -EINVAL;
1291 else
1292 local->hw.conf.tx_power_reduction = value;
1293 break;
1294
1295 case PRISM2_PARAM_KEY_TX_RX_THRESHOLD:
1296 local->key_tx_rx_threshold = value;
1297 break;
1298
1299 case PRISM2_PARAM_DEFAULT_WEP_ONLY:
1300 ret = ieee80211_ioctl_default_wep_only(local, value);
1301 break;
1302
1303 case PRISM2_PARAM_WIFI_WME_NOACK_TEST:
1304 local->wifi_wme_noack_test = value;
1305 break;
1306
1307 case PRISM2_PARAM_SCAN_FLAGS:
1308 local->scan_flags = value;
1309 break;
1310
1311 case PRISM2_PARAM_MIXED_CELL:
1312 if (sdata->type != IEEE80211_IF_TYPE_STA &&
1313 sdata->type != IEEE80211_IF_TYPE_IBSS)
1314 ret = -EINVAL;
1315 else
1316 sdata->u.sta.mixed_cell = !!value;
1317 break;
1318
1319 case PRISM2_PARAM_HW_MODES:
1320 local->enabled_modes = value;
1321 break;
1322
1323 case PRISM2_PARAM_CREATE_IBSS:
1324 if (sdata->type != IEEE80211_IF_TYPE_IBSS)
1325 ret = -EINVAL;
1326 else
1327 sdata->u.sta.create_ibss = !!value;
1328 break;
1329 case PRISM2_PARAM_WMM_ENABLED:
1330 if (sdata->type != IEEE80211_IF_TYPE_STA &&
1331 sdata->type != IEEE80211_IF_TYPE_IBSS)
1332 ret = -EINVAL;
1333 else
1334 sdata->u.sta.wmm_enabled = !!value;
1335 break;
1336 case PRISM2_PARAM_RADAR_DETECT:
1337 local->hw.conf.radar_detect = value;
1338 break;
1339 case PRISM2_PARAM_SPECTRUM_MGMT:
1340 local->hw.conf.spect_mgmt = value;
1341 break;
1342 default:
1343 ret = -EOPNOTSUPP;
1344 break;
1345 }
1346
1347 return ret;
1348}
1349
1350
1351static int ieee80211_ioctl_get_prism2_param(struct net_device *dev,
1352 struct iw_request_info *info,
1353 void *wrqu, char *extra)
1354{
1355 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1356 struct ieee80211_sub_if_data *sdata;
1357 int *param = (int *) extra;
1358 int ret = 0;
1359
1360 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1361
1362 switch (*param) {
1363 case PRISM2_PARAM_IEEE_802_1X:
1364 *param = sdata->ieee802_1x;
1365 break;
1366
1367 case PRISM2_PARAM_ANTSEL_TX:
1368 *param = local->hw.conf.antenna_sel_tx;
1369 break;
1370
1371 case PRISM2_PARAM_ANTSEL_RX:
1372 *param = local->hw.conf.antenna_sel_rx;
1373 break;
1374
1375 case PRISM2_PARAM_CTS_PROTECT_ERP_FRAMES:
1376 *param = local->cts_protect_erp_frames;
1377 break;
1378
1379 case PRISM2_PARAM_DROP_UNENCRYPTED:
1380 *param = sdata->drop_unencrypted;
1381 break;
1382
1383 case PRISM2_PARAM_PREAMBLE:
1384 *param = local->short_preamble;
1385 break;
1386
1387 case PRISM2_PARAM_STAT_TIME:
1388 *param = local->stat_time;
1389 break;
1390 case PRISM2_PARAM_SHORT_SLOT_TIME:
1391 *param = !!(local->hw.conf.flags & IEEE80211_CONF_SHORT_SLOT_TIME);
1392 break;
1393
1394 case PRISM2_PARAM_NEXT_MODE:
1395 *param = local->next_mode;
1396 break;
1397
1398 case PRISM2_PARAM_ANTENNA_MODE:
1399 *param = local->hw.conf.antenna_mode;
1400 break;
1401
1402 case PRISM2_PARAM_STA_ANTENNA_SEL:
1403 *param = local->sta_antenna_sel;
1404 break;
1405
1406 case PRISM2_PARAM_RATE_CTRL_NUM_UP:
1407 *param = local->rate_ctrl_num_up;
1408 break;
1409
1410 case PRISM2_PARAM_RATE_CTRL_NUM_DOWN:
1411 *param = local->rate_ctrl_num_down;
1412 break;
1413
1414 case PRISM2_PARAM_TX_POWER_REDUCTION:
1415 *param = local->hw.conf.tx_power_reduction;
1416 break;
1417
1418 case PRISM2_PARAM_KEY_TX_RX_THRESHOLD:
1419 *param = local->key_tx_rx_threshold;
1420 break;
1421
1422 case PRISM2_PARAM_DEFAULT_WEP_ONLY:
1423 *param = local->default_wep_only;
1424 break;
1425
1426 case PRISM2_PARAM_WIFI_WME_NOACK_TEST:
1427 *param = local->wifi_wme_noack_test;
1428 break;
1429
1430 case PRISM2_PARAM_SCAN_FLAGS:
1431 *param = local->scan_flags;
1432 break;
1433
1434 case PRISM2_PARAM_HW_MODES:
1435 *param = local->enabled_modes;
1436 break;
1437
1438 case PRISM2_PARAM_CREATE_IBSS:
1439 if (sdata->type != IEEE80211_IF_TYPE_IBSS)
1440 ret = -EINVAL;
1441 else
1442 *param = !!sdata->u.sta.create_ibss;
1443 break;
1444
1445 case PRISM2_PARAM_MIXED_CELL:
1446 if (sdata->type != IEEE80211_IF_TYPE_STA &&
1447 sdata->type != IEEE80211_IF_TYPE_IBSS)
1448 ret = -EINVAL;
1449 else
1450 *param = !!sdata->u.sta.mixed_cell;
1451 break;
1452 case PRISM2_PARAM_WMM_ENABLED:
1453 if (sdata->type != IEEE80211_IF_TYPE_STA &&
1454 sdata->type != IEEE80211_IF_TYPE_IBSS)
1455 ret = -EINVAL;
1456 else
1457 *param = !!sdata->u.sta.wmm_enabled;
1458 break;
1459 default:
1460 ret = -EOPNOTSUPP;
1461 break;
1462 }
1463
1464 return ret;
1465}
1466
1467static int ieee80211_ioctl_siwmlme(struct net_device *dev,
1468 struct iw_request_info *info,
1469 struct iw_point *data, char *extra)
1470{
1471 struct ieee80211_sub_if_data *sdata;
1472 struct iw_mlme *mlme = (struct iw_mlme *) extra;
1473
1474 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1475 if (sdata->type != IEEE80211_IF_TYPE_STA &&
1476 sdata->type != IEEE80211_IF_TYPE_IBSS)
1477 return -EINVAL;
1478
1479 switch (mlme->cmd) {
1480 case IW_MLME_DEAUTH:
1481 /* TODO: mlme->addr.sa_data */
1482 return ieee80211_sta_deauthenticate(dev, mlme->reason_code);
1483 case IW_MLME_DISASSOC:
1484 /* TODO: mlme->addr.sa_data */
1485 return ieee80211_sta_disassociate(dev, mlme->reason_code);
1486 default:
1487 return -EOPNOTSUPP;
1488 }
1489}
1490
1491
1492static int ieee80211_ioctl_siwencode(struct net_device *dev,
1493 struct iw_request_info *info,
1494 struct iw_point *erq, char *keybuf)
1495{
1496 struct ieee80211_sub_if_data *sdata;
1497 int idx, i, alg = ALG_WEP;
1498 u8 bcaddr[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
1499
1500 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1501
1502 idx = erq->flags & IW_ENCODE_INDEX;
1503 if (idx == 0) {
1504 if (sdata->default_key)
1505 for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
1506 if (sdata->default_key == sdata->keys[i]) {
1507 idx = i;
1508 break;
1509 }
1510 }
1511 } else if (idx < 1 || idx > 4)
1512 return -EINVAL;
1513 else
1514 idx--;
1515
1516 if (erq->flags & IW_ENCODE_DISABLED)
1517 alg = ALG_NONE;
1518 else if (erq->length == 0) {
1519 /* No key data - just set the default TX key index */
1520 if (sdata->default_key != sdata->keys[idx]) {
1521 ieee80211_debugfs_key_remove_default(sdata);
1522 sdata->default_key = sdata->keys[idx];
1523 if (sdata->default_key)
1524 ieee80211_debugfs_key_add_default(sdata);
1525 }
1526 return 0;
1527 }
1528
1529 return ieee80211_set_encryption(
1530 dev, bcaddr,
1531 idx, alg,
1532 !sdata->default_key,
1533 keybuf, erq->length);
1534}
1535
1536
1537static int ieee80211_ioctl_giwencode(struct net_device *dev,
1538 struct iw_request_info *info,
1539 struct iw_point *erq, char *key)
1540{
1541 struct ieee80211_sub_if_data *sdata;
1542 int idx, i;
1543
1544 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1545
1546 idx = erq->flags & IW_ENCODE_INDEX;
1547 if (idx < 1 || idx > 4) {
1548 idx = -1;
1549 if (!sdata->default_key)
1550 idx = 0;
1551 else for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
1552 if (sdata->default_key == sdata->keys[i]) {
1553 idx = i;
1554 break;
1555 }
1556 }
1557 if (idx < 0)
1558 return -EINVAL;
1559 } else
1560 idx--;
1561
1562 erq->flags = idx + 1;
1563
1564 if (!sdata->keys[idx]) {
1565 erq->length = 0;
1566 erq->flags |= IW_ENCODE_DISABLED;
1567 return 0;
1568 }
1569
1570 memcpy(key, sdata->keys[idx]->key,
1571 min((int)erq->length, sdata->keys[idx]->keylen));
1572 erq->length = sdata->keys[idx]->keylen;
1573 erq->flags |= IW_ENCODE_ENABLED;
1574
1575 return 0;
1576}
1577
1578static int ieee80211_ioctl_siwauth(struct net_device *dev,
1579 struct iw_request_info *info,
1580 struct iw_param *data, char *extra)
1581{
1582 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1583 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1584 int ret = 0;
1585
1586 switch (data->flags & IW_AUTH_INDEX) {
1587 case IW_AUTH_WPA_VERSION:
1588 case IW_AUTH_CIPHER_PAIRWISE:
1589 case IW_AUTH_CIPHER_GROUP:
1590 case IW_AUTH_WPA_ENABLED:
1591 case IW_AUTH_RX_UNENCRYPTED_EAPOL:
1592 break;
1593 case IW_AUTH_KEY_MGMT:
1594 if (sdata->type != IEEE80211_IF_TYPE_STA)
1595 ret = -EINVAL;
1596 else {
1597 /*
1598 * TODO: sdata->u.sta.key_mgmt does not match with WE18
1599 * value completely; could consider modifying this to
1600 * be closer to WE18. For now, this value is not really
1601 * used for anything else than Privacy matching, so the
1602 * current code here should be more or less OK.
1603 */
1604 if (data->value & IW_AUTH_KEY_MGMT_802_1X) {
1605 sdata->u.sta.key_mgmt =
1606 IEEE80211_KEY_MGMT_WPA_EAP;
1607 } else if (data->value & IW_AUTH_KEY_MGMT_PSK) {
1608 sdata->u.sta.key_mgmt =
1609 IEEE80211_KEY_MGMT_WPA_PSK;
1610 } else {
1611 sdata->u.sta.key_mgmt =
1612 IEEE80211_KEY_MGMT_NONE;
1613 }
1614 }
1615 break;
1616 case IW_AUTH_80211_AUTH_ALG:
1617 if (sdata->type == IEEE80211_IF_TYPE_STA ||
1618 sdata->type == IEEE80211_IF_TYPE_IBSS)
1619 sdata->u.sta.auth_algs = data->value;
1620 else
1621 ret = -EOPNOTSUPP;
1622 break;
1623 case IW_AUTH_PRIVACY_INVOKED:
1624 if (local->ops->set_privacy_invoked)
1625 ret = local->ops->set_privacy_invoked(
1626 local_to_hw(local), data->value);
1627 break;
1628 default:
1629 ret = -EOPNOTSUPP;
1630 break;
1631 }
1632 return ret;
1633}
1634
1635/* Get wireless statistics. Called by /proc/net/wireless and by SIOCGIWSTATS */
1636static struct iw_statistics *ieee80211_get_wireless_stats(struct net_device *dev)
1637{
1638 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1639 struct iw_statistics *wstats = &local->wstats;
1640 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1641 struct sta_info *sta = NULL;
1642
1643 if (sdata->type == IEEE80211_IF_TYPE_STA ||
1644 sdata->type == IEEE80211_IF_TYPE_IBSS)
1645 sta = sta_info_get(local, sdata->u.sta.bssid);
1646 if (!sta) {
1647 wstats->discard.fragment = 0;
1648 wstats->discard.misc = 0;
1649 wstats->qual.qual = 0;
1650 wstats->qual.level = 0;
1651 wstats->qual.noise = 0;
1652 wstats->qual.updated = IW_QUAL_ALL_INVALID;
1653 } else {
1654 wstats->qual.level = sta->last_rssi;
1655 wstats->qual.qual = sta->last_signal;
1656 wstats->qual.noise = sta->last_noise;
1657 wstats->qual.updated = local->wstats_flags;
1658 sta_info_put(sta);
1659 }
1660 return wstats;
1661}
1662
1663static int ieee80211_ioctl_giwauth(struct net_device *dev,
1664 struct iw_request_info *info,
1665 struct iw_param *data, char *extra)
1666{
1667 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1668 int ret = 0;
1669
1670 switch (data->flags & IW_AUTH_INDEX) {
1671 case IW_AUTH_80211_AUTH_ALG:
1672 if (sdata->type == IEEE80211_IF_TYPE_STA ||
1673 sdata->type == IEEE80211_IF_TYPE_IBSS)
1674 data->value = sdata->u.sta.auth_algs;
1675 else
1676 ret = -EOPNOTSUPP;
1677 break;
1678 default:
1679 ret = -EOPNOTSUPP;
1680 break;
1681 }
1682 return ret;
1683}
1684
1685
1686static int ieee80211_ioctl_siwencodeext(struct net_device *dev,
1687 struct iw_request_info *info,
1688 struct iw_point *erq, char *extra)
1689{
1690 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1691 struct iw_encode_ext *ext = (struct iw_encode_ext *) extra;
1692 int alg, idx, i;
1693
1694 switch (ext->alg) {
1695 case IW_ENCODE_ALG_NONE:
1696 alg = ALG_NONE;
1697 break;
1698 case IW_ENCODE_ALG_WEP:
1699 alg = ALG_WEP;
1700 break;
1701 case IW_ENCODE_ALG_TKIP:
1702 alg = ALG_TKIP;
1703 break;
1704 case IW_ENCODE_ALG_CCMP:
1705 alg = ALG_CCMP;
1706 break;
1707 default:
1708 return -EOPNOTSUPP;
1709 }
1710
1711 if (erq->flags & IW_ENCODE_DISABLED)
1712 alg = ALG_NONE;
1713
1714 idx = erq->flags & IW_ENCODE_INDEX;
1715 if (idx < 1 || idx > 4) {
1716 idx = -1;
1717 if (!sdata->default_key)
1718 idx = 0;
1719 else for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
1720 if (sdata->default_key == sdata->keys[i]) {
1721 idx = i;
1722 break;
1723 }
1724 }
1725 if (idx < 0)
1726 return -EINVAL;
1727 } else
1728 idx--;
1729
1730 return ieee80211_set_encryption(dev, ext->addr.sa_data, idx, alg,
1731 ext->ext_flags &
1732 IW_ENCODE_EXT_SET_TX_KEY,
1733 ext->key, ext->key_len);
1734}
1735
1736
1737static const struct iw_priv_args ieee80211_ioctl_priv[] = {
1738 { PRISM2_IOCTL_PRISM2_PARAM,
1739 IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 2, 0, "param" },
1740 { PRISM2_IOCTL_GET_PRISM2_PARAM,
1741 IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1,
1742 IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, "get_param" },
1743};
1744
1745/* Structures to export the Wireless Handlers */
1746
1747static const iw_handler ieee80211_handler[] =
1748{
1749 (iw_handler) NULL, /* SIOCSIWCOMMIT */
1750 (iw_handler) ieee80211_ioctl_giwname, /* SIOCGIWNAME */
1751 (iw_handler) NULL, /* SIOCSIWNWID */
1752 (iw_handler) NULL, /* SIOCGIWNWID */
1753 (iw_handler) ieee80211_ioctl_siwfreq, /* SIOCSIWFREQ */
1754 (iw_handler) ieee80211_ioctl_giwfreq, /* SIOCGIWFREQ */
1755 (iw_handler) ieee80211_ioctl_siwmode, /* SIOCSIWMODE */
1756 (iw_handler) ieee80211_ioctl_giwmode, /* SIOCGIWMODE */
1757 (iw_handler) NULL, /* SIOCSIWSENS */
1758 (iw_handler) NULL, /* SIOCGIWSENS */
1759 (iw_handler) NULL /* not used */, /* SIOCSIWRANGE */
1760 (iw_handler) ieee80211_ioctl_giwrange, /* SIOCGIWRANGE */
1761 (iw_handler) NULL /* not used */, /* SIOCSIWPRIV */
1762 (iw_handler) NULL /* kernel code */, /* SIOCGIWPRIV */
1763 (iw_handler) NULL /* not used */, /* SIOCSIWSTATS */
1764 (iw_handler) NULL /* kernel code */, /* SIOCGIWSTATS */
1765 iw_handler_set_spy, /* SIOCSIWSPY */
1766 iw_handler_get_spy, /* SIOCGIWSPY */
1767 iw_handler_set_thrspy, /* SIOCSIWTHRSPY */
1768 iw_handler_get_thrspy, /* SIOCGIWTHRSPY */
1769 (iw_handler) ieee80211_ioctl_siwap, /* SIOCSIWAP */
1770 (iw_handler) ieee80211_ioctl_giwap, /* SIOCGIWAP */
1771 (iw_handler) ieee80211_ioctl_siwmlme, /* SIOCSIWMLME */
1772 (iw_handler) NULL, /* SIOCGIWAPLIST */
1773 (iw_handler) ieee80211_ioctl_siwscan, /* SIOCSIWSCAN */
1774 (iw_handler) ieee80211_ioctl_giwscan, /* SIOCGIWSCAN */
1775 (iw_handler) ieee80211_ioctl_siwessid, /* SIOCSIWESSID */
1776 (iw_handler) ieee80211_ioctl_giwessid, /* SIOCGIWESSID */
1777 (iw_handler) NULL, /* SIOCSIWNICKN */
1778 (iw_handler) NULL, /* SIOCGIWNICKN */
1779 (iw_handler) NULL, /* -- hole -- */
1780 (iw_handler) NULL, /* -- hole -- */
1781 (iw_handler) NULL, /* SIOCSIWRATE */
1782 (iw_handler) NULL, /* SIOCGIWRATE */
1783 (iw_handler) ieee80211_ioctl_siwrts, /* SIOCSIWRTS */
1784 (iw_handler) ieee80211_ioctl_giwrts, /* SIOCGIWRTS */
1785 (iw_handler) ieee80211_ioctl_siwfrag, /* SIOCSIWFRAG */
1786 (iw_handler) ieee80211_ioctl_giwfrag, /* SIOCGIWFRAG */
1787 (iw_handler) NULL, /* SIOCSIWTXPOW */
1788 (iw_handler) NULL, /* SIOCGIWTXPOW */
1789 (iw_handler) ieee80211_ioctl_siwretry, /* SIOCSIWRETRY */
1790 (iw_handler) ieee80211_ioctl_giwretry, /* SIOCGIWRETRY */
1791 (iw_handler) ieee80211_ioctl_siwencode, /* SIOCSIWENCODE */
1792 (iw_handler) ieee80211_ioctl_giwencode, /* SIOCGIWENCODE */
1793 (iw_handler) NULL, /* SIOCSIWPOWER */
1794 (iw_handler) NULL, /* SIOCGIWPOWER */
1795 (iw_handler) NULL, /* -- hole -- */
1796 (iw_handler) NULL, /* -- hole -- */
1797 (iw_handler) ieee80211_ioctl_siwgenie, /* SIOCSIWGENIE */
1798 (iw_handler) NULL, /* SIOCGIWGENIE */
1799 (iw_handler) ieee80211_ioctl_siwauth, /* SIOCSIWAUTH */
1800 (iw_handler) ieee80211_ioctl_giwauth, /* SIOCGIWAUTH */
1801 (iw_handler) ieee80211_ioctl_siwencodeext, /* SIOCSIWENCODEEXT */
1802 (iw_handler) NULL, /* SIOCGIWENCODEEXT */
1803 (iw_handler) NULL, /* SIOCSIWPMKSA */
1804 (iw_handler) NULL, /* -- hole -- */
1805};
1806
1807static const iw_handler ieee80211_private_handler[] =
1808{ /* SIOCIWFIRSTPRIV + */
1809 (iw_handler) ieee80211_ioctl_prism2_param, /* 0 */
1810 (iw_handler) ieee80211_ioctl_get_prism2_param, /* 1 */
1811};
1812
1813const struct iw_handler_def ieee80211_iw_handler_def =
1814{
1815 .num_standard = ARRAY_SIZE(ieee80211_handler),
1816 .num_private = ARRAY_SIZE(ieee80211_private_handler),
1817 .num_private_args = ARRAY_SIZE(ieee80211_ioctl_priv),
1818 .standard = (iw_handler *) ieee80211_handler,
1819 .private = (iw_handler *) ieee80211_private_handler,
1820 .private_args = (struct iw_priv_args *) ieee80211_ioctl_priv,
1821 .get_wireless_stats = ieee80211_get_wireless_stats,
1822};
diff --git a/net/mac80211/ieee80211_key.h b/net/mac80211/ieee80211_key.h
new file mode 100644
index 000000000000..c33384912782
--- /dev/null
+++ b/net/mac80211/ieee80211_key.h
@@ -0,0 +1,106 @@
1/*
2 * Copyright 2002-2004, Instant802 Networks, Inc.
3 * Copyright 2005, Devicescape Software, Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#ifndef IEEE80211_KEY_H
11#define IEEE80211_KEY_H
12
13#include <linux/types.h>
14#include <linux/kref.h>
15#include <linux/crypto.h>
16#include <net/mac80211.h>
17
18/* ALG_TKIP
19 * struct ieee80211_key::key is encoded as a 256-bit (32 byte) data block:
20 * Temporal Encryption Key (128 bits)
21 * Temporal Authenticator Tx MIC Key (64 bits)
22 * Temporal Authenticator Rx MIC Key (64 bits)
23 */
24
25#define WEP_IV_LEN 4
26#define WEP_ICV_LEN 4
27
28#define ALG_TKIP_KEY_LEN 32
29/* Starting offsets for each key */
30#define ALG_TKIP_TEMP_ENCR_KEY 0
31#define ALG_TKIP_TEMP_AUTH_TX_MIC_KEY 16
32#define ALG_TKIP_TEMP_AUTH_RX_MIC_KEY 24
33#define TKIP_IV_LEN 8
34#define TKIP_ICV_LEN 4
35
36#define ALG_CCMP_KEY_LEN 16
37#define CCMP_HDR_LEN 8
38#define CCMP_MIC_LEN 8
39#define CCMP_TK_LEN 16
40#define CCMP_PN_LEN 6
41
42#define NUM_RX_DATA_QUEUES 17
43
44struct ieee80211_key {
45 struct kref kref;
46
47 int hw_key_idx; /* filled and used by low-level driver */
48 ieee80211_key_alg alg;
49 union {
50 struct {
51 /* last used TSC */
52 u32 iv32;
53 u16 iv16;
54 u16 p1k[5];
55 int tx_initialized;
56
57 /* last received RSC */
58 u32 iv32_rx[NUM_RX_DATA_QUEUES];
59 u16 iv16_rx[NUM_RX_DATA_QUEUES];
60 u16 p1k_rx[NUM_RX_DATA_QUEUES][5];
61 int rx_initialized[NUM_RX_DATA_QUEUES];
62 } tkip;
63 struct {
64 u8 tx_pn[6];
65 u8 rx_pn[NUM_RX_DATA_QUEUES][6];
66 struct crypto_cipher *tfm;
67 u32 replays; /* dot11RSNAStatsCCMPReplays */
68 /* scratch buffers for virt_to_page() (crypto API) */
69#ifndef AES_BLOCK_LEN
70#define AES_BLOCK_LEN 16
71#endif
72 u8 tx_crypto_buf[6 * AES_BLOCK_LEN];
73 u8 rx_crypto_buf[6 * AES_BLOCK_LEN];
74 } ccmp;
75 } u;
76 int tx_rx_count; /* number of times this key has been used */
77 int keylen;
78
79 /* if the low level driver can provide hardware acceleration it should
80 * clear this flag */
81 unsigned int force_sw_encrypt:1;
82 unsigned int default_tx_key:1; /* This key is the new default TX key
83 * (used only for broadcast keys). */
84 s8 keyidx; /* WEP key index */
85
86#ifdef CONFIG_MAC80211_DEBUGFS
87 struct {
88 struct dentry *stalink;
89 struct dentry *dir;
90 struct dentry *keylen;
91 struct dentry *force_sw_encrypt;
92 struct dentry *keyidx;
93 struct dentry *hw_key_idx;
94 struct dentry *tx_rx_count;
95 struct dentry *algorithm;
96 struct dentry *tx_spec;
97 struct dentry *rx_spec;
98 struct dentry *replays;
99 struct dentry *key;
100 } debugfs;
101#endif
102
103 u8 key[0];
104};
105
106#endif /* IEEE80211_KEY_H */
diff --git a/net/mac80211/ieee80211_led.c b/net/mac80211/ieee80211_led.c
new file mode 100644
index 000000000000..719d75b20707
--- /dev/null
+++ b/net/mac80211/ieee80211_led.c
@@ -0,0 +1,91 @@
1/*
2 * Copyright 2006, Johannes Berg <johannes@sipsolutions.net>
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 */
8
9/* just for IFNAMSIZ */
10#include <linux/if.h>
11#include "ieee80211_led.h"
12
13void ieee80211_led_rx(struct ieee80211_local *local)
14{
15 if (unlikely(!local->rx_led))
16 return;
17 if (local->rx_led_counter++ % 2 == 0)
18 led_trigger_event(local->rx_led, LED_OFF);
19 else
20 led_trigger_event(local->rx_led, LED_FULL);
21}
22
23/* q is 1 if a packet was enqueued, 0 if it has been transmitted */
24void ieee80211_led_tx(struct ieee80211_local *local, int q)
25{
26 if (unlikely(!local->tx_led))
27 return;
28 /* not sure how this is supposed to work ... */
29 local->tx_led_counter += 2*q-1;
30 if (local->tx_led_counter % 2 == 0)
31 led_trigger_event(local->tx_led, LED_OFF);
32 else
33 led_trigger_event(local->tx_led, LED_FULL);
34}
35
36void ieee80211_led_init(struct ieee80211_local *local)
37{
38 local->rx_led = kzalloc(sizeof(struct led_trigger), GFP_KERNEL);
39 if (!local->rx_led)
40 return;
41 snprintf(local->rx_led_name, sizeof(local->rx_led_name),
42 "%srx", wiphy_name(local->hw.wiphy));
43 local->rx_led->name = local->rx_led_name;
44 if (led_trigger_register(local->rx_led)) {
45 kfree(local->rx_led);
46 local->rx_led = NULL;
47 }
48
49 local->tx_led = kzalloc(sizeof(struct led_trigger), GFP_KERNEL);
50 if (!local->tx_led)
51 return;
52 snprintf(local->tx_led_name, sizeof(local->tx_led_name),
53 "%stx", wiphy_name(local->hw.wiphy));
54 local->tx_led->name = local->tx_led_name;
55 if (led_trigger_register(local->tx_led)) {
56 kfree(local->tx_led);
57 local->tx_led = NULL;
58 }
59}
60
61void ieee80211_led_exit(struct ieee80211_local *local)
62{
63 if (local->tx_led) {
64 led_trigger_unregister(local->tx_led);
65 kfree(local->tx_led);
66 }
67 if (local->rx_led) {
68 led_trigger_unregister(local->rx_led);
69 kfree(local->rx_led);
70 }
71}
72
73char *__ieee80211_get_tx_led_name(struct ieee80211_hw *hw)
74{
75 struct ieee80211_local *local = hw_to_local(hw);
76
77 if (local->tx_led)
78 return local->tx_led_name;
79 return NULL;
80}
81EXPORT_SYMBOL(__ieee80211_get_tx_led_name);
82
83char *__ieee80211_get_rx_led_name(struct ieee80211_hw *hw)
84{
85 struct ieee80211_local *local = hw_to_local(hw);
86
87 if (local->rx_led)
88 return local->rx_led_name;
89 return NULL;
90}
91EXPORT_SYMBOL(__ieee80211_get_rx_led_name);
diff --git a/net/mac80211/ieee80211_led.h b/net/mac80211/ieee80211_led.h
new file mode 100644
index 000000000000..5c8ab8263878
--- /dev/null
+++ b/net/mac80211/ieee80211_led.h
@@ -0,0 +1,32 @@
1/*
2 * Copyright 2006, Johannes Berg <johannes@sipsolutions.net>
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 */
8
9#include <linux/list.h>
10#include <linux/spinlock.h>
11#include <linux/leds.h>
12#include "ieee80211_i.h"
13
14#ifdef CONFIG_MAC80211_LEDS
15extern void ieee80211_led_rx(struct ieee80211_local *local);
16extern void ieee80211_led_tx(struct ieee80211_local *local, int q);
17extern void ieee80211_led_init(struct ieee80211_local *local);
18extern void ieee80211_led_exit(struct ieee80211_local *local);
19#else
20static inline void ieee80211_led_rx(struct ieee80211_local *local)
21{
22}
23static inline void ieee80211_led_tx(struct ieee80211_local *local, int q)
24{
25}
26static inline void ieee80211_led_init(struct ieee80211_local *local)
27{
28}
29static inline void ieee80211_led_exit(struct ieee80211_local *local)
30{
31}
32#endif
diff --git a/net/mac80211/ieee80211_rate.c b/net/mac80211/ieee80211_rate.c
new file mode 100644
index 000000000000..16e850864b8a
--- /dev/null
+++ b/net/mac80211/ieee80211_rate.c
@@ -0,0 +1,140 @@
1/*
2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 * Copyright (c) 2006 Jiri Benc <jbenc@suse.cz>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#include <linux/kernel.h>
12#include "ieee80211_rate.h"
13#include "ieee80211_i.h"
14
15struct rate_control_alg {
16 struct list_head list;
17 struct rate_control_ops *ops;
18};
19
20static LIST_HEAD(rate_ctrl_algs);
21static DEFINE_MUTEX(rate_ctrl_mutex);
22
23int ieee80211_rate_control_register(struct rate_control_ops *ops)
24{
25 struct rate_control_alg *alg;
26
27 alg = kmalloc(sizeof(*alg), GFP_KERNEL);
28 if (alg == NULL) {
29 return -ENOMEM;
30 }
31 memset(alg, 0, sizeof(*alg));
32 alg->ops = ops;
33
34 mutex_lock(&rate_ctrl_mutex);
35 list_add_tail(&alg->list, &rate_ctrl_algs);
36 mutex_unlock(&rate_ctrl_mutex);
37
38 return 0;
39}
40EXPORT_SYMBOL(ieee80211_rate_control_register);
41
42void ieee80211_rate_control_unregister(struct rate_control_ops *ops)
43{
44 struct rate_control_alg *alg;
45
46 mutex_lock(&rate_ctrl_mutex);
47 list_for_each_entry(alg, &rate_ctrl_algs, list) {
48 if (alg->ops == ops) {
49 list_del(&alg->list);
50 break;
51 }
52 }
53 mutex_unlock(&rate_ctrl_mutex);
54 kfree(alg);
55}
56EXPORT_SYMBOL(ieee80211_rate_control_unregister);
57
58static struct rate_control_ops *
59ieee80211_try_rate_control_ops_get(const char *name)
60{
61 struct rate_control_alg *alg;
62 struct rate_control_ops *ops = NULL;
63
64 mutex_lock(&rate_ctrl_mutex);
65 list_for_each_entry(alg, &rate_ctrl_algs, list) {
66 if (!name || !strcmp(alg->ops->name, name))
67 if (try_module_get(alg->ops->module)) {
68 ops = alg->ops;
69 break;
70 }
71 }
72 mutex_unlock(&rate_ctrl_mutex);
73 return ops;
74}
75
76/* Get the rate control algorithm. If `name' is NULL, get the first
77 * available algorithm. */
78static struct rate_control_ops *
79ieee80211_rate_control_ops_get(const char *name)
80{
81 struct rate_control_ops *ops;
82
83 ops = ieee80211_try_rate_control_ops_get(name);
84 if (!ops) {
85 request_module("rc80211_%s", name ? name : "default");
86 ops = ieee80211_try_rate_control_ops_get(name);
87 }
88 return ops;
89}
90
91static void ieee80211_rate_control_ops_put(struct rate_control_ops *ops)
92{
93 module_put(ops->module);
94}
95
96struct rate_control_ref *rate_control_alloc(const char *name,
97 struct ieee80211_local *local)
98{
99 struct rate_control_ref *ref;
100
101 ref = kmalloc(sizeof(struct rate_control_ref), GFP_KERNEL);
102 if (!ref)
103 goto fail_ref;
104 kref_init(&ref->kref);
105 ref->ops = ieee80211_rate_control_ops_get(name);
106 if (!ref->ops)
107 goto fail_ops;
108 ref->priv = ref->ops->alloc(local);
109 if (!ref->priv)
110 goto fail_priv;
111 return ref;
112
113fail_priv:
114 ieee80211_rate_control_ops_put(ref->ops);
115fail_ops:
116 kfree(ref);
117fail_ref:
118 return NULL;
119}
120
121static void rate_control_release(struct kref *kref)
122{
123 struct rate_control_ref *ctrl_ref;
124
125 ctrl_ref = container_of(kref, struct rate_control_ref, kref);
126 ctrl_ref->ops->free(ctrl_ref->priv);
127 ieee80211_rate_control_ops_put(ctrl_ref->ops);
128 kfree(ctrl_ref);
129}
130
131struct rate_control_ref *rate_control_get(struct rate_control_ref *ref)
132{
133 kref_get(&ref->kref);
134 return ref;
135}
136
137void rate_control_put(struct rate_control_ref *ref)
138{
139 kref_put(&ref->kref, rate_control_release);
140}
diff --git a/net/mac80211/ieee80211_rate.h b/net/mac80211/ieee80211_rate.h
new file mode 100644
index 000000000000..f021a028d9d0
--- /dev/null
+++ b/net/mac80211/ieee80211_rate.h
@@ -0,0 +1,144 @@
1/*
2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005, Devicescape Software, Inc.
4 * Copyright (c) 2006 Jiri Benc <jbenc@suse.cz>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#ifndef IEEE80211_RATE_H
12#define IEEE80211_RATE_H
13
14#include <linux/netdevice.h>
15#include <linux/skbuff.h>
16#include <linux/types.h>
17#include <net/mac80211.h>
18#include "ieee80211_i.h"
19#include "sta_info.h"
20
21#define RATE_CONTROL_NUM_DOWN 20
22#define RATE_CONTROL_NUM_UP 15
23
24
25struct rate_control_extra {
26 /* values from rate_control_get_rate() to the caller: */
27 struct ieee80211_rate *probe; /* probe with this rate, or NULL for no
28 * probing */
29 struct ieee80211_rate *nonerp;
30
31 /* parameters from the caller to rate_control_get_rate(): */
32 struct ieee80211_hw_mode *mode;
33 int mgmt_data; /* this is data frame that is used for management
34 * (e.g., IEEE 802.1X EAPOL) */
35 u16 ethertype;
36};
37
38
39struct rate_control_ops {
40 struct module *module;
41 const char *name;
42 void (*tx_status)(void *priv, struct net_device *dev,
43 struct sk_buff *skb,
44 struct ieee80211_tx_status *status);
45 struct ieee80211_rate *(*get_rate)(void *priv, struct net_device *dev,
46 struct sk_buff *skb,
47 struct rate_control_extra *extra);
48 void (*rate_init)(void *priv, void *priv_sta,
49 struct ieee80211_local *local, struct sta_info *sta);
50 void (*clear)(void *priv);
51
52 void *(*alloc)(struct ieee80211_local *local);
53 void (*free)(void *priv);
54 void *(*alloc_sta)(void *priv, gfp_t gfp);
55 void (*free_sta)(void *priv, void *priv_sta);
56
57 int (*add_attrs)(void *priv, struct kobject *kobj);
58 void (*remove_attrs)(void *priv, struct kobject *kobj);
59 void (*add_sta_debugfs)(void *priv, void *priv_sta,
60 struct dentry *dir);
61 void (*remove_sta_debugfs)(void *priv, void *priv_sta);
62};
63
64struct rate_control_ref {
65 struct rate_control_ops *ops;
66 void *priv;
67 struct kref kref;
68};
69
70int ieee80211_rate_control_register(struct rate_control_ops *ops);
71void ieee80211_rate_control_unregister(struct rate_control_ops *ops);
72
73/* Get a reference to the rate control algorithm. If `name' is NULL, get the
74 * first available algorithm. */
75struct rate_control_ref *rate_control_alloc(const char *name,
76 struct ieee80211_local *local);
77struct rate_control_ref *rate_control_get(struct rate_control_ref *ref);
78void rate_control_put(struct rate_control_ref *ref);
79
80static inline void rate_control_tx_status(struct ieee80211_local *local,
81 struct net_device *dev,
82 struct sk_buff *skb,
83 struct ieee80211_tx_status *status)
84{
85 struct rate_control_ref *ref = local->rate_ctrl;
86 ref->ops->tx_status(ref->priv, dev, skb, status);
87}
88
89
90static inline struct ieee80211_rate *
91rate_control_get_rate(struct ieee80211_local *local, struct net_device *dev,
92 struct sk_buff *skb, struct rate_control_extra *extra)
93{
94 struct rate_control_ref *ref = local->rate_ctrl;
95 return ref->ops->get_rate(ref->priv, dev, skb, extra);
96}
97
98
99static inline void rate_control_rate_init(struct sta_info *sta,
100 struct ieee80211_local *local)
101{
102 struct rate_control_ref *ref = sta->rate_ctrl;
103 ref->ops->rate_init(ref->priv, sta->rate_ctrl_priv, local, sta);
104}
105
106
107static inline void rate_control_clear(struct ieee80211_local *local)
108{
109 struct rate_control_ref *ref = local->rate_ctrl;
110 ref->ops->clear(ref->priv);
111}
112
113static inline void *rate_control_alloc_sta(struct rate_control_ref *ref,
114 gfp_t gfp)
115{
116 return ref->ops->alloc_sta(ref->priv, gfp);
117}
118
119static inline void rate_control_free_sta(struct rate_control_ref *ref,
120 void *priv)
121{
122 ref->ops->free_sta(ref->priv, priv);
123}
124
125static inline void rate_control_add_sta_debugfs(struct sta_info *sta)
126{
127#ifdef CONFIG_MAC80211_DEBUGFS
128 struct rate_control_ref *ref = sta->rate_ctrl;
129 if (sta->debugfs.dir && ref->ops->add_sta_debugfs)
130 ref->ops->add_sta_debugfs(ref->priv, sta->rate_ctrl_priv,
131 sta->debugfs.dir);
132#endif
133}
134
135static inline void rate_control_remove_sta_debugfs(struct sta_info *sta)
136{
137#ifdef CONFIG_MAC80211_DEBUGFS
138 struct rate_control_ref *ref = sta->rate_ctrl;
139 if (ref->ops->remove_sta_debugfs)
140 ref->ops->remove_sta_debugfs(ref->priv, sta->rate_ctrl_priv);
141#endif
142}
143
144#endif /* IEEE80211_RATE_H */
diff --git a/net/mac80211/ieee80211_sta.c b/net/mac80211/ieee80211_sta.c
new file mode 100644
index 000000000000..822917debeff
--- /dev/null
+++ b/net/mac80211/ieee80211_sta.c
@@ -0,0 +1,3060 @@
1/*
2 * BSS client mode implementation
3 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
4 * Copyright 2004, Instant802 Networks, Inc.
5 * Copyright 2005, Devicescape Software, Inc.
6 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
7 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 2 as
11 * published by the Free Software Foundation.
12 */
13
14/* TODO:
15 * BSS table: use <BSSID,SSID> as the key to support multi-SSID APs
16 * order BSS list by RSSI(?) ("quality of AP")
17 * scan result table filtering (by capability (privacy, IBSS/BSS, WPA/RSN IE,
18 * SSID)
19 */
20#include <linux/if_ether.h>
21#include <linux/skbuff.h>
22#include <linux/netdevice.h>
23#include <linux/if_arp.h>
24#include <linux/wireless.h>
25#include <linux/random.h>
26#include <linux/etherdevice.h>
27#include <linux/rtnetlink.h>
28#include <net/iw_handler.h>
29#include <asm/types.h>
30#include <asm/delay.h>
31
32#include <net/mac80211.h>
33#include "ieee80211_i.h"
34#include "ieee80211_rate.h"
35#include "hostapd_ioctl.h"
36
37#define IEEE80211_AUTH_TIMEOUT (HZ / 5)
38#define IEEE80211_AUTH_MAX_TRIES 3
39#define IEEE80211_ASSOC_TIMEOUT (HZ / 5)
40#define IEEE80211_ASSOC_MAX_TRIES 3
41#define IEEE80211_MONITORING_INTERVAL (2 * HZ)
42#define IEEE80211_PROBE_INTERVAL (60 * HZ)
43#define IEEE80211_RETRY_AUTH_INTERVAL (1 * HZ)
44#define IEEE80211_SCAN_INTERVAL (2 * HZ)
45#define IEEE80211_SCAN_INTERVAL_SLOW (15 * HZ)
46#define IEEE80211_IBSS_JOIN_TIMEOUT (20 * HZ)
47
48#define IEEE80211_PROBE_DELAY (HZ / 33)
49#define IEEE80211_CHANNEL_TIME (HZ / 33)
50#define IEEE80211_PASSIVE_CHANNEL_TIME (HZ / 5)
51#define IEEE80211_SCAN_RESULT_EXPIRE (10 * HZ)
52#define IEEE80211_IBSS_MERGE_INTERVAL (30 * HZ)
53#define IEEE80211_IBSS_INACTIVITY_LIMIT (60 * HZ)
54
55#define IEEE80211_IBSS_MAX_STA_ENTRIES 128
56
57
58#define IEEE80211_FC(type, stype) cpu_to_le16(type | stype)
59
60#define ERP_INFO_USE_PROTECTION BIT(1)
61
62static void ieee80211_send_probe_req(struct net_device *dev, u8 *dst,
63 u8 *ssid, size_t ssid_len);
64static struct ieee80211_sta_bss *
65ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid);
66static void ieee80211_rx_bss_put(struct net_device *dev,
67 struct ieee80211_sta_bss *bss);
68static int ieee80211_sta_find_ibss(struct net_device *dev,
69 struct ieee80211_if_sta *ifsta);
70static int ieee80211_sta_wep_configured(struct net_device *dev);
71static int ieee80211_sta_start_scan(struct net_device *dev,
72 u8 *ssid, size_t ssid_len);
73static int ieee80211_sta_config_auth(struct net_device *dev,
74 struct ieee80211_if_sta *ifsta);
75
76
77/* Parsed Information Elements */
78struct ieee802_11_elems {
79 u8 *ssid;
80 u8 ssid_len;
81 u8 *supp_rates;
82 u8 supp_rates_len;
83 u8 *fh_params;
84 u8 fh_params_len;
85 u8 *ds_params;
86 u8 ds_params_len;
87 u8 *cf_params;
88 u8 cf_params_len;
89 u8 *tim;
90 u8 tim_len;
91 u8 *ibss_params;
92 u8 ibss_params_len;
93 u8 *challenge;
94 u8 challenge_len;
95 u8 *wpa;
96 u8 wpa_len;
97 u8 *rsn;
98 u8 rsn_len;
99 u8 *erp_info;
100 u8 erp_info_len;
101 u8 *ext_supp_rates;
102 u8 ext_supp_rates_len;
103 u8 *wmm_info;
104 u8 wmm_info_len;
105 u8 *wmm_param;
106 u8 wmm_param_len;
107};
108
109typedef enum { ParseOK = 0, ParseUnknown = 1, ParseFailed = -1 } ParseRes;
110
111
112static ParseRes ieee802_11_parse_elems(u8 *start, size_t len,
113 struct ieee802_11_elems *elems)
114{
115 size_t left = len;
116 u8 *pos = start;
117 int unknown = 0;
118
119 memset(elems, 0, sizeof(*elems));
120
121 while (left >= 2) {
122 u8 id, elen;
123
124 id = *pos++;
125 elen = *pos++;
126 left -= 2;
127
128 if (elen > left) {
129#if 0
130 if (net_ratelimit())
131 printk(KERN_DEBUG "IEEE 802.11 element parse "
132 "failed (id=%d elen=%d left=%d)\n",
133 id, elen, left);
134#endif
135 return ParseFailed;
136 }
137
138 switch (id) {
139 case WLAN_EID_SSID:
140 elems->ssid = pos;
141 elems->ssid_len = elen;
142 break;
143 case WLAN_EID_SUPP_RATES:
144 elems->supp_rates = pos;
145 elems->supp_rates_len = elen;
146 break;
147 case WLAN_EID_FH_PARAMS:
148 elems->fh_params = pos;
149 elems->fh_params_len = elen;
150 break;
151 case WLAN_EID_DS_PARAMS:
152 elems->ds_params = pos;
153 elems->ds_params_len = elen;
154 break;
155 case WLAN_EID_CF_PARAMS:
156 elems->cf_params = pos;
157 elems->cf_params_len = elen;
158 break;
159 case WLAN_EID_TIM:
160 elems->tim = pos;
161 elems->tim_len = elen;
162 break;
163 case WLAN_EID_IBSS_PARAMS:
164 elems->ibss_params = pos;
165 elems->ibss_params_len = elen;
166 break;
167 case WLAN_EID_CHALLENGE:
168 elems->challenge = pos;
169 elems->challenge_len = elen;
170 break;
171 case WLAN_EID_WPA:
172 if (elen >= 4 && pos[0] == 0x00 && pos[1] == 0x50 &&
173 pos[2] == 0xf2) {
174 /* Microsoft OUI (00:50:F2) */
175 if (pos[3] == 1) {
176 /* OUI Type 1 - WPA IE */
177 elems->wpa = pos;
178 elems->wpa_len = elen;
179 } else if (elen >= 5 && pos[3] == 2) {
180 if (pos[4] == 0) {
181 elems->wmm_info = pos;
182 elems->wmm_info_len = elen;
183 } else if (pos[4] == 1) {
184 elems->wmm_param = pos;
185 elems->wmm_param_len = elen;
186 }
187 }
188 }
189 break;
190 case WLAN_EID_RSN:
191 elems->rsn = pos;
192 elems->rsn_len = elen;
193 break;
194 case WLAN_EID_ERP_INFO:
195 elems->erp_info = pos;
196 elems->erp_info_len = elen;
197 break;
198 case WLAN_EID_EXT_SUPP_RATES:
199 elems->ext_supp_rates = pos;
200 elems->ext_supp_rates_len = elen;
201 break;
202 default:
203#if 0
204 printk(KERN_DEBUG "IEEE 802.11 element parse ignored "
205 "unknown element (id=%d elen=%d)\n",
206 id, elen);
207#endif
208 unknown++;
209 break;
210 }
211
212 left -= elen;
213 pos += elen;
214 }
215
216 /* Do not trigger error if left == 1 as Apple Airport base stations
217 * send AssocResps that are one spurious byte too long. */
218
219 return unknown ? ParseUnknown : ParseOK;
220}
221
222
223
224
225static int ecw2cw(int ecw)
226{
227 int cw = 1;
228 while (ecw > 0) {
229 cw <<= 1;
230 ecw--;
231 }
232 return cw - 1;
233}
234
235
236static void ieee80211_sta_wmm_params(struct net_device *dev,
237 struct ieee80211_if_sta *ifsta,
238 u8 *wmm_param, size_t wmm_param_len)
239{
240 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
241 struct ieee80211_tx_queue_params params;
242 size_t left;
243 int count;
244 u8 *pos;
245
246 if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1)
247 return;
248 count = wmm_param[6] & 0x0f;
249 if (count == ifsta->wmm_last_param_set)
250 return;
251 ifsta->wmm_last_param_set = count;
252
253 pos = wmm_param + 8;
254 left = wmm_param_len - 8;
255
256 memset(&params, 0, sizeof(params));
257
258 if (!local->ops->conf_tx)
259 return;
260
261 local->wmm_acm = 0;
262 for (; left >= 4; left -= 4, pos += 4) {
263 int aci = (pos[0] >> 5) & 0x03;
264 int acm = (pos[0] >> 4) & 0x01;
265 int queue;
266
267 switch (aci) {
268 case 1:
269 queue = IEEE80211_TX_QUEUE_DATA3;
270 if (acm) {
271 local->wmm_acm |= BIT(0) | BIT(3);
272 }
273 break;
274 case 2:
275 queue = IEEE80211_TX_QUEUE_DATA1;
276 if (acm) {
277 local->wmm_acm |= BIT(4) | BIT(5);
278 }
279 break;
280 case 3:
281 queue = IEEE80211_TX_QUEUE_DATA0;
282 if (acm) {
283 local->wmm_acm |= BIT(6) | BIT(7);
284 }
285 break;
286 case 0:
287 default:
288 queue = IEEE80211_TX_QUEUE_DATA2;
289 if (acm) {
290 local->wmm_acm |= BIT(1) | BIT(2);
291 }
292 break;
293 }
294
295 params.aifs = pos[0] & 0x0f;
296 params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4);
297 params.cw_min = ecw2cw(pos[1] & 0x0f);
298 /* TXOP is in units of 32 usec; burst_time in 0.1 ms */
299 params.burst_time = (pos[2] | (pos[3] << 8)) * 32 / 100;
300 printk(KERN_DEBUG "%s: WMM queue=%d aci=%d acm=%d aifs=%d "
301 "cWmin=%d cWmax=%d burst=%d\n",
302 dev->name, queue, aci, acm, params.aifs, params.cw_min,
303 params.cw_max, params.burst_time);
304 /* TODO: handle ACM (block TX, fallback to next lowest allowed
305 * AC for now) */
306 if (local->ops->conf_tx(local_to_hw(local), queue, &params)) {
307 printk(KERN_DEBUG "%s: failed to set TX queue "
308 "parameters for queue %d\n", dev->name, queue);
309 }
310 }
311}
312
313
314static void ieee80211_sta_send_associnfo(struct net_device *dev,
315 struct ieee80211_if_sta *ifsta)
316{
317 char *buf;
318 size_t len;
319 int i;
320 union iwreq_data wrqu;
321
322 if (!ifsta->assocreq_ies && !ifsta->assocresp_ies)
323 return;
324
325 buf = kmalloc(50 + 2 * (ifsta->assocreq_ies_len +
326 ifsta->assocresp_ies_len), GFP_ATOMIC);
327 if (!buf)
328 return;
329
330 len = sprintf(buf, "ASSOCINFO(");
331 if (ifsta->assocreq_ies) {
332 len += sprintf(buf + len, "ReqIEs=");
333 for (i = 0; i < ifsta->assocreq_ies_len; i++) {
334 len += sprintf(buf + len, "%02x",
335 ifsta->assocreq_ies[i]);
336 }
337 }
338 if (ifsta->assocresp_ies) {
339 if (ifsta->assocreq_ies)
340 len += sprintf(buf + len, " ");
341 len += sprintf(buf + len, "RespIEs=");
342 for (i = 0; i < ifsta->assocresp_ies_len; i++) {
343 len += sprintf(buf + len, "%02x",
344 ifsta->assocresp_ies[i]);
345 }
346 }
347 len += sprintf(buf + len, ")");
348
349 if (len > IW_CUSTOM_MAX) {
350 len = sprintf(buf, "ASSOCRESPIE=");
351 for (i = 0; i < ifsta->assocresp_ies_len; i++) {
352 len += sprintf(buf + len, "%02x",
353 ifsta->assocresp_ies[i]);
354 }
355 }
356
357 memset(&wrqu, 0, sizeof(wrqu));
358 wrqu.data.length = len;
359 wireless_send_event(dev, IWEVCUSTOM, &wrqu, buf);
360
361 kfree(buf);
362}
363
364
365static void ieee80211_set_associated(struct net_device *dev,
366 struct ieee80211_if_sta *ifsta, int assoc)
367{
368 union iwreq_data wrqu;
369
370 if (ifsta->associated == assoc)
371 return;
372
373 ifsta->associated = assoc;
374
375 if (assoc) {
376 struct ieee80211_sub_if_data *sdata;
377 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
378 if (sdata->type != IEEE80211_IF_TYPE_STA)
379 return;
380 netif_carrier_on(dev);
381 ifsta->prev_bssid_set = 1;
382 memcpy(ifsta->prev_bssid, sdata->u.sta.bssid, ETH_ALEN);
383 memcpy(wrqu.ap_addr.sa_data, sdata->u.sta.bssid, ETH_ALEN);
384 ieee80211_sta_send_associnfo(dev, ifsta);
385 } else {
386 netif_carrier_off(dev);
387 memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
388 }
389 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
390 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
391 ifsta->last_probe = jiffies;
392}
393
394static void ieee80211_set_disassoc(struct net_device *dev,
395 struct ieee80211_if_sta *ifsta, int deauth)
396{
397 if (deauth)
398 ifsta->auth_tries = 0;
399 ifsta->assoc_tries = 0;
400 ieee80211_set_associated(dev, ifsta, 0);
401}
402
403static void ieee80211_sta_tx(struct net_device *dev, struct sk_buff *skb,
404 int encrypt)
405{
406 struct ieee80211_sub_if_data *sdata;
407 struct ieee80211_tx_packet_data *pkt_data;
408
409 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
410 skb->dev = sdata->local->mdev;
411 skb_set_mac_header(skb, 0);
412 skb_set_network_header(skb, 0);
413 skb_set_transport_header(skb, 0);
414
415 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb;
416 memset(pkt_data, 0, sizeof(struct ieee80211_tx_packet_data));
417 pkt_data->ifindex = sdata->dev->ifindex;
418 pkt_data->mgmt_iface = (sdata->type == IEEE80211_IF_TYPE_MGMT);
419 pkt_data->do_not_encrypt = !encrypt;
420
421 dev_queue_xmit(skb);
422}
423
424
425static void ieee80211_send_auth(struct net_device *dev,
426 struct ieee80211_if_sta *ifsta,
427 int transaction, u8 *extra, size_t extra_len,
428 int encrypt)
429{
430 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
431 struct sk_buff *skb;
432 struct ieee80211_mgmt *mgmt;
433
434 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
435 sizeof(*mgmt) + 6 + extra_len);
436 if (!skb) {
437 printk(KERN_DEBUG "%s: failed to allocate buffer for auth "
438 "frame\n", dev->name);
439 return;
440 }
441 skb_reserve(skb, local->hw.extra_tx_headroom);
442
443 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24 + 6);
444 memset(mgmt, 0, 24 + 6);
445 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
446 IEEE80211_STYPE_AUTH);
447 if (encrypt)
448 mgmt->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
449 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
450 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
451 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
452 mgmt->u.auth.auth_alg = cpu_to_le16(ifsta->auth_alg);
453 mgmt->u.auth.auth_transaction = cpu_to_le16(transaction);
454 ifsta->auth_transaction = transaction + 1;
455 mgmt->u.auth.status_code = cpu_to_le16(0);
456 if (extra)
457 memcpy(skb_put(skb, extra_len), extra, extra_len);
458
459 ieee80211_sta_tx(dev, skb, encrypt);
460}
461
462
463static void ieee80211_authenticate(struct net_device *dev,
464 struct ieee80211_if_sta *ifsta)
465{
466 ifsta->auth_tries++;
467 if (ifsta->auth_tries > IEEE80211_AUTH_MAX_TRIES) {
468 printk(KERN_DEBUG "%s: authentication with AP " MAC_FMT
469 " timed out\n",
470 dev->name, MAC_ARG(ifsta->bssid));
471 ifsta->state = IEEE80211_DISABLED;
472 return;
473 }
474
475 ifsta->state = IEEE80211_AUTHENTICATE;
476 printk(KERN_DEBUG "%s: authenticate with AP " MAC_FMT "\n",
477 dev->name, MAC_ARG(ifsta->bssid));
478
479 ieee80211_send_auth(dev, ifsta, 1, NULL, 0, 0);
480
481 mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
482}
483
484
485static void ieee80211_send_assoc(struct net_device *dev,
486 struct ieee80211_if_sta *ifsta)
487{
488 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
489 struct ieee80211_hw_mode *mode;
490 struct sk_buff *skb;
491 struct ieee80211_mgmt *mgmt;
492 u8 *pos, *ies;
493 int i, len;
494 u16 capab;
495 struct ieee80211_sta_bss *bss;
496 int wmm = 0;
497
498 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
499 sizeof(*mgmt) + 200 + ifsta->extra_ie_len +
500 ifsta->ssid_len);
501 if (!skb) {
502 printk(KERN_DEBUG "%s: failed to allocate buffer for assoc "
503 "frame\n", dev->name);
504 return;
505 }
506 skb_reserve(skb, local->hw.extra_tx_headroom);
507
508 mode = local->oper_hw_mode;
509 capab = ifsta->capab;
510 if (mode->mode == MODE_IEEE80211G) {
511 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME |
512 WLAN_CAPABILITY_SHORT_PREAMBLE;
513 }
514 bss = ieee80211_rx_bss_get(dev, ifsta->bssid);
515 if (bss) {
516 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
517 capab |= WLAN_CAPABILITY_PRIVACY;
518 if (bss->wmm_ie) {
519 wmm = 1;
520 }
521 ieee80211_rx_bss_put(dev, bss);
522 }
523
524 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
525 memset(mgmt, 0, 24);
526 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
527 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
528 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
529
530 if (ifsta->prev_bssid_set) {
531 skb_put(skb, 10);
532 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
533 IEEE80211_STYPE_REASSOC_REQ);
534 mgmt->u.reassoc_req.capab_info = cpu_to_le16(capab);
535 mgmt->u.reassoc_req.listen_interval = cpu_to_le16(1);
536 memcpy(mgmt->u.reassoc_req.current_ap, ifsta->prev_bssid,
537 ETH_ALEN);
538 } else {
539 skb_put(skb, 4);
540 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
541 IEEE80211_STYPE_ASSOC_REQ);
542 mgmt->u.assoc_req.capab_info = cpu_to_le16(capab);
543 mgmt->u.assoc_req.listen_interval = cpu_to_le16(1);
544 }
545
546 /* SSID */
547 ies = pos = skb_put(skb, 2 + ifsta->ssid_len);
548 *pos++ = WLAN_EID_SSID;
549 *pos++ = ifsta->ssid_len;
550 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
551
552 len = mode->num_rates;
553 if (len > 8)
554 len = 8;
555 pos = skb_put(skb, len + 2);
556 *pos++ = WLAN_EID_SUPP_RATES;
557 *pos++ = len;
558 for (i = 0; i < len; i++) {
559 int rate = mode->rates[i].rate;
560 if (mode->mode == MODE_ATHEROS_TURBO)
561 rate /= 2;
562 *pos++ = (u8) (rate / 5);
563 }
564
565 if (mode->num_rates > len) {
566 pos = skb_put(skb, mode->num_rates - len + 2);
567 *pos++ = WLAN_EID_EXT_SUPP_RATES;
568 *pos++ = mode->num_rates - len;
569 for (i = len; i < mode->num_rates; i++) {
570 int rate = mode->rates[i].rate;
571 if (mode->mode == MODE_ATHEROS_TURBO)
572 rate /= 2;
573 *pos++ = (u8) (rate / 5);
574 }
575 }
576
577 if (ifsta->extra_ie) {
578 pos = skb_put(skb, ifsta->extra_ie_len);
579 memcpy(pos, ifsta->extra_ie, ifsta->extra_ie_len);
580 }
581
582 if (wmm && ifsta->wmm_enabled) {
583 pos = skb_put(skb, 9);
584 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
585 *pos++ = 7; /* len */
586 *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */
587 *pos++ = 0x50;
588 *pos++ = 0xf2;
589 *pos++ = 2; /* WME */
590 *pos++ = 0; /* WME info */
591 *pos++ = 1; /* WME ver */
592 *pos++ = 0;
593 }
594
595 kfree(ifsta->assocreq_ies);
596 ifsta->assocreq_ies_len = (skb->data + skb->len) - ies;
597 ifsta->assocreq_ies = kmalloc(ifsta->assocreq_ies_len, GFP_ATOMIC);
598 if (ifsta->assocreq_ies)
599 memcpy(ifsta->assocreq_ies, ies, ifsta->assocreq_ies_len);
600
601 ieee80211_sta_tx(dev, skb, 0);
602}
603
604
605static void ieee80211_send_deauth(struct net_device *dev,
606 struct ieee80211_if_sta *ifsta, u16 reason)
607{
608 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
609 struct sk_buff *skb;
610 struct ieee80211_mgmt *mgmt;
611
612 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
613 if (!skb) {
614 printk(KERN_DEBUG "%s: failed to allocate buffer for deauth "
615 "frame\n", dev->name);
616 return;
617 }
618 skb_reserve(skb, local->hw.extra_tx_headroom);
619
620 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
621 memset(mgmt, 0, 24);
622 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
623 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
624 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
625 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
626 IEEE80211_STYPE_DEAUTH);
627 skb_put(skb, 2);
628 mgmt->u.deauth.reason_code = cpu_to_le16(reason);
629
630 ieee80211_sta_tx(dev, skb, 0);
631}
632
633
634static void ieee80211_send_disassoc(struct net_device *dev,
635 struct ieee80211_if_sta *ifsta, u16 reason)
636{
637 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
638 struct sk_buff *skb;
639 struct ieee80211_mgmt *mgmt;
640
641 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt));
642 if (!skb) {
643 printk(KERN_DEBUG "%s: failed to allocate buffer for disassoc "
644 "frame\n", dev->name);
645 return;
646 }
647 skb_reserve(skb, local->hw.extra_tx_headroom);
648
649 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
650 memset(mgmt, 0, 24);
651 memcpy(mgmt->da, ifsta->bssid, ETH_ALEN);
652 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
653 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
654 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
655 IEEE80211_STYPE_DISASSOC);
656 skb_put(skb, 2);
657 mgmt->u.disassoc.reason_code = cpu_to_le16(reason);
658
659 ieee80211_sta_tx(dev, skb, 0);
660}
661
662
663static int ieee80211_privacy_mismatch(struct net_device *dev,
664 struct ieee80211_if_sta *ifsta)
665{
666 struct ieee80211_sta_bss *bss;
667 int res = 0;
668
669 if (!ifsta || ifsta->mixed_cell ||
670 ifsta->key_mgmt != IEEE80211_KEY_MGMT_NONE)
671 return 0;
672
673 bss = ieee80211_rx_bss_get(dev, ifsta->bssid);
674 if (!bss)
675 return 0;
676
677 if (ieee80211_sta_wep_configured(dev) !=
678 !!(bss->capability & WLAN_CAPABILITY_PRIVACY))
679 res = 1;
680
681 ieee80211_rx_bss_put(dev, bss);
682
683 return res;
684}
685
686
687static void ieee80211_associate(struct net_device *dev,
688 struct ieee80211_if_sta *ifsta)
689{
690 ifsta->assoc_tries++;
691 if (ifsta->assoc_tries > IEEE80211_ASSOC_MAX_TRIES) {
692 printk(KERN_DEBUG "%s: association with AP " MAC_FMT
693 " timed out\n",
694 dev->name, MAC_ARG(ifsta->bssid));
695 ifsta->state = IEEE80211_DISABLED;
696 return;
697 }
698
699 ifsta->state = IEEE80211_ASSOCIATE;
700 printk(KERN_DEBUG "%s: associate with AP " MAC_FMT "\n",
701 dev->name, MAC_ARG(ifsta->bssid));
702 if (ieee80211_privacy_mismatch(dev, ifsta)) {
703 printk(KERN_DEBUG "%s: mismatch in privacy configuration and "
704 "mixed-cell disabled - abort association\n", dev->name);
705 ifsta->state = IEEE80211_DISABLED;
706 return;
707 }
708
709 ieee80211_send_assoc(dev, ifsta);
710
711 mod_timer(&ifsta->timer, jiffies + IEEE80211_ASSOC_TIMEOUT);
712}
713
714
715static void ieee80211_associated(struct net_device *dev,
716 struct ieee80211_if_sta *ifsta)
717{
718 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
719 struct sta_info *sta;
720 int disassoc;
721
722 /* TODO: start monitoring current AP signal quality and number of
723 * missed beacons. Scan other channels every now and then and search
724 * for better APs. */
725 /* TODO: remove expired BSSes */
726
727 ifsta->state = IEEE80211_ASSOCIATED;
728
729 sta = sta_info_get(local, ifsta->bssid);
730 if (!sta) {
731 printk(KERN_DEBUG "%s: No STA entry for own AP " MAC_FMT "\n",
732 dev->name, MAC_ARG(ifsta->bssid));
733 disassoc = 1;
734 } else {
735 disassoc = 0;
736 if (time_after(jiffies,
737 sta->last_rx + IEEE80211_MONITORING_INTERVAL)) {
738 if (ifsta->probereq_poll) {
739 printk(KERN_DEBUG "%s: No ProbeResp from "
740 "current AP " MAC_FMT " - assume out of "
741 "range\n",
742 dev->name, MAC_ARG(ifsta->bssid));
743 disassoc = 1;
744 sta_info_free(sta, 0);
745 ifsta->probereq_poll = 0;
746 } else {
747 ieee80211_send_probe_req(dev, ifsta->bssid,
748 local->scan_ssid,
749 local->scan_ssid_len);
750 ifsta->probereq_poll = 1;
751 }
752 } else {
753 ifsta->probereq_poll = 0;
754 if (time_after(jiffies, ifsta->last_probe +
755 IEEE80211_PROBE_INTERVAL)) {
756 ifsta->last_probe = jiffies;
757 ieee80211_send_probe_req(dev, ifsta->bssid,
758 ifsta->ssid,
759 ifsta->ssid_len);
760 }
761 }
762 sta_info_put(sta);
763 }
764 if (disassoc) {
765 union iwreq_data wrqu;
766 memset(wrqu.ap_addr.sa_data, 0, ETH_ALEN);
767 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
768 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL);
769 mod_timer(&ifsta->timer, jiffies +
770 IEEE80211_MONITORING_INTERVAL + 30 * HZ);
771 } else {
772 mod_timer(&ifsta->timer, jiffies +
773 IEEE80211_MONITORING_INTERVAL);
774 }
775}
776
777
778static void ieee80211_send_probe_req(struct net_device *dev, u8 *dst,
779 u8 *ssid, size_t ssid_len)
780{
781 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
782 struct ieee80211_hw_mode *mode;
783 struct sk_buff *skb;
784 struct ieee80211_mgmt *mgmt;
785 u8 *pos, *supp_rates, *esupp_rates = NULL;
786 int i;
787
788 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) + 200);
789 if (!skb) {
790 printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
791 "request\n", dev->name);
792 return;
793 }
794 skb_reserve(skb, local->hw.extra_tx_headroom);
795
796 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
797 memset(mgmt, 0, 24);
798 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
799 IEEE80211_STYPE_PROBE_REQ);
800 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
801 if (dst) {
802 memcpy(mgmt->da, dst, ETH_ALEN);
803 memcpy(mgmt->bssid, dst, ETH_ALEN);
804 } else {
805 memset(mgmt->da, 0xff, ETH_ALEN);
806 memset(mgmt->bssid, 0xff, ETH_ALEN);
807 }
808 pos = skb_put(skb, 2 + ssid_len);
809 *pos++ = WLAN_EID_SSID;
810 *pos++ = ssid_len;
811 memcpy(pos, ssid, ssid_len);
812
813 supp_rates = skb_put(skb, 2);
814 supp_rates[0] = WLAN_EID_SUPP_RATES;
815 supp_rates[1] = 0;
816 mode = local->oper_hw_mode;
817 for (i = 0; i < mode->num_rates; i++) {
818 struct ieee80211_rate *rate = &mode->rates[i];
819 if (!(rate->flags & IEEE80211_RATE_SUPPORTED))
820 continue;
821 if (esupp_rates) {
822 pos = skb_put(skb, 1);
823 esupp_rates[1]++;
824 } else if (supp_rates[1] == 8) {
825 esupp_rates = skb_put(skb, 3);
826 esupp_rates[0] = WLAN_EID_EXT_SUPP_RATES;
827 esupp_rates[1] = 1;
828 pos = &esupp_rates[2];
829 } else {
830 pos = skb_put(skb, 1);
831 supp_rates[1]++;
832 }
833 if (mode->mode == MODE_ATHEROS_TURBO)
834 *pos = rate->rate / 10;
835 else
836 *pos = rate->rate / 5;
837 }
838
839 ieee80211_sta_tx(dev, skb, 0);
840}
841
842
843static int ieee80211_sta_wep_configured(struct net_device *dev)
844{
845 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
846 if (!sdata || !sdata->default_key ||
847 sdata->default_key->alg != ALG_WEP)
848 return 0;
849 return 1;
850}
851
852
853static void ieee80211_auth_completed(struct net_device *dev,
854 struct ieee80211_if_sta *ifsta)
855{
856 printk(KERN_DEBUG "%s: authenticated\n", dev->name);
857 ifsta->authenticated = 1;
858 ieee80211_associate(dev, ifsta);
859}
860
861
862static void ieee80211_auth_challenge(struct net_device *dev,
863 struct ieee80211_if_sta *ifsta,
864 struct ieee80211_mgmt *mgmt,
865 size_t len)
866{
867 u8 *pos;
868 struct ieee802_11_elems elems;
869
870 printk(KERN_DEBUG "%s: replying to auth challenge\n", dev->name);
871 pos = mgmt->u.auth.variable;
872 if (ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems)
873 == ParseFailed) {
874 printk(KERN_DEBUG "%s: failed to parse Auth(challenge)\n",
875 dev->name);
876 return;
877 }
878 if (!elems.challenge) {
879 printk(KERN_DEBUG "%s: no challenge IE in shared key auth "
880 "frame\n", dev->name);
881 return;
882 }
883 ieee80211_send_auth(dev, ifsta, 3, elems.challenge - 2,
884 elems.challenge_len + 2, 1);
885}
886
887
888static void ieee80211_rx_mgmt_auth(struct net_device *dev,
889 struct ieee80211_if_sta *ifsta,
890 struct ieee80211_mgmt *mgmt,
891 size_t len)
892{
893 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
894 u16 auth_alg, auth_transaction, status_code;
895
896 if (ifsta->state != IEEE80211_AUTHENTICATE &&
897 sdata->type != IEEE80211_IF_TYPE_IBSS) {
898 printk(KERN_DEBUG "%s: authentication frame received from "
899 MAC_FMT ", but not in authenticate state - ignored\n",
900 dev->name, MAC_ARG(mgmt->sa));
901 return;
902 }
903
904 if (len < 24 + 6) {
905 printk(KERN_DEBUG "%s: too short (%zd) authentication frame "
906 "received from " MAC_FMT " - ignored\n",
907 dev->name, len, MAC_ARG(mgmt->sa));
908 return;
909 }
910
911 if (sdata->type != IEEE80211_IF_TYPE_IBSS &&
912 memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
913 printk(KERN_DEBUG "%s: authentication frame received from "
914 "unknown AP (SA=" MAC_FMT " BSSID=" MAC_FMT ") - "
915 "ignored\n", dev->name, MAC_ARG(mgmt->sa),
916 MAC_ARG(mgmt->bssid));
917 return;
918 }
919
920 if (sdata->type != IEEE80211_IF_TYPE_IBSS &&
921 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0) {
922 printk(KERN_DEBUG "%s: authentication frame received from "
923 "unknown BSSID (SA=" MAC_FMT " BSSID=" MAC_FMT ") - "
924 "ignored\n", dev->name, MAC_ARG(mgmt->sa),
925 MAC_ARG(mgmt->bssid));
926 return;
927 }
928
929 auth_alg = le16_to_cpu(mgmt->u.auth.auth_alg);
930 auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
931 status_code = le16_to_cpu(mgmt->u.auth.status_code);
932
933 printk(KERN_DEBUG "%s: RX authentication from " MAC_FMT " (alg=%d "
934 "transaction=%d status=%d)\n",
935 dev->name, MAC_ARG(mgmt->sa), auth_alg,
936 auth_transaction, status_code);
937
938 if (sdata->type == IEEE80211_IF_TYPE_IBSS) {
939 /* IEEE 802.11 standard does not require authentication in IBSS
940 * networks and most implementations do not seem to use it.
941 * However, try to reply to authentication attempts if someone
942 * has actually implemented this.
943 * TODO: Could implement shared key authentication. */
944 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1) {
945 printk(KERN_DEBUG "%s: unexpected IBSS authentication "
946 "frame (alg=%d transaction=%d)\n",
947 dev->name, auth_alg, auth_transaction);
948 return;
949 }
950 ieee80211_send_auth(dev, ifsta, 2, NULL, 0, 0);
951 }
952
953 if (auth_alg != ifsta->auth_alg ||
954 auth_transaction != ifsta->auth_transaction) {
955 printk(KERN_DEBUG "%s: unexpected authentication frame "
956 "(alg=%d transaction=%d)\n",
957 dev->name, auth_alg, auth_transaction);
958 return;
959 }
960
961 if (status_code != WLAN_STATUS_SUCCESS) {
962 printk(KERN_DEBUG "%s: AP denied authentication (auth_alg=%d "
963 "code=%d)\n", dev->name, ifsta->auth_alg, status_code);
964 if (status_code == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) {
965 u8 algs[3];
966 const int num_algs = ARRAY_SIZE(algs);
967 int i, pos;
968 algs[0] = algs[1] = algs[2] = 0xff;
969 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN)
970 algs[0] = WLAN_AUTH_OPEN;
971 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
972 algs[1] = WLAN_AUTH_SHARED_KEY;
973 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP)
974 algs[2] = WLAN_AUTH_LEAP;
975 if (ifsta->auth_alg == WLAN_AUTH_OPEN)
976 pos = 0;
977 else if (ifsta->auth_alg == WLAN_AUTH_SHARED_KEY)
978 pos = 1;
979 else
980 pos = 2;
981 for (i = 0; i < num_algs; i++) {
982 pos++;
983 if (pos >= num_algs)
984 pos = 0;
985 if (algs[pos] == ifsta->auth_alg ||
986 algs[pos] == 0xff)
987 continue;
988 if (algs[pos] == WLAN_AUTH_SHARED_KEY &&
989 !ieee80211_sta_wep_configured(dev))
990 continue;
991 ifsta->auth_alg = algs[pos];
992 printk(KERN_DEBUG "%s: set auth_alg=%d for "
993 "next try\n",
994 dev->name, ifsta->auth_alg);
995 break;
996 }
997 }
998 return;
999 }
1000
1001 switch (ifsta->auth_alg) {
1002 case WLAN_AUTH_OPEN:
1003 case WLAN_AUTH_LEAP:
1004 ieee80211_auth_completed(dev, ifsta);
1005 break;
1006 case WLAN_AUTH_SHARED_KEY:
1007 if (ifsta->auth_transaction == 4)
1008 ieee80211_auth_completed(dev, ifsta);
1009 else
1010 ieee80211_auth_challenge(dev, ifsta, mgmt, len);
1011 break;
1012 }
1013}
1014
1015
1016static void ieee80211_rx_mgmt_deauth(struct net_device *dev,
1017 struct ieee80211_if_sta *ifsta,
1018 struct ieee80211_mgmt *mgmt,
1019 size_t len)
1020{
1021 u16 reason_code;
1022
1023 if (len < 24 + 2) {
1024 printk(KERN_DEBUG "%s: too short (%zd) deauthentication frame "
1025 "received from " MAC_FMT " - ignored\n",
1026 dev->name, len, MAC_ARG(mgmt->sa));
1027 return;
1028 }
1029
1030 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1031 printk(KERN_DEBUG "%s: deauthentication frame received from "
1032 "unknown AP (SA=" MAC_FMT " BSSID=" MAC_FMT ") - "
1033 "ignored\n", dev->name, MAC_ARG(mgmt->sa),
1034 MAC_ARG(mgmt->bssid));
1035 return;
1036 }
1037
1038 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code);
1039
1040 printk(KERN_DEBUG "%s: RX deauthentication from " MAC_FMT
1041 " (reason=%d)\n",
1042 dev->name, MAC_ARG(mgmt->sa), reason_code);
1043
1044 if (ifsta->authenticated) {
1045 printk(KERN_DEBUG "%s: deauthenticated\n", dev->name);
1046 }
1047
1048 if (ifsta->state == IEEE80211_AUTHENTICATE ||
1049 ifsta->state == IEEE80211_ASSOCIATE ||
1050 ifsta->state == IEEE80211_ASSOCIATED) {
1051 ifsta->state = IEEE80211_AUTHENTICATE;
1052 mod_timer(&ifsta->timer, jiffies +
1053 IEEE80211_RETRY_AUTH_INTERVAL);
1054 }
1055
1056 ieee80211_set_disassoc(dev, ifsta, 1);
1057 ifsta->authenticated = 0;
1058}
1059
1060
1061static void ieee80211_rx_mgmt_disassoc(struct net_device *dev,
1062 struct ieee80211_if_sta *ifsta,
1063 struct ieee80211_mgmt *mgmt,
1064 size_t len)
1065{
1066 u16 reason_code;
1067
1068 if (len < 24 + 2) {
1069 printk(KERN_DEBUG "%s: too short (%zd) disassociation frame "
1070 "received from " MAC_FMT " - ignored\n",
1071 dev->name, len, MAC_ARG(mgmt->sa));
1072 return;
1073 }
1074
1075 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1076 printk(KERN_DEBUG "%s: disassociation frame received from "
1077 "unknown AP (SA=" MAC_FMT " BSSID=" MAC_FMT ") - "
1078 "ignored\n", dev->name, MAC_ARG(mgmt->sa),
1079 MAC_ARG(mgmt->bssid));
1080 return;
1081 }
1082
1083 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
1084
1085 printk(KERN_DEBUG "%s: RX disassociation from " MAC_FMT
1086 " (reason=%d)\n",
1087 dev->name, MAC_ARG(mgmt->sa), reason_code);
1088
1089 if (ifsta->associated)
1090 printk(KERN_DEBUG "%s: disassociated\n", dev->name);
1091
1092 if (ifsta->state == IEEE80211_ASSOCIATED) {
1093 ifsta->state = IEEE80211_ASSOCIATE;
1094 mod_timer(&ifsta->timer, jiffies +
1095 IEEE80211_RETRY_AUTH_INTERVAL);
1096 }
1097
1098 ieee80211_set_disassoc(dev, ifsta, 0);
1099}
1100
1101
1102static void ieee80211_rx_mgmt_assoc_resp(struct net_device *dev,
1103 struct ieee80211_if_sta *ifsta,
1104 struct ieee80211_mgmt *mgmt,
1105 size_t len,
1106 int reassoc)
1107{
1108 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1109 struct ieee80211_hw_mode *mode;
1110 struct sta_info *sta;
1111 u32 rates;
1112 u16 capab_info, status_code, aid;
1113 struct ieee802_11_elems elems;
1114 u8 *pos;
1115 int i, j;
1116
1117 /* AssocResp and ReassocResp have identical structure, so process both
1118 * of them in this function. */
1119
1120 if (ifsta->state != IEEE80211_ASSOCIATE) {
1121 printk(KERN_DEBUG "%s: association frame received from "
1122 MAC_FMT ", but not in associate state - ignored\n",
1123 dev->name, MAC_ARG(mgmt->sa));
1124 return;
1125 }
1126
1127 if (len < 24 + 6) {
1128 printk(KERN_DEBUG "%s: too short (%zd) association frame "
1129 "received from " MAC_FMT " - ignored\n",
1130 dev->name, len, MAC_ARG(mgmt->sa));
1131 return;
1132 }
1133
1134 if (memcmp(ifsta->bssid, mgmt->sa, ETH_ALEN) != 0) {
1135 printk(KERN_DEBUG "%s: association frame received from "
1136 "unknown AP (SA=" MAC_FMT " BSSID=" MAC_FMT ") - "
1137 "ignored\n", dev->name, MAC_ARG(mgmt->sa),
1138 MAC_ARG(mgmt->bssid));
1139 return;
1140 }
1141
1142 capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info);
1143 status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code);
1144 aid = le16_to_cpu(mgmt->u.assoc_resp.aid);
1145 if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14)))
1146 printk(KERN_DEBUG "%s: invalid aid value %d; bits 15:14 not "
1147 "set\n", dev->name, aid);
1148 aid &= ~(BIT(15) | BIT(14));
1149
1150 printk(KERN_DEBUG "%s: RX %sssocResp from " MAC_FMT " (capab=0x%x "
1151 "status=%d aid=%d)\n",
1152 dev->name, reassoc ? "Rea" : "A", MAC_ARG(mgmt->sa),
1153 capab_info, status_code, aid);
1154
1155 if (status_code != WLAN_STATUS_SUCCESS) {
1156 printk(KERN_DEBUG "%s: AP denied association (code=%d)\n",
1157 dev->name, status_code);
1158 return;
1159 }
1160
1161 pos = mgmt->u.assoc_resp.variable;
1162 if (ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems)
1163 == ParseFailed) {
1164 printk(KERN_DEBUG "%s: failed to parse AssocResp\n",
1165 dev->name);
1166 return;
1167 }
1168
1169 if (!elems.supp_rates) {
1170 printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n",
1171 dev->name);
1172 return;
1173 }
1174
1175 printk(KERN_DEBUG "%s: associated\n", dev->name);
1176 ifsta->aid = aid;
1177 ifsta->ap_capab = capab_info;
1178
1179 kfree(ifsta->assocresp_ies);
1180 ifsta->assocresp_ies_len = len - (pos - (u8 *) mgmt);
1181 ifsta->assocresp_ies = kmalloc(ifsta->assocresp_ies_len, GFP_ATOMIC);
1182 if (ifsta->assocresp_ies)
1183 memcpy(ifsta->assocresp_ies, pos, ifsta->assocresp_ies_len);
1184
1185 ieee80211_set_associated(dev, ifsta, 1);
1186
1187 /* Add STA entry for the AP */
1188 sta = sta_info_get(local, ifsta->bssid);
1189 if (!sta) {
1190 struct ieee80211_sta_bss *bss;
1191 sta = sta_info_add(local, dev, ifsta->bssid, GFP_ATOMIC);
1192 if (!sta) {
1193 printk(KERN_DEBUG "%s: failed to add STA entry for the"
1194 " AP\n", dev->name);
1195 return;
1196 }
1197 bss = ieee80211_rx_bss_get(dev, ifsta->bssid);
1198 if (bss) {
1199 sta->last_rssi = bss->rssi;
1200 sta->last_signal = bss->signal;
1201 sta->last_noise = bss->noise;
1202 ieee80211_rx_bss_put(dev, bss);
1203 }
1204 }
1205
1206 sta->dev = dev;
1207 sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC;
1208 sta->assoc_ap = 1;
1209
1210 rates = 0;
1211 mode = local->oper_hw_mode;
1212 for (i = 0; i < elems.supp_rates_len; i++) {
1213 int rate = (elems.supp_rates[i] & 0x7f) * 5;
1214 if (mode->mode == MODE_ATHEROS_TURBO)
1215 rate *= 2;
1216 for (j = 0; j < mode->num_rates; j++)
1217 if (mode->rates[j].rate == rate)
1218 rates |= BIT(j);
1219 }
1220 for (i = 0; i < elems.ext_supp_rates_len; i++) {
1221 int rate = (elems.ext_supp_rates[i] & 0x7f) * 5;
1222 if (mode->mode == MODE_ATHEROS_TURBO)
1223 rate *= 2;
1224 for (j = 0; j < mode->num_rates; j++)
1225 if (mode->rates[j].rate == rate)
1226 rates |= BIT(j);
1227 }
1228 sta->supp_rates = rates;
1229
1230 rate_control_rate_init(sta, local);
1231
1232 if (elems.wmm_param && ifsta->wmm_enabled) {
1233 sta->flags |= WLAN_STA_WME;
1234 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param,
1235 elems.wmm_param_len);
1236 }
1237
1238
1239 sta_info_put(sta);
1240
1241 ieee80211_associated(dev, ifsta);
1242}
1243
1244
1245/* Caller must hold local->sta_bss_lock */
1246static void __ieee80211_rx_bss_hash_add(struct net_device *dev,
1247 struct ieee80211_sta_bss *bss)
1248{
1249 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1250 bss->hnext = local->sta_bss_hash[STA_HASH(bss->bssid)];
1251 local->sta_bss_hash[STA_HASH(bss->bssid)] = bss;
1252}
1253
1254
1255/* Caller must hold local->sta_bss_lock */
1256static void __ieee80211_rx_bss_hash_del(struct net_device *dev,
1257 struct ieee80211_sta_bss *bss)
1258{
1259 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1260 struct ieee80211_sta_bss *b, *prev = NULL;
1261 b = local->sta_bss_hash[STA_HASH(bss->bssid)];
1262 while (b) {
1263 if (b == bss) {
1264 if (!prev)
1265 local->sta_bss_hash[STA_HASH(bss->bssid)] =
1266 bss->hnext;
1267 else
1268 prev->hnext = bss->hnext;
1269 break;
1270 }
1271 prev = b;
1272 b = b->hnext;
1273 }
1274}
1275
1276
1277static struct ieee80211_sta_bss *
1278ieee80211_rx_bss_add(struct net_device *dev, u8 *bssid)
1279{
1280 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1281 struct ieee80211_sta_bss *bss;
1282
1283 bss = kmalloc(sizeof(*bss), GFP_ATOMIC);
1284 if (!bss)
1285 return NULL;
1286 memset(bss, 0, sizeof(*bss));
1287 atomic_inc(&bss->users);
1288 atomic_inc(&bss->users);
1289 memcpy(bss->bssid, bssid, ETH_ALEN);
1290
1291 spin_lock_bh(&local->sta_bss_lock);
1292 /* TODO: order by RSSI? */
1293 list_add_tail(&bss->list, &local->sta_bss_list);
1294 __ieee80211_rx_bss_hash_add(dev, bss);
1295 spin_unlock_bh(&local->sta_bss_lock);
1296 return bss;
1297}
1298
1299
1300static struct ieee80211_sta_bss *
1301ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid)
1302{
1303 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1304 struct ieee80211_sta_bss *bss;
1305
1306 spin_lock_bh(&local->sta_bss_lock);
1307 bss = local->sta_bss_hash[STA_HASH(bssid)];
1308 while (bss) {
1309 if (memcmp(bss->bssid, bssid, ETH_ALEN) == 0) {
1310 atomic_inc(&bss->users);
1311 break;
1312 }
1313 bss = bss->hnext;
1314 }
1315 spin_unlock_bh(&local->sta_bss_lock);
1316 return bss;
1317}
1318
1319
1320static void ieee80211_rx_bss_free(struct ieee80211_sta_bss *bss)
1321{
1322 kfree(bss->wpa_ie);
1323 kfree(bss->rsn_ie);
1324 kfree(bss->wmm_ie);
1325 kfree(bss);
1326}
1327
1328
1329static void ieee80211_rx_bss_put(struct net_device *dev,
1330 struct ieee80211_sta_bss *bss)
1331{
1332 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1333 if (!atomic_dec_and_test(&bss->users))
1334 return;
1335
1336 spin_lock_bh(&local->sta_bss_lock);
1337 __ieee80211_rx_bss_hash_del(dev, bss);
1338 list_del(&bss->list);
1339 spin_unlock_bh(&local->sta_bss_lock);
1340 ieee80211_rx_bss_free(bss);
1341}
1342
1343
1344void ieee80211_rx_bss_list_init(struct net_device *dev)
1345{
1346 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1347 spin_lock_init(&local->sta_bss_lock);
1348 INIT_LIST_HEAD(&local->sta_bss_list);
1349}
1350
1351
1352void ieee80211_rx_bss_list_deinit(struct net_device *dev)
1353{
1354 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1355 struct ieee80211_sta_bss *bss, *tmp;
1356
1357 list_for_each_entry_safe(bss, tmp, &local->sta_bss_list, list)
1358 ieee80211_rx_bss_put(dev, bss);
1359}
1360
1361
1362static void ieee80211_rx_bss_info(struct net_device *dev,
1363 struct ieee80211_mgmt *mgmt,
1364 size_t len,
1365 struct ieee80211_rx_status *rx_status,
1366 int beacon)
1367{
1368 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1369 struct ieee802_11_elems elems;
1370 size_t baselen;
1371 int channel, invalid = 0, clen;
1372 struct ieee80211_sta_bss *bss;
1373 struct sta_info *sta;
1374 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1375 u64 timestamp;
1376
1377 if (!beacon && memcmp(mgmt->da, dev->dev_addr, ETH_ALEN))
1378 return; /* ignore ProbeResp to foreign address */
1379
1380#if 0
1381 printk(KERN_DEBUG "%s: RX %s from " MAC_FMT " to " MAC_FMT "\n",
1382 dev->name, beacon ? "Beacon" : "Probe Response",
1383 MAC_ARG(mgmt->sa), MAC_ARG(mgmt->da));
1384#endif
1385
1386 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
1387 if (baselen > len)
1388 return;
1389
1390 timestamp = le64_to_cpu(mgmt->u.beacon.timestamp);
1391
1392 if (sdata->type == IEEE80211_IF_TYPE_IBSS && beacon &&
1393 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0) {
1394#ifdef CONFIG_MAC80211_IBSS_DEBUG
1395 static unsigned long last_tsf_debug = 0;
1396 u64 tsf;
1397 if (local->ops->get_tsf)
1398 tsf = local->ops->get_tsf(local_to_hw(local));
1399 else
1400 tsf = -1LLU;
1401 if (time_after(jiffies, last_tsf_debug + 5 * HZ)) {
1402 printk(KERN_DEBUG "RX beacon SA=" MAC_FMT " BSSID="
1403 MAC_FMT " TSF=0x%llx BCN=0x%llx diff=%lld "
1404 "@%lu\n",
1405 MAC_ARG(mgmt->sa), MAC_ARG(mgmt->bssid),
1406 (unsigned long long)tsf,
1407 (unsigned long long)timestamp,
1408 (unsigned long long)(tsf - timestamp),
1409 jiffies);
1410 last_tsf_debug = jiffies;
1411 }
1412#endif /* CONFIG_MAC80211_IBSS_DEBUG */
1413 }
1414
1415 if (ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen,
1416 &elems) == ParseFailed)
1417 invalid = 1;
1418
1419 if (sdata->type == IEEE80211_IF_TYPE_IBSS && elems.supp_rates &&
1420 memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0 &&
1421 (sta = sta_info_get(local, mgmt->sa))) {
1422 struct ieee80211_hw_mode *mode;
1423 struct ieee80211_rate *rates;
1424 size_t num_rates;
1425 u32 supp_rates, prev_rates;
1426 int i, j;
1427
1428 mode = local->sta_scanning ?
1429 local->scan_hw_mode : local->oper_hw_mode;
1430 rates = mode->rates;
1431 num_rates = mode->num_rates;
1432
1433 supp_rates = 0;
1434 for (i = 0; i < elems.supp_rates_len +
1435 elems.ext_supp_rates_len; i++) {
1436 u8 rate = 0;
1437 int own_rate;
1438 if (i < elems.supp_rates_len)
1439 rate = elems.supp_rates[i];
1440 else if (elems.ext_supp_rates)
1441 rate = elems.ext_supp_rates
1442 [i - elems.supp_rates_len];
1443 own_rate = 5 * (rate & 0x7f);
1444 if (mode->mode == MODE_ATHEROS_TURBO)
1445 own_rate *= 2;
1446 for (j = 0; j < num_rates; j++)
1447 if (rates[j].rate == own_rate)
1448 supp_rates |= BIT(j);
1449 }
1450
1451 prev_rates = sta->supp_rates;
1452 sta->supp_rates &= supp_rates;
1453 if (sta->supp_rates == 0) {
1454 /* No matching rates - this should not really happen.
1455 * Make sure that at least one rate is marked
1456 * supported to avoid issues with TX rate ctrl. */
1457 sta->supp_rates = sdata->u.sta.supp_rates_bits;
1458 }
1459 if (sta->supp_rates != prev_rates) {
1460 printk(KERN_DEBUG "%s: updated supp_rates set for "
1461 MAC_FMT " based on beacon info (0x%x & 0x%x -> "
1462 "0x%x)\n",
1463 dev->name, MAC_ARG(sta->addr), prev_rates,
1464 supp_rates, sta->supp_rates);
1465 }
1466 sta_info_put(sta);
1467 }
1468
1469 if (!elems.ssid)
1470 return;
1471
1472 if (elems.ds_params && elems.ds_params_len == 1)
1473 channel = elems.ds_params[0];
1474 else
1475 channel = rx_status->channel;
1476
1477 bss = ieee80211_rx_bss_get(dev, mgmt->bssid);
1478 if (!bss) {
1479 bss = ieee80211_rx_bss_add(dev, mgmt->bssid);
1480 if (!bss)
1481 return;
1482 } else {
1483#if 0
1484 /* TODO: order by RSSI? */
1485 spin_lock_bh(&local->sta_bss_lock);
1486 list_move_tail(&bss->list, &local->sta_bss_list);
1487 spin_unlock_bh(&local->sta_bss_lock);
1488#endif
1489 }
1490
1491 if (bss->probe_resp && beacon) {
1492 /* Do not allow beacon to override data from Probe Response. */
1493 ieee80211_rx_bss_put(dev, bss);
1494 return;
1495 }
1496
1497 bss->beacon_int = le16_to_cpu(mgmt->u.beacon.beacon_int);
1498 bss->capability = le16_to_cpu(mgmt->u.beacon.capab_info);
1499 if (elems.ssid && elems.ssid_len <= IEEE80211_MAX_SSID_LEN) {
1500 memcpy(bss->ssid, elems.ssid, elems.ssid_len);
1501 bss->ssid_len = elems.ssid_len;
1502 }
1503
1504 bss->supp_rates_len = 0;
1505 if (elems.supp_rates) {
1506 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len;
1507 if (clen > elems.supp_rates_len)
1508 clen = elems.supp_rates_len;
1509 memcpy(&bss->supp_rates[bss->supp_rates_len], elems.supp_rates,
1510 clen);
1511 bss->supp_rates_len += clen;
1512 }
1513 if (elems.ext_supp_rates) {
1514 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len;
1515 if (clen > elems.ext_supp_rates_len)
1516 clen = elems.ext_supp_rates_len;
1517 memcpy(&bss->supp_rates[bss->supp_rates_len],
1518 elems.ext_supp_rates, clen);
1519 bss->supp_rates_len += clen;
1520 }
1521
1522 if (elems.wpa &&
1523 (!bss->wpa_ie || bss->wpa_ie_len != elems.wpa_len ||
1524 memcmp(bss->wpa_ie, elems.wpa, elems.wpa_len))) {
1525 kfree(bss->wpa_ie);
1526 bss->wpa_ie = kmalloc(elems.wpa_len + 2, GFP_ATOMIC);
1527 if (bss->wpa_ie) {
1528 memcpy(bss->wpa_ie, elems.wpa - 2, elems.wpa_len + 2);
1529 bss->wpa_ie_len = elems.wpa_len + 2;
1530 } else
1531 bss->wpa_ie_len = 0;
1532 } else if (!elems.wpa && bss->wpa_ie) {
1533 kfree(bss->wpa_ie);
1534 bss->wpa_ie = NULL;
1535 bss->wpa_ie_len = 0;
1536 }
1537
1538 if (elems.rsn &&
1539 (!bss->rsn_ie || bss->rsn_ie_len != elems.rsn_len ||
1540 memcmp(bss->rsn_ie, elems.rsn, elems.rsn_len))) {
1541 kfree(bss->rsn_ie);
1542 bss->rsn_ie = kmalloc(elems.rsn_len + 2, GFP_ATOMIC);
1543 if (bss->rsn_ie) {
1544 memcpy(bss->rsn_ie, elems.rsn - 2, elems.rsn_len + 2);
1545 bss->rsn_ie_len = elems.rsn_len + 2;
1546 } else
1547 bss->rsn_ie_len = 0;
1548 } else if (!elems.rsn && bss->rsn_ie) {
1549 kfree(bss->rsn_ie);
1550 bss->rsn_ie = NULL;
1551 bss->rsn_ie_len = 0;
1552 }
1553
1554 if (elems.wmm_param &&
1555 (!bss->wmm_ie || bss->wmm_ie_len != elems.wmm_param_len ||
1556 memcmp(bss->wmm_ie, elems.wmm_param, elems.wmm_param_len))) {
1557 kfree(bss->wmm_ie);
1558 bss->wmm_ie = kmalloc(elems.wmm_param_len + 2, GFP_ATOMIC);
1559 if (bss->wmm_ie) {
1560 memcpy(bss->wmm_ie, elems.wmm_param - 2,
1561 elems.wmm_param_len + 2);
1562 bss->wmm_ie_len = elems.wmm_param_len + 2;
1563 } else
1564 bss->wmm_ie_len = 0;
1565 } else if (!elems.wmm_param && bss->wmm_ie) {
1566 kfree(bss->wmm_ie);
1567 bss->wmm_ie = NULL;
1568 bss->wmm_ie_len = 0;
1569 }
1570
1571
1572 bss->hw_mode = rx_status->phymode;
1573 bss->channel = channel;
1574 bss->freq = rx_status->freq;
1575 if (channel != rx_status->channel &&
1576 (bss->hw_mode == MODE_IEEE80211G ||
1577 bss->hw_mode == MODE_IEEE80211B) &&
1578 channel >= 1 && channel <= 14) {
1579 static const int freq_list[] = {
1580 2412, 2417, 2422, 2427, 2432, 2437, 2442,
1581 2447, 2452, 2457, 2462, 2467, 2472, 2484
1582 };
1583 /* IEEE 802.11g/b mode can receive packets from neighboring
1584 * channels, so map the channel into frequency. */
1585 bss->freq = freq_list[channel - 1];
1586 }
1587 bss->timestamp = timestamp;
1588 bss->last_update = jiffies;
1589 bss->rssi = rx_status->ssi;
1590 bss->signal = rx_status->signal;
1591 bss->noise = rx_status->noise;
1592 if (!beacon)
1593 bss->probe_resp++;
1594 ieee80211_rx_bss_put(dev, bss);
1595}
1596
1597
1598static void ieee80211_rx_mgmt_probe_resp(struct net_device *dev,
1599 struct ieee80211_mgmt *mgmt,
1600 size_t len,
1601 struct ieee80211_rx_status *rx_status)
1602{
1603 ieee80211_rx_bss_info(dev, mgmt, len, rx_status, 0);
1604}
1605
1606
1607static void ieee80211_rx_mgmt_beacon(struct net_device *dev,
1608 struct ieee80211_mgmt *mgmt,
1609 size_t len,
1610 struct ieee80211_rx_status *rx_status)
1611{
1612 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1613 struct ieee80211_sub_if_data *sdata;
1614 struct ieee80211_if_sta *ifsta;
1615 int use_protection;
1616 size_t baselen;
1617 struct ieee802_11_elems elems;
1618
1619 ieee80211_rx_bss_info(dev, mgmt, len, rx_status, 1);
1620
1621 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1622 if (sdata->type != IEEE80211_IF_TYPE_STA)
1623 return;
1624 ifsta = &sdata->u.sta;
1625
1626 if (!ifsta->associated ||
1627 memcmp(ifsta->bssid, mgmt->bssid, ETH_ALEN) != 0)
1628 return;
1629
1630 /* Process beacon from the current BSS */
1631 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
1632 if (baselen > len)
1633 return;
1634
1635 if (ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen,
1636 &elems) == ParseFailed)
1637 return;
1638
1639 use_protection = 0;
1640 if (elems.erp_info && elems.erp_info_len >= 1) {
1641 use_protection =
1642 (elems.erp_info[0] & ERP_INFO_USE_PROTECTION) != 0;
1643 }
1644
1645 if (use_protection != !!ifsta->use_protection) {
1646 if (net_ratelimit()) {
1647 printk(KERN_DEBUG "%s: CTS protection %s (BSSID="
1648 MAC_FMT ")\n",
1649 dev->name,
1650 use_protection ? "enabled" : "disabled",
1651 MAC_ARG(ifsta->bssid));
1652 }
1653 ifsta->use_protection = use_protection ? 1 : 0;
1654 local->cts_protect_erp_frames = use_protection;
1655 }
1656
1657 if (elems.wmm_param && ifsta->wmm_enabled) {
1658 ieee80211_sta_wmm_params(dev, ifsta, elems.wmm_param,
1659 elems.wmm_param_len);
1660 }
1661}
1662
1663
1664static void ieee80211_rx_mgmt_probe_req(struct net_device *dev,
1665 struct ieee80211_if_sta *ifsta,
1666 struct ieee80211_mgmt *mgmt,
1667 size_t len,
1668 struct ieee80211_rx_status *rx_status)
1669{
1670 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1671 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1672 int tx_last_beacon;
1673 struct sk_buff *skb;
1674 struct ieee80211_mgmt *resp;
1675 u8 *pos, *end;
1676
1677 if (sdata->type != IEEE80211_IF_TYPE_IBSS ||
1678 ifsta->state != IEEE80211_IBSS_JOINED ||
1679 len < 24 + 2 || !ifsta->probe_resp)
1680 return;
1681
1682 if (local->ops->tx_last_beacon)
1683 tx_last_beacon = local->ops->tx_last_beacon(local_to_hw(local));
1684 else
1685 tx_last_beacon = 1;
1686
1687#ifdef CONFIG_MAC80211_IBSS_DEBUG
1688 printk(KERN_DEBUG "%s: RX ProbeReq SA=" MAC_FMT " DA=" MAC_FMT " BSSID="
1689 MAC_FMT " (tx_last_beacon=%d)\n",
1690 dev->name, MAC_ARG(mgmt->sa), MAC_ARG(mgmt->da),
1691 MAC_ARG(mgmt->bssid), tx_last_beacon);
1692#endif /* CONFIG_MAC80211_IBSS_DEBUG */
1693
1694 if (!tx_last_beacon)
1695 return;
1696
1697 if (memcmp(mgmt->bssid, ifsta->bssid, ETH_ALEN) != 0 &&
1698 memcmp(mgmt->bssid, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0)
1699 return;
1700
1701 end = ((u8 *) mgmt) + len;
1702 pos = mgmt->u.probe_req.variable;
1703 if (pos[0] != WLAN_EID_SSID ||
1704 pos + 2 + pos[1] > end) {
1705 if (net_ratelimit()) {
1706 printk(KERN_DEBUG "%s: Invalid SSID IE in ProbeReq "
1707 "from " MAC_FMT "\n",
1708 dev->name, MAC_ARG(mgmt->sa));
1709 }
1710 return;
1711 }
1712 if (pos[1] != 0 &&
1713 (pos[1] != ifsta->ssid_len ||
1714 memcmp(pos + 2, ifsta->ssid, ifsta->ssid_len) != 0)) {
1715 /* Ignore ProbeReq for foreign SSID */
1716 return;
1717 }
1718
1719 /* Reply with ProbeResp */
1720 skb = skb_copy(ifsta->probe_resp, GFP_ATOMIC);
1721 if (!skb)
1722 return;
1723
1724 resp = (struct ieee80211_mgmt *) skb->data;
1725 memcpy(resp->da, mgmt->sa, ETH_ALEN);
1726#ifdef CONFIG_MAC80211_IBSS_DEBUG
1727 printk(KERN_DEBUG "%s: Sending ProbeResp to " MAC_FMT "\n",
1728 dev->name, MAC_ARG(resp->da));
1729#endif /* CONFIG_MAC80211_IBSS_DEBUG */
1730 ieee80211_sta_tx(dev, skb, 0);
1731}
1732
1733
1734void ieee80211_sta_rx_mgmt(struct net_device *dev, struct sk_buff *skb,
1735 struct ieee80211_rx_status *rx_status)
1736{
1737 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1738 struct ieee80211_sub_if_data *sdata;
1739 struct ieee80211_if_sta *ifsta;
1740 struct ieee80211_mgmt *mgmt;
1741 u16 fc;
1742
1743 if (skb->len < 24)
1744 goto fail;
1745
1746 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1747 ifsta = &sdata->u.sta;
1748
1749 mgmt = (struct ieee80211_mgmt *) skb->data;
1750 fc = le16_to_cpu(mgmt->frame_control);
1751
1752 switch (fc & IEEE80211_FCTL_STYPE) {
1753 case IEEE80211_STYPE_PROBE_REQ:
1754 case IEEE80211_STYPE_PROBE_RESP:
1755 case IEEE80211_STYPE_BEACON:
1756 memcpy(skb->cb, rx_status, sizeof(*rx_status));
1757 case IEEE80211_STYPE_AUTH:
1758 case IEEE80211_STYPE_ASSOC_RESP:
1759 case IEEE80211_STYPE_REASSOC_RESP:
1760 case IEEE80211_STYPE_DEAUTH:
1761 case IEEE80211_STYPE_DISASSOC:
1762 skb_queue_tail(&ifsta->skb_queue, skb);
1763 queue_work(local->hw.workqueue, &ifsta->work);
1764 return;
1765 default:
1766 printk(KERN_DEBUG "%s: received unknown management frame - "
1767 "stype=%d\n", dev->name,
1768 (fc & IEEE80211_FCTL_STYPE) >> 4);
1769 break;
1770 }
1771
1772 fail:
1773 kfree_skb(skb);
1774}
1775
1776
1777static void ieee80211_sta_rx_queued_mgmt(struct net_device *dev,
1778 struct sk_buff *skb)
1779{
1780 struct ieee80211_rx_status *rx_status;
1781 struct ieee80211_sub_if_data *sdata;
1782 struct ieee80211_if_sta *ifsta;
1783 struct ieee80211_mgmt *mgmt;
1784 u16 fc;
1785
1786 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1787 ifsta = &sdata->u.sta;
1788
1789 rx_status = (struct ieee80211_rx_status *) skb->cb;
1790 mgmt = (struct ieee80211_mgmt *) skb->data;
1791 fc = le16_to_cpu(mgmt->frame_control);
1792
1793 switch (fc & IEEE80211_FCTL_STYPE) {
1794 case IEEE80211_STYPE_PROBE_REQ:
1795 ieee80211_rx_mgmt_probe_req(dev, ifsta, mgmt, skb->len,
1796 rx_status);
1797 break;
1798 case IEEE80211_STYPE_PROBE_RESP:
1799 ieee80211_rx_mgmt_probe_resp(dev, mgmt, skb->len, rx_status);
1800 break;
1801 case IEEE80211_STYPE_BEACON:
1802 ieee80211_rx_mgmt_beacon(dev, mgmt, skb->len, rx_status);
1803 break;
1804 case IEEE80211_STYPE_AUTH:
1805 ieee80211_rx_mgmt_auth(dev, ifsta, mgmt, skb->len);
1806 break;
1807 case IEEE80211_STYPE_ASSOC_RESP:
1808 ieee80211_rx_mgmt_assoc_resp(dev, ifsta, mgmt, skb->len, 0);
1809 break;
1810 case IEEE80211_STYPE_REASSOC_RESP:
1811 ieee80211_rx_mgmt_assoc_resp(dev, ifsta, mgmt, skb->len, 1);
1812 break;
1813 case IEEE80211_STYPE_DEAUTH:
1814 ieee80211_rx_mgmt_deauth(dev, ifsta, mgmt, skb->len);
1815 break;
1816 case IEEE80211_STYPE_DISASSOC:
1817 ieee80211_rx_mgmt_disassoc(dev, ifsta, mgmt, skb->len);
1818 break;
1819 }
1820
1821 kfree_skb(skb);
1822}
1823
1824
1825void ieee80211_sta_rx_scan(struct net_device *dev, struct sk_buff *skb,
1826 struct ieee80211_rx_status *rx_status)
1827{
1828 struct ieee80211_mgmt *mgmt;
1829 u16 fc;
1830
1831 if (skb->len < 24) {
1832 dev_kfree_skb(skb);
1833 return;
1834 }
1835
1836 mgmt = (struct ieee80211_mgmt *) skb->data;
1837 fc = le16_to_cpu(mgmt->frame_control);
1838
1839 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT) {
1840 if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PROBE_RESP) {
1841 ieee80211_rx_mgmt_probe_resp(dev, mgmt,
1842 skb->len, rx_status);
1843 } else if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_BEACON) {
1844 ieee80211_rx_mgmt_beacon(dev, mgmt, skb->len,
1845 rx_status);
1846 }
1847 }
1848
1849 dev_kfree_skb(skb);
1850}
1851
1852
1853static int ieee80211_sta_active_ibss(struct net_device *dev)
1854{
1855 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1856 int active = 0;
1857 struct sta_info *sta;
1858
1859 spin_lock_bh(&local->sta_lock);
1860 list_for_each_entry(sta, &local->sta_list, list) {
1861 if (sta->dev == dev &&
1862 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL,
1863 jiffies)) {
1864 active++;
1865 break;
1866 }
1867 }
1868 spin_unlock_bh(&local->sta_lock);
1869
1870 return active;
1871}
1872
1873
1874static void ieee80211_sta_expire(struct net_device *dev)
1875{
1876 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1877 struct sta_info *sta, *tmp;
1878
1879 spin_lock_bh(&local->sta_lock);
1880 list_for_each_entry_safe(sta, tmp, &local->sta_list, list)
1881 if (time_after(jiffies, sta->last_rx +
1882 IEEE80211_IBSS_INACTIVITY_LIMIT)) {
1883 printk(KERN_DEBUG "%s: expiring inactive STA " MAC_FMT
1884 "\n", dev->name, MAC_ARG(sta->addr));
1885 sta_info_free(sta, 1);
1886 }
1887 spin_unlock_bh(&local->sta_lock);
1888}
1889
1890
1891static void ieee80211_sta_merge_ibss(struct net_device *dev,
1892 struct ieee80211_if_sta *ifsta)
1893{
1894 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
1895
1896 ieee80211_sta_expire(dev);
1897 if (ieee80211_sta_active_ibss(dev))
1898 return;
1899
1900 printk(KERN_DEBUG "%s: No active IBSS STAs - trying to scan for other "
1901 "IBSS networks with same SSID (merge)\n", dev->name);
1902 ieee80211_sta_req_scan(dev, ifsta->ssid, ifsta->ssid_len);
1903}
1904
1905
1906void ieee80211_sta_timer(unsigned long data)
1907{
1908 struct ieee80211_sub_if_data *sdata =
1909 (struct ieee80211_sub_if_data *) data;
1910 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
1911 struct ieee80211_local *local = wdev_priv(&sdata->wdev);
1912
1913 set_bit(IEEE80211_STA_REQ_RUN, &ifsta->request);
1914 queue_work(local->hw.workqueue, &ifsta->work);
1915}
1916
1917
1918void ieee80211_sta_work(struct work_struct *work)
1919{
1920 struct ieee80211_sub_if_data *sdata =
1921 container_of(work, struct ieee80211_sub_if_data, u.sta.work);
1922 struct net_device *dev = sdata->dev;
1923 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1924 struct ieee80211_if_sta *ifsta;
1925 struct sk_buff *skb;
1926
1927 if (!netif_running(dev))
1928 return;
1929
1930 if (local->sta_scanning)
1931 return;
1932
1933 if (sdata->type != IEEE80211_IF_TYPE_STA &&
1934 sdata->type != IEEE80211_IF_TYPE_IBSS) {
1935 printk(KERN_DEBUG "%s: ieee80211_sta_work: non-STA interface "
1936 "(type=%d)\n", dev->name, sdata->type);
1937 return;
1938 }
1939 ifsta = &sdata->u.sta;
1940
1941 while ((skb = skb_dequeue(&ifsta->skb_queue)))
1942 ieee80211_sta_rx_queued_mgmt(dev, skb);
1943
1944 if (ifsta->state != IEEE80211_AUTHENTICATE &&
1945 ifsta->state != IEEE80211_ASSOCIATE &&
1946 test_and_clear_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request)) {
1947 ieee80211_sta_start_scan(dev, NULL, 0);
1948 return;
1949 }
1950
1951 if (test_and_clear_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request)) {
1952 if (ieee80211_sta_config_auth(dev, ifsta))
1953 return;
1954 clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request);
1955 } else if (!test_and_clear_bit(IEEE80211_STA_REQ_RUN, &ifsta->request))
1956 return;
1957
1958 switch (ifsta->state) {
1959 case IEEE80211_DISABLED:
1960 break;
1961 case IEEE80211_AUTHENTICATE:
1962 ieee80211_authenticate(dev, ifsta);
1963 break;
1964 case IEEE80211_ASSOCIATE:
1965 ieee80211_associate(dev, ifsta);
1966 break;
1967 case IEEE80211_ASSOCIATED:
1968 ieee80211_associated(dev, ifsta);
1969 break;
1970 case IEEE80211_IBSS_SEARCH:
1971 ieee80211_sta_find_ibss(dev, ifsta);
1972 break;
1973 case IEEE80211_IBSS_JOINED:
1974 ieee80211_sta_merge_ibss(dev, ifsta);
1975 break;
1976 default:
1977 printk(KERN_DEBUG "ieee80211_sta_work: Unknown state %d\n",
1978 ifsta->state);
1979 break;
1980 }
1981
1982 if (ieee80211_privacy_mismatch(dev, ifsta)) {
1983 printk(KERN_DEBUG "%s: privacy configuration mismatch and "
1984 "mixed-cell disabled - disassociate\n", dev->name);
1985
1986 ieee80211_send_disassoc(dev, ifsta, WLAN_REASON_UNSPECIFIED);
1987 ieee80211_set_disassoc(dev, ifsta, 0);
1988 }
1989}
1990
1991
1992static void ieee80211_sta_reset_auth(struct net_device *dev,
1993 struct ieee80211_if_sta *ifsta)
1994{
1995 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1996
1997 if (local->ops->reset_tsf) {
1998 /* Reset own TSF to allow time synchronization work. */
1999 local->ops->reset_tsf(local_to_hw(local));
2000 }
2001
2002 ifsta->wmm_last_param_set = -1; /* allow any WMM update */
2003
2004
2005 if (ifsta->auth_algs & IEEE80211_AUTH_ALG_OPEN)
2006 ifsta->auth_alg = WLAN_AUTH_OPEN;
2007 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
2008 ifsta->auth_alg = WLAN_AUTH_SHARED_KEY;
2009 else if (ifsta->auth_algs & IEEE80211_AUTH_ALG_LEAP)
2010 ifsta->auth_alg = WLAN_AUTH_LEAP;
2011 else
2012 ifsta->auth_alg = WLAN_AUTH_OPEN;
2013 printk(KERN_DEBUG "%s: Initial auth_alg=%d\n", dev->name,
2014 ifsta->auth_alg);
2015 ifsta->auth_transaction = -1;
2016 ifsta->associated = ifsta->auth_tries = ifsta->assoc_tries = 0;
2017 netif_carrier_off(dev);
2018}
2019
2020
2021void ieee80211_sta_req_auth(struct net_device *dev,
2022 struct ieee80211_if_sta *ifsta)
2023{
2024 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2025 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2026
2027 if (sdata->type != IEEE80211_IF_TYPE_STA)
2028 return;
2029
2030 if ((ifsta->bssid_set || ifsta->auto_bssid_sel) &&
2031 (ifsta->ssid_set || ifsta->auto_ssid_sel)) {
2032 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request);
2033 queue_work(local->hw.workqueue, &ifsta->work);
2034 }
2035}
2036
2037static int ieee80211_sta_match_ssid(struct ieee80211_if_sta *ifsta,
2038 const char *ssid, int ssid_len)
2039{
2040 int tmp, hidden_ssid;
2041
2042 if (!memcmp(ifsta->ssid, ssid, ssid_len))
2043 return 1;
2044
2045 if (ifsta->auto_bssid_sel)
2046 return 0;
2047
2048 hidden_ssid = 1;
2049 tmp = ssid_len;
2050 while (tmp--) {
2051 if (ssid[tmp] != '\0') {
2052 hidden_ssid = 0;
2053 break;
2054 }
2055 }
2056
2057 if (hidden_ssid && ifsta->ssid_len == ssid_len)
2058 return 1;
2059
2060 if (ssid_len == 1 && ssid[0] == ' ')
2061 return 1;
2062
2063 return 0;
2064}
2065
2066static int ieee80211_sta_config_auth(struct net_device *dev,
2067 struct ieee80211_if_sta *ifsta)
2068{
2069 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2070 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2071 struct ieee80211_sta_bss *bss, *selected = NULL;
2072 int top_rssi = 0, freq;
2073
2074 rtnl_lock();
2075
2076 if (!ifsta->auto_channel_sel && !ifsta->auto_bssid_sel &&
2077 !ifsta->auto_ssid_sel) {
2078 ifsta->state = IEEE80211_AUTHENTICATE;
2079 rtnl_unlock();
2080 ieee80211_sta_reset_auth(dev, ifsta);
2081 return 0;
2082 }
2083
2084 spin_lock_bh(&local->sta_bss_lock);
2085 freq = local->oper_channel->freq;
2086 list_for_each_entry(bss, &local->sta_bss_list, list) {
2087 if (!(bss->capability & WLAN_CAPABILITY_ESS))
2088 continue;
2089
2090 if (!!(bss->capability & WLAN_CAPABILITY_PRIVACY) ^
2091 !!sdata->default_key)
2092 continue;
2093
2094 if (!ifsta->auto_channel_sel && bss->freq != freq)
2095 continue;
2096
2097 if (!ifsta->auto_bssid_sel &&
2098 memcmp(bss->bssid, ifsta->bssid, ETH_ALEN))
2099 continue;
2100
2101 if (!ifsta->auto_ssid_sel &&
2102 !ieee80211_sta_match_ssid(ifsta, bss->ssid, bss->ssid_len))
2103 continue;
2104
2105 if (!selected || top_rssi < bss->rssi) {
2106 selected = bss;
2107 top_rssi = bss->rssi;
2108 }
2109 }
2110 if (selected)
2111 atomic_inc(&selected->users);
2112 spin_unlock_bh(&local->sta_bss_lock);
2113
2114 if (selected) {
2115 ieee80211_set_channel(local, -1, selected->freq);
2116 if (!ifsta->ssid_set)
2117 ieee80211_sta_set_ssid(dev, selected->ssid,
2118 selected->ssid_len);
2119 ieee80211_sta_set_bssid(dev, selected->bssid);
2120 ieee80211_rx_bss_put(dev, selected);
2121 ifsta->state = IEEE80211_AUTHENTICATE;
2122 rtnl_unlock();
2123 ieee80211_sta_reset_auth(dev, ifsta);
2124 return 0;
2125 } else {
2126 if (ifsta->state != IEEE80211_AUTHENTICATE) {
2127 ieee80211_sta_start_scan(dev, NULL, 0);
2128 ifsta->state = IEEE80211_AUTHENTICATE;
2129 set_bit(IEEE80211_STA_REQ_AUTH, &ifsta->request);
2130 } else
2131 ifsta->state = IEEE80211_DISABLED;
2132 }
2133 rtnl_unlock();
2134 return -1;
2135}
2136
2137static int ieee80211_sta_join_ibss(struct net_device *dev,
2138 struct ieee80211_if_sta *ifsta,
2139 struct ieee80211_sta_bss *bss)
2140{
2141 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2142 int res, rates, i, j;
2143 struct sk_buff *skb;
2144 struct ieee80211_mgmt *mgmt;
2145 struct ieee80211_tx_control control;
2146 struct ieee80211_rate *rate;
2147 struct ieee80211_hw_mode *mode;
2148 struct rate_control_extra extra;
2149 u8 *pos;
2150 struct ieee80211_sub_if_data *sdata;
2151
2152 /* Remove possible STA entries from other IBSS networks. */
2153 sta_info_flush(local, NULL);
2154
2155 if (local->ops->reset_tsf) {
2156 /* Reset own TSF to allow time synchronization work. */
2157 local->ops->reset_tsf(local_to_hw(local));
2158 }
2159 memcpy(ifsta->bssid, bss->bssid, ETH_ALEN);
2160 res = ieee80211_if_config(dev);
2161 if (res)
2162 return res;
2163
2164 local->hw.conf.beacon_int = bss->beacon_int >= 10 ? bss->beacon_int : 10;
2165
2166 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2167 sdata->drop_unencrypted = bss->capability &
2168 WLAN_CAPABILITY_PRIVACY ? 1 : 0;
2169
2170 res = ieee80211_set_channel(local, -1, bss->freq);
2171
2172 if (!(local->oper_channel->flag & IEEE80211_CHAN_W_IBSS)) {
2173 printk(KERN_DEBUG "%s: IBSS not allowed on channel %d "
2174 "(%d MHz)\n", dev->name, local->hw.conf.channel,
2175 local->hw.conf.freq);
2176 return -1;
2177 }
2178
2179 /* Set beacon template based on scan results */
2180 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 400);
2181 do {
2182 if (!skb)
2183 break;
2184
2185 skb_reserve(skb, local->hw.extra_tx_headroom);
2186
2187 mgmt = (struct ieee80211_mgmt *)
2188 skb_put(skb, 24 + sizeof(mgmt->u.beacon));
2189 memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon));
2190 mgmt->frame_control = IEEE80211_FC(IEEE80211_FTYPE_MGMT,
2191 IEEE80211_STYPE_BEACON);
2192 memset(mgmt->da, 0xff, ETH_ALEN);
2193 memcpy(mgmt->sa, dev->dev_addr, ETH_ALEN);
2194 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
2195 mgmt->u.beacon.beacon_int =
2196 cpu_to_le16(local->hw.conf.beacon_int);
2197 mgmt->u.beacon.capab_info = cpu_to_le16(bss->capability);
2198
2199 pos = skb_put(skb, 2 + ifsta->ssid_len);
2200 *pos++ = WLAN_EID_SSID;
2201 *pos++ = ifsta->ssid_len;
2202 memcpy(pos, ifsta->ssid, ifsta->ssid_len);
2203
2204 rates = bss->supp_rates_len;
2205 if (rates > 8)
2206 rates = 8;
2207 pos = skb_put(skb, 2 + rates);
2208 *pos++ = WLAN_EID_SUPP_RATES;
2209 *pos++ = rates;
2210 memcpy(pos, bss->supp_rates, rates);
2211
2212 pos = skb_put(skb, 2 + 1);
2213 *pos++ = WLAN_EID_DS_PARAMS;
2214 *pos++ = 1;
2215 *pos++ = bss->channel;
2216
2217 pos = skb_put(skb, 2 + 2);
2218 *pos++ = WLAN_EID_IBSS_PARAMS;
2219 *pos++ = 2;
2220 /* FIX: set ATIM window based on scan results */
2221 *pos++ = 0;
2222 *pos++ = 0;
2223
2224 if (bss->supp_rates_len > 8) {
2225 rates = bss->supp_rates_len - 8;
2226 pos = skb_put(skb, 2 + rates);
2227 *pos++ = WLAN_EID_EXT_SUPP_RATES;
2228 *pos++ = rates;
2229 memcpy(pos, &bss->supp_rates[8], rates);
2230 }
2231
2232 memset(&control, 0, sizeof(control));
2233 memset(&extra, 0, sizeof(extra));
2234 extra.mode = local->oper_hw_mode;
2235 rate = rate_control_get_rate(local, dev, skb, &extra);
2236 if (!rate) {
2237 printk(KERN_DEBUG "%s: Failed to determine TX rate "
2238 "for IBSS beacon\n", dev->name);
2239 break;
2240 }
2241 control.tx_rate = (local->short_preamble &&
2242 (rate->flags & IEEE80211_RATE_PREAMBLE2)) ?
2243 rate->val2 : rate->val;
2244 control.antenna_sel_tx = local->hw.conf.antenna_sel_tx;
2245 control.power_level = local->hw.conf.power_level;
2246 control.flags |= IEEE80211_TXCTL_NO_ACK;
2247 control.retry_limit = 1;
2248
2249 ifsta->probe_resp = skb_copy(skb, GFP_ATOMIC);
2250 if (ifsta->probe_resp) {
2251 mgmt = (struct ieee80211_mgmt *)
2252 ifsta->probe_resp->data;
2253 mgmt->frame_control =
2254 IEEE80211_FC(IEEE80211_FTYPE_MGMT,
2255 IEEE80211_STYPE_PROBE_RESP);
2256 } else {
2257 printk(KERN_DEBUG "%s: Could not allocate ProbeResp "
2258 "template for IBSS\n", dev->name);
2259 }
2260
2261 if (local->ops->beacon_update &&
2262 local->ops->beacon_update(local_to_hw(local),
2263 skb, &control) == 0) {
2264 printk(KERN_DEBUG "%s: Configured IBSS beacon "
2265 "template based on scan results\n", dev->name);
2266 skb = NULL;
2267 }
2268
2269 rates = 0;
2270 mode = local->oper_hw_mode;
2271 for (i = 0; i < bss->supp_rates_len; i++) {
2272 int bitrate = (bss->supp_rates[i] & 0x7f) * 5;
2273 if (mode->mode == MODE_ATHEROS_TURBO)
2274 bitrate *= 2;
2275 for (j = 0; j < mode->num_rates; j++)
2276 if (mode->rates[j].rate == bitrate)
2277 rates |= BIT(j);
2278 }
2279 ifsta->supp_rates_bits = rates;
2280 } while (0);
2281
2282 if (skb) {
2283 printk(KERN_DEBUG "%s: Failed to configure IBSS beacon "
2284 "template\n", dev->name);
2285 dev_kfree_skb(skb);
2286 }
2287
2288 ifsta->state = IEEE80211_IBSS_JOINED;
2289 mod_timer(&ifsta->timer, jiffies + IEEE80211_IBSS_MERGE_INTERVAL);
2290
2291 ieee80211_rx_bss_put(dev, bss);
2292
2293 return res;
2294}
2295
2296
2297static int ieee80211_sta_create_ibss(struct net_device *dev,
2298 struct ieee80211_if_sta *ifsta)
2299{
2300 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2301 struct ieee80211_sta_bss *bss;
2302 struct ieee80211_sub_if_data *sdata;
2303 struct ieee80211_hw_mode *mode;
2304 u8 bssid[ETH_ALEN], *pos;
2305 int i;
2306
2307#if 0
2308 /* Easier testing, use fixed BSSID. */
2309 memset(bssid, 0xfe, ETH_ALEN);
2310#else
2311 /* Generate random, not broadcast, locally administered BSSID. Mix in
2312 * own MAC address to make sure that devices that do not have proper
2313 * random number generator get different BSSID. */
2314 get_random_bytes(bssid, ETH_ALEN);
2315 for (i = 0; i < ETH_ALEN; i++)
2316 bssid[i] ^= dev->dev_addr[i];
2317 bssid[0] &= ~0x01;
2318 bssid[0] |= 0x02;
2319#endif
2320
2321 printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID " MAC_FMT "\n",
2322 dev->name, MAC_ARG(bssid));
2323
2324 bss = ieee80211_rx_bss_add(dev, bssid);
2325 if (!bss)
2326 return -ENOMEM;
2327
2328 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2329 mode = local->oper_hw_mode;
2330
2331 if (local->hw.conf.beacon_int == 0)
2332 local->hw.conf.beacon_int = 100;
2333 bss->beacon_int = local->hw.conf.beacon_int;
2334 bss->hw_mode = local->hw.conf.phymode;
2335 bss->channel = local->hw.conf.channel;
2336 bss->freq = local->hw.conf.freq;
2337 bss->last_update = jiffies;
2338 bss->capability = WLAN_CAPABILITY_IBSS;
2339 if (sdata->default_key) {
2340 bss->capability |= WLAN_CAPABILITY_PRIVACY;
2341 } else
2342 sdata->drop_unencrypted = 0;
2343 bss->supp_rates_len = mode->num_rates;
2344 pos = bss->supp_rates;
2345 for (i = 0; i < mode->num_rates; i++) {
2346 int rate = mode->rates[i].rate;
2347 if (mode->mode == MODE_ATHEROS_TURBO)
2348 rate /= 2;
2349 *pos++ = (u8) (rate / 5);
2350 }
2351
2352 return ieee80211_sta_join_ibss(dev, ifsta, bss);
2353}
2354
2355
2356static int ieee80211_sta_find_ibss(struct net_device *dev,
2357 struct ieee80211_if_sta *ifsta)
2358{
2359 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2360 struct ieee80211_sta_bss *bss;
2361 int found = 0;
2362 u8 bssid[ETH_ALEN];
2363 int active_ibss;
2364
2365 if (ifsta->ssid_len == 0)
2366 return -EINVAL;
2367
2368 active_ibss = ieee80211_sta_active_ibss(dev);
2369#ifdef CONFIG_MAC80211_IBSS_DEBUG
2370 printk(KERN_DEBUG "%s: sta_find_ibss (active_ibss=%d)\n",
2371 dev->name, active_ibss);
2372#endif /* CONFIG_MAC80211_IBSS_DEBUG */
2373 spin_lock_bh(&local->sta_bss_lock);
2374 list_for_each_entry(bss, &local->sta_bss_list, list) {
2375 if (ifsta->ssid_len != bss->ssid_len ||
2376 memcmp(ifsta->ssid, bss->ssid, bss->ssid_len) != 0
2377 || !(bss->capability & WLAN_CAPABILITY_IBSS))
2378 continue;
2379#ifdef CONFIG_MAC80211_IBSS_DEBUG
2380 printk(KERN_DEBUG " bssid=" MAC_FMT " found\n",
2381 MAC_ARG(bss->bssid));
2382#endif /* CONFIG_MAC80211_IBSS_DEBUG */
2383 memcpy(bssid, bss->bssid, ETH_ALEN);
2384 found = 1;
2385 if (active_ibss || memcmp(bssid, ifsta->bssid, ETH_ALEN) != 0)
2386 break;
2387 }
2388 spin_unlock_bh(&local->sta_bss_lock);
2389
2390#ifdef CONFIG_MAC80211_IBSS_DEBUG
2391 printk(KERN_DEBUG " sta_find_ibss: selected " MAC_FMT " current "
2392 MAC_FMT "\n", MAC_ARG(bssid), MAC_ARG(ifsta->bssid));
2393#endif /* CONFIG_MAC80211_IBSS_DEBUG */
2394 if (found && memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0 &&
2395 (bss = ieee80211_rx_bss_get(dev, bssid))) {
2396 printk(KERN_DEBUG "%s: Selected IBSS BSSID " MAC_FMT
2397 " based on configured SSID\n",
2398 dev->name, MAC_ARG(bssid));
2399 return ieee80211_sta_join_ibss(dev, ifsta, bss);
2400 }
2401#ifdef CONFIG_MAC80211_IBSS_DEBUG
2402 printk(KERN_DEBUG " did not try to join ibss\n");
2403#endif /* CONFIG_MAC80211_IBSS_DEBUG */
2404
2405 /* Selected IBSS not found in current scan results - try to scan */
2406 if (ifsta->state == IEEE80211_IBSS_JOINED &&
2407 !ieee80211_sta_active_ibss(dev)) {
2408 mod_timer(&ifsta->timer, jiffies +
2409 IEEE80211_IBSS_MERGE_INTERVAL);
2410 } else if (time_after(jiffies, local->last_scan_completed +
2411 IEEE80211_SCAN_INTERVAL)) {
2412 printk(KERN_DEBUG "%s: Trigger new scan to find an IBSS to "
2413 "join\n", dev->name);
2414 return ieee80211_sta_req_scan(dev, ifsta->ssid,
2415 ifsta->ssid_len);
2416 } else if (ifsta->state != IEEE80211_IBSS_JOINED) {
2417 int interval = IEEE80211_SCAN_INTERVAL;
2418
2419 if (time_after(jiffies, ifsta->ibss_join_req +
2420 IEEE80211_IBSS_JOIN_TIMEOUT)) {
2421 if (ifsta->create_ibss &&
2422 local->oper_channel->flag & IEEE80211_CHAN_W_IBSS)
2423 return ieee80211_sta_create_ibss(dev, ifsta);
2424 if (ifsta->create_ibss) {
2425 printk(KERN_DEBUG "%s: IBSS not allowed on the"
2426 " configured channel %d (%d MHz)\n",
2427 dev->name, local->hw.conf.channel,
2428 local->hw.conf.freq);
2429 }
2430
2431 /* No IBSS found - decrease scan interval and continue
2432 * scanning. */
2433 interval = IEEE80211_SCAN_INTERVAL_SLOW;
2434 }
2435
2436 ifsta->state = IEEE80211_IBSS_SEARCH;
2437 mod_timer(&ifsta->timer, jiffies + interval);
2438 return 0;
2439 }
2440
2441 return 0;
2442}
2443
2444
2445int ieee80211_sta_set_ssid(struct net_device *dev, char *ssid, size_t len)
2446{
2447 struct ieee80211_sub_if_data *sdata;
2448 struct ieee80211_if_sta *ifsta;
2449 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2450
2451 if (len > IEEE80211_MAX_SSID_LEN)
2452 return -EINVAL;
2453
2454 /* TODO: This should always be done for IBSS, even if IEEE80211_QOS is
2455 * not defined. */
2456 if (local->ops->conf_tx) {
2457 struct ieee80211_tx_queue_params qparam;
2458 int i;
2459
2460 memset(&qparam, 0, sizeof(qparam));
2461 /* TODO: are these ok defaults for all hw_modes? */
2462 qparam.aifs = 2;
2463 qparam.cw_min =
2464 local->hw.conf.phymode == MODE_IEEE80211B ? 31 : 15;
2465 qparam.cw_max = 1023;
2466 qparam.burst_time = 0;
2467 for (i = IEEE80211_TX_QUEUE_DATA0; i < NUM_TX_DATA_QUEUES; i++)
2468 {
2469 local->ops->conf_tx(local_to_hw(local),
2470 i + IEEE80211_TX_QUEUE_DATA0,
2471 &qparam);
2472 }
2473 /* IBSS uses different parameters for Beacon sending */
2474 qparam.cw_min++;
2475 qparam.cw_min *= 2;
2476 qparam.cw_min--;
2477 local->ops->conf_tx(local_to_hw(local),
2478 IEEE80211_TX_QUEUE_BEACON, &qparam);
2479 }
2480
2481 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2482 ifsta = &sdata->u.sta;
2483
2484 if (ifsta->ssid_len != len || memcmp(ifsta->ssid, ssid, len) != 0)
2485 ifsta->prev_bssid_set = 0;
2486 memcpy(ifsta->ssid, ssid, len);
2487 memset(ifsta->ssid + len, 0, IEEE80211_MAX_SSID_LEN - len);
2488 ifsta->ssid_len = len;
2489
2490 ifsta->ssid_set = len ? 1 : 0;
2491 if (sdata->type == IEEE80211_IF_TYPE_IBSS && !ifsta->bssid_set) {
2492 ifsta->ibss_join_req = jiffies;
2493 ifsta->state = IEEE80211_IBSS_SEARCH;
2494 return ieee80211_sta_find_ibss(dev, ifsta);
2495 }
2496 return 0;
2497}
2498
2499
2500int ieee80211_sta_get_ssid(struct net_device *dev, char *ssid, size_t *len)
2501{
2502 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2503 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2504 memcpy(ssid, ifsta->ssid, ifsta->ssid_len);
2505 *len = ifsta->ssid_len;
2506 return 0;
2507}
2508
2509
2510int ieee80211_sta_set_bssid(struct net_device *dev, u8 *bssid)
2511{
2512 struct ieee80211_sub_if_data *sdata;
2513 struct ieee80211_if_sta *ifsta;
2514 int res;
2515
2516 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2517 ifsta = &sdata->u.sta;
2518
2519 if (memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0) {
2520 memcpy(ifsta->bssid, bssid, ETH_ALEN);
2521 res = ieee80211_if_config(dev);
2522 if (res) {
2523 printk(KERN_DEBUG "%s: Failed to config new BSSID to "
2524 "the low-level driver\n", dev->name);
2525 return res;
2526 }
2527 }
2528
2529 if (!is_valid_ether_addr(bssid))
2530 ifsta->bssid_set = 0;
2531 else
2532 ifsta->bssid_set = 1;
2533 return 0;
2534}
2535
2536
2537static void ieee80211_send_nullfunc(struct ieee80211_local *local,
2538 struct ieee80211_sub_if_data *sdata,
2539 int powersave)
2540{
2541 struct sk_buff *skb;
2542 struct ieee80211_hdr *nullfunc;
2543 u16 fc;
2544
2545 skb = dev_alloc_skb(local->hw.extra_tx_headroom + 24);
2546 if (!skb) {
2547 printk(KERN_DEBUG "%s: failed to allocate buffer for nullfunc "
2548 "frame\n", sdata->dev->name);
2549 return;
2550 }
2551 skb_reserve(skb, local->hw.extra_tx_headroom);
2552
2553 nullfunc = (struct ieee80211_hdr *) skb_put(skb, 24);
2554 memset(nullfunc, 0, 24);
2555 fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_NULLFUNC |
2556 IEEE80211_FCTL_TODS;
2557 if (powersave)
2558 fc |= IEEE80211_FCTL_PM;
2559 nullfunc->frame_control = cpu_to_le16(fc);
2560 memcpy(nullfunc->addr1, sdata->u.sta.bssid, ETH_ALEN);
2561 memcpy(nullfunc->addr2, sdata->dev->dev_addr, ETH_ALEN);
2562 memcpy(nullfunc->addr3, sdata->u.sta.bssid, ETH_ALEN);
2563
2564 ieee80211_sta_tx(sdata->dev, skb, 0);
2565}
2566
2567
2568void ieee80211_scan_completed(struct ieee80211_hw *hw)
2569{
2570 struct ieee80211_local *local = hw_to_local(hw);
2571 struct net_device *dev = local->scan_dev;
2572 struct ieee80211_sub_if_data *sdata;
2573 union iwreq_data wrqu;
2574
2575 local->last_scan_completed = jiffies;
2576 wmb();
2577 local->sta_scanning = 0;
2578
2579 if (ieee80211_hw_config(local))
2580 printk(KERN_DEBUG "%s: failed to restore operational"
2581 "channel after scan\n", dev->name);
2582
2583 if (!(local->hw.flags & IEEE80211_HW_NO_PROBE_FILTERING) &&
2584 ieee80211_if_config(dev))
2585 printk(KERN_DEBUG "%s: failed to restore operational"
2586 "BSSID after scan\n", dev->name);
2587
2588 memset(&wrqu, 0, sizeof(wrqu));
2589 wireless_send_event(dev, SIOCGIWSCAN, &wrqu, NULL);
2590
2591 read_lock(&local->sub_if_lock);
2592 list_for_each_entry(sdata, &local->sub_if_list, list) {
2593 if (sdata->type == IEEE80211_IF_TYPE_STA) {
2594 if (sdata->u.sta.associated)
2595 ieee80211_send_nullfunc(local, sdata, 0);
2596 ieee80211_sta_timer((unsigned long)sdata);
2597 }
2598 netif_wake_queue(sdata->dev);
2599 }
2600 read_unlock(&local->sub_if_lock);
2601
2602 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2603 if (sdata->type == IEEE80211_IF_TYPE_IBSS) {
2604 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2605 if (!ifsta->bssid_set ||
2606 (!ifsta->state == IEEE80211_IBSS_JOINED &&
2607 !ieee80211_sta_active_ibss(dev)))
2608 ieee80211_sta_find_ibss(dev, ifsta);
2609 }
2610}
2611EXPORT_SYMBOL(ieee80211_scan_completed);
2612
2613void ieee80211_sta_scan_work(struct work_struct *work)
2614{
2615 struct ieee80211_local *local =
2616 container_of(work, struct ieee80211_local, scan_work.work);
2617 struct net_device *dev = local->scan_dev;
2618 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2619 struct ieee80211_hw_mode *mode;
2620 struct ieee80211_channel *chan;
2621 int skip;
2622 unsigned long next_delay = 0;
2623
2624 if (!local->sta_scanning)
2625 return;
2626
2627 switch (local->scan_state) {
2628 case SCAN_SET_CHANNEL:
2629 mode = local->scan_hw_mode;
2630 if (local->scan_hw_mode->list.next == &local->modes_list &&
2631 local->scan_channel_idx >= mode->num_channels) {
2632 ieee80211_scan_completed(local_to_hw(local));
2633 return;
2634 }
2635 skip = !(local->enabled_modes & (1 << mode->mode));
2636 chan = &mode->channels[local->scan_channel_idx];
2637 if (!(chan->flag & IEEE80211_CHAN_W_SCAN) ||
2638 (sdata->type == IEEE80211_IF_TYPE_IBSS &&
2639 !(chan->flag & IEEE80211_CHAN_W_IBSS)) ||
2640 (local->hw_modes & local->enabled_modes &
2641 (1 << MODE_IEEE80211G) && mode->mode == MODE_IEEE80211B))
2642 skip = 1;
2643
2644 if (!skip) {
2645#if 0
2646 printk(KERN_DEBUG "%s: scan channel %d (%d MHz)\n",
2647 dev->name, chan->chan, chan->freq);
2648#endif
2649
2650 local->scan_channel = chan;
2651 if (ieee80211_hw_config(local)) {
2652 printk(KERN_DEBUG "%s: failed to set channel "
2653 "%d (%d MHz) for scan\n", dev->name,
2654 chan->chan, chan->freq);
2655 skip = 1;
2656 }
2657 }
2658
2659 local->scan_channel_idx++;
2660 if (local->scan_channel_idx >= local->scan_hw_mode->num_channels) {
2661 if (local->scan_hw_mode->list.next != &local->modes_list) {
2662 local->scan_hw_mode = list_entry(local->scan_hw_mode->list.next,
2663 struct ieee80211_hw_mode,
2664 list);
2665 local->scan_channel_idx = 0;
2666 }
2667 }
2668
2669 if (skip)
2670 break;
2671
2672 next_delay = IEEE80211_PROBE_DELAY +
2673 usecs_to_jiffies(local->hw.channel_change_time);
2674 local->scan_state = SCAN_SEND_PROBE;
2675 break;
2676 case SCAN_SEND_PROBE:
2677 if (local->scan_channel->flag & IEEE80211_CHAN_W_ACTIVE_SCAN) {
2678 ieee80211_send_probe_req(dev, NULL, local->scan_ssid,
2679 local->scan_ssid_len);
2680 next_delay = IEEE80211_CHANNEL_TIME;
2681 } else
2682 next_delay = IEEE80211_PASSIVE_CHANNEL_TIME;
2683 local->scan_state = SCAN_SET_CHANNEL;
2684 break;
2685 }
2686
2687 if (local->sta_scanning)
2688 queue_delayed_work(local->hw.workqueue, &local->scan_work,
2689 next_delay);
2690}
2691
2692
2693static int ieee80211_sta_start_scan(struct net_device *dev,
2694 u8 *ssid, size_t ssid_len)
2695{
2696 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2697 struct ieee80211_sub_if_data *sdata;
2698
2699 if (ssid_len > IEEE80211_MAX_SSID_LEN)
2700 return -EINVAL;
2701
2702 /* MLME-SCAN.request (page 118) page 144 (11.1.3.1)
2703 * BSSType: INFRASTRUCTURE, INDEPENDENT, ANY_BSS
2704 * BSSID: MACAddress
2705 * SSID
2706 * ScanType: ACTIVE, PASSIVE
2707 * ProbeDelay: delay (in microseconds) to be used prior to transmitting
2708 * a Probe frame during active scanning
2709 * ChannelList
2710 * MinChannelTime (>= ProbeDelay), in TU
2711 * MaxChannelTime: (>= MinChannelTime), in TU
2712 */
2713
2714 /* MLME-SCAN.confirm
2715 * BSSDescriptionSet
2716 * ResultCode: SUCCESS, INVALID_PARAMETERS
2717 */
2718
2719 if (local->sta_scanning) {
2720 if (local->scan_dev == dev)
2721 return 0;
2722 return -EBUSY;
2723 }
2724
2725 if (local->ops->hw_scan) {
2726 int rc = local->ops->hw_scan(local_to_hw(local),
2727 ssid, ssid_len);
2728 if (!rc) {
2729 local->sta_scanning = 1;
2730 local->scan_dev = dev;
2731 }
2732 return rc;
2733 }
2734
2735 local->sta_scanning = 1;
2736
2737 read_lock(&local->sub_if_lock);
2738 list_for_each_entry(sdata, &local->sub_if_list, list) {
2739 netif_stop_queue(sdata->dev);
2740 if (sdata->type == IEEE80211_IF_TYPE_STA &&
2741 sdata->u.sta.associated)
2742 ieee80211_send_nullfunc(local, sdata, 1);
2743 }
2744 read_unlock(&local->sub_if_lock);
2745
2746 if (ssid) {
2747 local->scan_ssid_len = ssid_len;
2748 memcpy(local->scan_ssid, ssid, ssid_len);
2749 } else
2750 local->scan_ssid_len = 0;
2751 local->scan_state = SCAN_SET_CHANNEL;
2752 local->scan_hw_mode = list_entry(local->modes_list.next,
2753 struct ieee80211_hw_mode,
2754 list);
2755 local->scan_channel_idx = 0;
2756 local->scan_dev = dev;
2757
2758 if (!(local->hw.flags & IEEE80211_HW_NO_PROBE_FILTERING) &&
2759 ieee80211_if_config(dev))
2760 printk(KERN_DEBUG "%s: failed to set BSSID for scan\n",
2761 dev->name);
2762
2763 /* TODO: start scan as soon as all nullfunc frames are ACKed */
2764 queue_delayed_work(local->hw.workqueue, &local->scan_work,
2765 IEEE80211_CHANNEL_TIME);
2766
2767 return 0;
2768}
2769
2770
2771int ieee80211_sta_req_scan(struct net_device *dev, u8 *ssid, size_t ssid_len)
2772{
2773 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2774 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2775 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2776
2777 if (sdata->type != IEEE80211_IF_TYPE_STA)
2778 return ieee80211_sta_start_scan(dev, ssid, ssid_len);
2779
2780 if (local->sta_scanning) {
2781 if (local->scan_dev == dev)
2782 return 0;
2783 return -EBUSY;
2784 }
2785
2786 set_bit(IEEE80211_STA_REQ_SCAN, &ifsta->request);
2787 queue_work(local->hw.workqueue, &ifsta->work);
2788 return 0;
2789}
2790
2791static char *
2792ieee80211_sta_scan_result(struct net_device *dev,
2793 struct ieee80211_sta_bss *bss,
2794 char *current_ev, char *end_buf)
2795{
2796 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2797 struct iw_event iwe;
2798
2799 if (time_after(jiffies,
2800 bss->last_update + IEEE80211_SCAN_RESULT_EXPIRE))
2801 return current_ev;
2802
2803 if (!(local->enabled_modes & (1 << bss->hw_mode)))
2804 return current_ev;
2805
2806 if (local->scan_flags & IEEE80211_SCAN_WPA_ONLY &&
2807 !bss->wpa_ie && !bss->rsn_ie)
2808 return current_ev;
2809
2810 if (local->scan_flags & IEEE80211_SCAN_MATCH_SSID &&
2811 (local->scan_ssid_len != bss->ssid_len ||
2812 memcmp(local->scan_ssid, bss->ssid, bss->ssid_len) != 0))
2813 return current_ev;
2814
2815 memset(&iwe, 0, sizeof(iwe));
2816 iwe.cmd = SIOCGIWAP;
2817 iwe.u.ap_addr.sa_family = ARPHRD_ETHER;
2818 memcpy(iwe.u.ap_addr.sa_data, bss->bssid, ETH_ALEN);
2819 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
2820 IW_EV_ADDR_LEN);
2821
2822 memset(&iwe, 0, sizeof(iwe));
2823 iwe.cmd = SIOCGIWESSID;
2824 iwe.u.data.length = bss->ssid_len;
2825 iwe.u.data.flags = 1;
2826 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
2827 bss->ssid);
2828
2829 if (bss->capability & (WLAN_CAPABILITY_ESS | WLAN_CAPABILITY_IBSS)) {
2830 memset(&iwe, 0, sizeof(iwe));
2831 iwe.cmd = SIOCGIWMODE;
2832 if (bss->capability & WLAN_CAPABILITY_ESS)
2833 iwe.u.mode = IW_MODE_MASTER;
2834 else
2835 iwe.u.mode = IW_MODE_ADHOC;
2836 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
2837 IW_EV_UINT_LEN);
2838 }
2839
2840 memset(&iwe, 0, sizeof(iwe));
2841 iwe.cmd = SIOCGIWFREQ;
2842 iwe.u.freq.m = bss->channel;
2843 iwe.u.freq.e = 0;
2844 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
2845 IW_EV_FREQ_LEN);
2846 iwe.u.freq.m = bss->freq * 100000;
2847 iwe.u.freq.e = 1;
2848 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
2849 IW_EV_FREQ_LEN);
2850
2851 memset(&iwe, 0, sizeof(iwe));
2852 iwe.cmd = IWEVQUAL;
2853 iwe.u.qual.qual = bss->signal;
2854 iwe.u.qual.level = bss->rssi;
2855 iwe.u.qual.noise = bss->noise;
2856 iwe.u.qual.updated = local->wstats_flags;
2857 current_ev = iwe_stream_add_event(current_ev, end_buf, &iwe,
2858 IW_EV_QUAL_LEN);
2859
2860 memset(&iwe, 0, sizeof(iwe));
2861 iwe.cmd = SIOCGIWENCODE;
2862 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
2863 iwe.u.data.flags = IW_ENCODE_ENABLED | IW_ENCODE_NOKEY;
2864 else
2865 iwe.u.data.flags = IW_ENCODE_DISABLED;
2866 iwe.u.data.length = 0;
2867 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe, "");
2868
2869 if (bss && bss->wpa_ie) {
2870 memset(&iwe, 0, sizeof(iwe));
2871 iwe.cmd = IWEVGENIE;
2872 iwe.u.data.length = bss->wpa_ie_len;
2873 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
2874 bss->wpa_ie);
2875 }
2876
2877 if (bss && bss->rsn_ie) {
2878 memset(&iwe, 0, sizeof(iwe));
2879 iwe.cmd = IWEVGENIE;
2880 iwe.u.data.length = bss->rsn_ie_len;
2881 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
2882 bss->rsn_ie);
2883 }
2884
2885 if (bss && bss->supp_rates_len > 0) {
2886 /* display all supported rates in readable format */
2887 char *p = current_ev + IW_EV_LCP_LEN;
2888 int i;
2889
2890 memset(&iwe, 0, sizeof(iwe));
2891 iwe.cmd = SIOCGIWRATE;
2892 /* Those two flags are ignored... */
2893 iwe.u.bitrate.fixed = iwe.u.bitrate.disabled = 0;
2894
2895 for (i = 0; i < bss->supp_rates_len; i++) {
2896 iwe.u.bitrate.value = ((bss->supp_rates[i] &
2897 0x7f) * 500000);
2898 p = iwe_stream_add_value(current_ev, p,
2899 end_buf, &iwe, IW_EV_PARAM_LEN);
2900 }
2901 current_ev = p;
2902 }
2903
2904 if (bss) {
2905 char *buf;
2906 buf = kmalloc(30, GFP_ATOMIC);
2907 if (buf) {
2908 memset(&iwe, 0, sizeof(iwe));
2909 iwe.cmd = IWEVCUSTOM;
2910 sprintf(buf, "tsf=%016llx", (unsigned long long)(bss->timestamp));
2911 iwe.u.data.length = strlen(buf);
2912 current_ev = iwe_stream_add_point(current_ev, end_buf,
2913 &iwe, buf);
2914 kfree(buf);
2915 }
2916 }
2917
2918 do {
2919 char *buf;
2920
2921 if (!(local->scan_flags & IEEE80211_SCAN_EXTRA_INFO))
2922 break;
2923
2924 buf = kmalloc(100, GFP_ATOMIC);
2925 if (!buf)
2926 break;
2927
2928 memset(&iwe, 0, sizeof(iwe));
2929 iwe.cmd = IWEVCUSTOM;
2930 sprintf(buf, "bcn_int=%d", bss->beacon_int);
2931 iwe.u.data.length = strlen(buf);
2932 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
2933 buf);
2934
2935 memset(&iwe, 0, sizeof(iwe));
2936 iwe.cmd = IWEVCUSTOM;
2937 sprintf(buf, "capab=0x%04x", bss->capability);
2938 iwe.u.data.length = strlen(buf);
2939 current_ev = iwe_stream_add_point(current_ev, end_buf, &iwe,
2940 buf);
2941
2942 kfree(buf);
2943 break;
2944 } while (0);
2945
2946 return current_ev;
2947}
2948
2949
2950int ieee80211_sta_scan_results(struct net_device *dev, char *buf, size_t len)
2951{
2952 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2953 char *current_ev = buf;
2954 char *end_buf = buf + len;
2955 struct ieee80211_sta_bss *bss;
2956
2957 spin_lock_bh(&local->sta_bss_lock);
2958 list_for_each_entry(bss, &local->sta_bss_list, list) {
2959 if (buf + len - current_ev <= IW_EV_ADDR_LEN) {
2960 spin_unlock_bh(&local->sta_bss_lock);
2961 return -E2BIG;
2962 }
2963 current_ev = ieee80211_sta_scan_result(dev, bss, current_ev,
2964 end_buf);
2965 }
2966 spin_unlock_bh(&local->sta_bss_lock);
2967 return current_ev - buf;
2968}
2969
2970
2971int ieee80211_sta_set_extra_ie(struct net_device *dev, char *ie, size_t len)
2972{
2973 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2974 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
2975 kfree(ifsta->extra_ie);
2976 if (len == 0) {
2977 ifsta->extra_ie = NULL;
2978 ifsta->extra_ie_len = 0;
2979 return 0;
2980 }
2981 ifsta->extra_ie = kmalloc(len, GFP_KERNEL);
2982 if (!ifsta->extra_ie) {
2983 ifsta->extra_ie_len = 0;
2984 return -ENOMEM;
2985 }
2986 memcpy(ifsta->extra_ie, ie, len);
2987 ifsta->extra_ie_len = len;
2988 return 0;
2989}
2990
2991
2992struct sta_info * ieee80211_ibss_add_sta(struct net_device *dev,
2993 struct sk_buff *skb, u8 *bssid,
2994 u8 *addr)
2995{
2996 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2997 struct sta_info *sta;
2998 struct ieee80211_sub_if_data *sdata = NULL;
2999
3000 /* TODO: Could consider removing the least recently used entry and
3001 * allow new one to be added. */
3002 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
3003 if (net_ratelimit()) {
3004 printk(KERN_DEBUG "%s: No room for a new IBSS STA "
3005 "entry " MAC_FMT "\n", dev->name, MAC_ARG(addr));
3006 }
3007 return NULL;
3008 }
3009
3010 printk(KERN_DEBUG "%s: Adding new IBSS station " MAC_FMT " (dev=%s)\n",
3011 local->mdev->name, MAC_ARG(addr), dev->name);
3012
3013 sta = sta_info_add(local, dev, addr, GFP_ATOMIC);
3014 if (!sta)
3015 return NULL;
3016
3017 sta->supp_rates = sdata->u.sta.supp_rates_bits;
3018
3019 rate_control_rate_init(sta, local);
3020
3021 return sta; /* caller will call sta_info_put() */
3022}
3023
3024
3025int ieee80211_sta_deauthenticate(struct net_device *dev, u16 reason)
3026{
3027 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3028 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3029
3030 printk(KERN_DEBUG "%s: deauthenticate(reason=%d)\n",
3031 dev->name, reason);
3032
3033 if (sdata->type != IEEE80211_IF_TYPE_STA &&
3034 sdata->type != IEEE80211_IF_TYPE_IBSS)
3035 return -EINVAL;
3036
3037 ieee80211_send_deauth(dev, ifsta, reason);
3038 ieee80211_set_disassoc(dev, ifsta, 1);
3039 return 0;
3040}
3041
3042
3043int ieee80211_sta_disassociate(struct net_device *dev, u16 reason)
3044{
3045 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3046 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
3047
3048 printk(KERN_DEBUG "%s: disassociate(reason=%d)\n",
3049 dev->name, reason);
3050
3051 if (sdata->type != IEEE80211_IF_TYPE_STA)
3052 return -EINVAL;
3053
3054 if (!ifsta->associated)
3055 return -1;
3056
3057 ieee80211_send_disassoc(dev, ifsta, reason);
3058 ieee80211_set_disassoc(dev, ifsta, 0);
3059 return 0;
3060}
diff --git a/net/mac80211/michael.c b/net/mac80211/michael.c
new file mode 100644
index 000000000000..0f844f7895f1
--- /dev/null
+++ b/net/mac80211/michael.c
@@ -0,0 +1,104 @@
1/*
2 * Michael MIC implementation - optimized for TKIP MIC operations
3 * Copyright 2002-2003, Instant802 Networks, Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <linux/types.h>
11
12#include "michael.h"
13
14static inline u32 rotr(u32 val, int bits)
15{
16 return (val >> bits) | (val << (32 - bits));
17}
18
19
20static inline u32 rotl(u32 val, int bits)
21{
22 return (val << bits) | (val >> (32 - bits));
23}
24
25
26static inline u32 xswap(u32 val)
27{
28 return ((val & 0xff00ff00) >> 8) | ((val & 0x00ff00ff) << 8);
29}
30
31
32#define michael_block(l, r) \
33do { \
34 r ^= rotl(l, 17); \
35 l += r; \
36 r ^= xswap(l); \
37 l += r; \
38 r ^= rotl(l, 3); \
39 l += r; \
40 r ^= rotr(l, 2); \
41 l += r; \
42} while (0)
43
44
45static inline u32 michael_get32(u8 *data)
46{
47 return data[0] | (data[1] << 8) | (data[2] << 16) | (data[3] << 24);
48}
49
50
51static inline void michael_put32(u32 val, u8 *data)
52{
53 data[0] = val & 0xff;
54 data[1] = (val >> 8) & 0xff;
55 data[2] = (val >> 16) & 0xff;
56 data[3] = (val >> 24) & 0xff;
57}
58
59
60void michael_mic(u8 *key, u8 *da, u8 *sa, u8 priority,
61 u8 *data, size_t data_len, u8 *mic)
62{
63 u32 l, r, val;
64 size_t block, blocks, left;
65
66 l = michael_get32(key);
67 r = michael_get32(key + 4);
68
69 /* A pseudo header (DA, SA, Priority, 0, 0, 0) is used in Michael MIC
70 * calculation, but it is _not_ transmitted */
71 l ^= michael_get32(da);
72 michael_block(l, r);
73 l ^= da[4] | (da[5] << 8) | (sa[0] << 16) | (sa[1] << 24);
74 michael_block(l, r);
75 l ^= michael_get32(&sa[2]);
76 michael_block(l, r);
77 l ^= priority;
78 michael_block(l, r);
79
80 /* Real data */
81 blocks = data_len / 4;
82 left = data_len % 4;
83
84 for (block = 0; block < blocks; block++) {
85 l ^= michael_get32(&data[block * 4]);
86 michael_block(l, r);
87 }
88
89 /* Partial block of 0..3 bytes and padding: 0x5a + 4..7 zeros to make
90 * total length a multiple of 4. */
91 val = 0x5a;
92 while (left > 0) {
93 val <<= 8;
94 left--;
95 val |= data[blocks * 4 + left];
96 }
97 l ^= val;
98 michael_block(l, r);
99 /* last block is zero, so l ^ 0 = l */
100 michael_block(l, r);
101
102 michael_put32(l, mic);
103 michael_put32(r, mic + 4);
104}
diff --git a/net/mac80211/michael.h b/net/mac80211/michael.h
new file mode 100644
index 000000000000..2e6aebabeea1
--- /dev/null
+++ b/net/mac80211/michael.h
@@ -0,0 +1,20 @@
1/*
2 * Michael MIC implementation - optimized for TKIP MIC operations
3 * Copyright 2002-2003, Instant802 Networks, Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#ifndef MICHAEL_H
11#define MICHAEL_H
12
13#include <linux/types.h>
14
15#define MICHAEL_MIC_LEN 8
16
17void michael_mic(u8 *key, u8 *da, u8 *sa, u8 priority,
18 u8 *data, size_t data_len, u8 *mic);
19
20#endif /* MICHAEL_H */
diff --git a/net/mac80211/rc80211_simple.c b/net/mac80211/rc80211_simple.c
new file mode 100644
index 000000000000..2048cfd1ca70
--- /dev/null
+++ b/net/mac80211/rc80211_simple.c
@@ -0,0 +1,432 @@
1/*
2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005, Devicescape Software, Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <linux/module.h>
11#include <linux/init.h>
12#include <linux/netdevice.h>
13#include <linux/types.h>
14#include <linux/slab.h>
15#include <linux/skbuff.h>
16#include <linux/compiler.h>
17
18#include <net/mac80211.h>
19#include "ieee80211_i.h"
20#include "ieee80211_rate.h"
21#include "debugfs.h"
22
23
24/* This is a minimal implementation of TX rate controlling that can be used
25 * as the default when no improved mechanisms are available. */
26
27
28#define RATE_CONTROL_EMERG_DEC 2
29#define RATE_CONTROL_INTERVAL (HZ / 20)
30#define RATE_CONTROL_MIN_TX 10
31
32MODULE_ALIAS("rc80211_default");
33
34static void rate_control_rate_inc(struct ieee80211_local *local,
35 struct sta_info *sta)
36{
37 struct ieee80211_sub_if_data *sdata;
38 struct ieee80211_hw_mode *mode;
39 int i = sta->txrate;
40 int maxrate;
41
42 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
43 if (sdata->bss && sdata->bss->force_unicast_rateidx > -1) {
44 /* forced unicast rate - do not change STA rate */
45 return;
46 }
47
48 mode = local->oper_hw_mode;
49 maxrate = sdata->bss ? sdata->bss->max_ratectrl_rateidx : -1;
50
51 if (i > mode->num_rates)
52 i = mode->num_rates - 2;
53
54 while (i + 1 < mode->num_rates) {
55 i++;
56 if (sta->supp_rates & BIT(i) &&
57 mode->rates[i].flags & IEEE80211_RATE_SUPPORTED &&
58 (maxrate < 0 || i <= maxrate)) {
59 sta->txrate = i;
60 break;
61 }
62 }
63}
64
65
66static void rate_control_rate_dec(struct ieee80211_local *local,
67 struct sta_info *sta)
68{
69 struct ieee80211_sub_if_data *sdata;
70 struct ieee80211_hw_mode *mode;
71 int i = sta->txrate;
72
73 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
74 if (sdata->bss && sdata->bss->force_unicast_rateidx > -1) {
75 /* forced unicast rate - do not change STA rate */
76 return;
77 }
78
79 mode = local->oper_hw_mode;
80 if (i > mode->num_rates)
81 i = mode->num_rates;
82
83 while (i > 0) {
84 i--;
85 if (sta->supp_rates & BIT(i) &&
86 mode->rates[i].flags & IEEE80211_RATE_SUPPORTED) {
87 sta->txrate = i;
88 break;
89 }
90 }
91}
92
93
94static struct ieee80211_rate *
95rate_control_lowest_rate(struct ieee80211_local *local,
96 struct ieee80211_hw_mode *mode)
97{
98 int i;
99
100 for (i = 0; i < mode->num_rates; i++) {
101 struct ieee80211_rate *rate = &mode->rates[i];
102
103 if (rate->flags & IEEE80211_RATE_SUPPORTED)
104 return rate;
105 }
106
107 printk(KERN_DEBUG "rate_control_lowest_rate - no supported rates "
108 "found\n");
109 return &mode->rates[0];
110}
111
112
113struct global_rate_control {
114 int dummy;
115};
116
117struct sta_rate_control {
118 unsigned long last_rate_change;
119 u32 tx_num_failures;
120 u32 tx_num_xmit;
121
122 unsigned long avg_rate_update;
123 u32 tx_avg_rate_sum;
124 u32 tx_avg_rate_num;
125
126#ifdef CONFIG_MAC80211_DEBUGFS
127 struct dentry *tx_avg_rate_sum_dentry;
128 struct dentry *tx_avg_rate_num_dentry;
129#endif
130};
131
132
133static void rate_control_simple_tx_status(void *priv, struct net_device *dev,
134 struct sk_buff *skb,
135 struct ieee80211_tx_status *status)
136{
137 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
138 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
139 struct sta_info *sta;
140 struct sta_rate_control *srctrl;
141
142 sta = sta_info_get(local, hdr->addr1);
143
144 if (!sta)
145 return;
146
147 srctrl = sta->rate_ctrl_priv;
148 srctrl->tx_num_xmit++;
149 if (status->excessive_retries) {
150 sta->antenna_sel_tx = sta->antenna_sel_tx == 1 ? 2 : 1;
151 sta->antenna_sel_rx = sta->antenna_sel_rx == 1 ? 2 : 1;
152 if (local->sta_antenna_sel == STA_ANTENNA_SEL_SW_CTRL_DEBUG) {
153 printk(KERN_DEBUG "%s: " MAC_FMT " TX antenna --> %d "
154 "RX antenna --> %d (@%lu)\n",
155 dev->name, MAC_ARG(hdr->addr1),
156 sta->antenna_sel_tx, sta->antenna_sel_rx, jiffies);
157 }
158 srctrl->tx_num_failures++;
159 sta->tx_retry_failed++;
160 sta->tx_num_consecutive_failures++;
161 sta->tx_num_mpdu_fail++;
162 } else {
163 sta->last_ack_rssi[0] = sta->last_ack_rssi[1];
164 sta->last_ack_rssi[1] = sta->last_ack_rssi[2];
165 sta->last_ack_rssi[2] = status->ack_signal;
166 sta->tx_num_consecutive_failures = 0;
167 sta->tx_num_mpdu_ok++;
168 }
169 sta->tx_retry_count += status->retry_count;
170 sta->tx_num_mpdu_fail += status->retry_count;
171
172 if (time_after(jiffies,
173 srctrl->last_rate_change + RATE_CONTROL_INTERVAL) &&
174 srctrl->tx_num_xmit > RATE_CONTROL_MIN_TX) {
175 u32 per_failed;
176 srctrl->last_rate_change = jiffies;
177
178 per_failed = (100 * sta->tx_num_mpdu_fail) /
179 (sta->tx_num_mpdu_fail + sta->tx_num_mpdu_ok);
180 /* TODO: calculate average per_failed to make adjusting
181 * parameters easier */
182#if 0
183 if (net_ratelimit()) {
184 printk(KERN_DEBUG "MPDU fail=%d ok=%d per_failed=%d\n",
185 sta->tx_num_mpdu_fail, sta->tx_num_mpdu_ok,
186 per_failed);
187 }
188#endif
189
190 if (per_failed > local->rate_ctrl_num_down) {
191 rate_control_rate_dec(local, sta);
192 } else if (per_failed < local->rate_ctrl_num_up) {
193 rate_control_rate_inc(local, sta);
194 }
195 srctrl->tx_avg_rate_sum += status->control.rate->rate;
196 srctrl->tx_avg_rate_num++;
197 srctrl->tx_num_failures = 0;
198 srctrl->tx_num_xmit = 0;
199 } else if (sta->tx_num_consecutive_failures >=
200 RATE_CONTROL_EMERG_DEC) {
201 rate_control_rate_dec(local, sta);
202 }
203
204 if (srctrl->avg_rate_update + 60 * HZ < jiffies) {
205 srctrl->avg_rate_update = jiffies;
206 if (srctrl->tx_avg_rate_num > 0) {
207#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
208 printk(KERN_DEBUG "%s: STA " MAC_FMT " Average rate: "
209 "%d (%d/%d)\n",
210 dev->name, MAC_ARG(sta->addr),
211 srctrl->tx_avg_rate_sum /
212 srctrl->tx_avg_rate_num,
213 srctrl->tx_avg_rate_sum,
214 srctrl->tx_avg_rate_num);
215#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
216 srctrl->tx_avg_rate_sum = 0;
217 srctrl->tx_avg_rate_num = 0;
218 }
219 }
220
221 sta_info_put(sta);
222}
223
224
225static struct ieee80211_rate *
226rate_control_simple_get_rate(void *priv, struct net_device *dev,
227 struct sk_buff *skb,
228 struct rate_control_extra *extra)
229{
230 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
231 struct ieee80211_sub_if_data *sdata;
232 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
233 struct ieee80211_hw_mode *mode = extra->mode;
234 struct sta_info *sta;
235 int rateidx, nonerp_idx;
236 u16 fc;
237
238 memset(extra, 0, sizeof(*extra));
239
240 fc = le16_to_cpu(hdr->frame_control);
241 if ((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA ||
242 (hdr->addr1[0] & 0x01)) {
243 /* Send management frames and broadcast/multicast data using
244 * lowest rate. */
245 /* TODO: this could probably be improved.. */
246 return rate_control_lowest_rate(local, mode);
247 }
248
249 sta = sta_info_get(local, hdr->addr1);
250
251 if (!sta)
252 return rate_control_lowest_rate(local, mode);
253
254 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
255 if (sdata->bss && sdata->bss->force_unicast_rateidx > -1)
256 sta->txrate = sdata->bss->force_unicast_rateidx;
257
258 rateidx = sta->txrate;
259
260 if (rateidx >= mode->num_rates)
261 rateidx = mode->num_rates - 1;
262
263 sta->last_txrate = rateidx;
264 nonerp_idx = rateidx;
265 while (nonerp_idx > 0 &&
266 ((mode->rates[nonerp_idx].flags & IEEE80211_RATE_ERP) ||
267 !(mode->rates[nonerp_idx].flags & IEEE80211_RATE_SUPPORTED) ||
268 !(sta->supp_rates & BIT(nonerp_idx))))
269 nonerp_idx--;
270 extra->nonerp = &mode->rates[nonerp_idx];
271
272 sta_info_put(sta);
273
274 return &mode->rates[rateidx];
275}
276
277
278static void rate_control_simple_rate_init(void *priv, void *priv_sta,
279 struct ieee80211_local *local,
280 struct sta_info *sta)
281{
282 struct ieee80211_hw_mode *mode;
283 int i;
284 sta->txrate = 0;
285 mode = local->oper_hw_mode;
286 /* TODO: what is a good starting rate for STA? About middle? Maybe not
287 * the lowest or the highest rate.. Could consider using RSSI from
288 * previous packets? Need to have IEEE 802.1X auth succeed immediately
289 * after assoc.. */
290 for (i = 0; i < mode->num_rates; i++) {
291 if ((sta->supp_rates & BIT(i)) &&
292 (mode->rates[i].flags & IEEE80211_RATE_SUPPORTED))
293 sta->txrate = i;
294 }
295}
296
297
298static void * rate_control_simple_alloc(struct ieee80211_local *local)
299{
300 struct global_rate_control *rctrl;
301
302 rctrl = kzalloc(sizeof(*rctrl), GFP_ATOMIC);
303
304 return rctrl;
305}
306
307
308static void rate_control_simple_free(void *priv)
309{
310 struct global_rate_control *rctrl = priv;
311 kfree(rctrl);
312}
313
314
315static void rate_control_simple_clear(void *priv)
316{
317}
318
319
320static void * rate_control_simple_alloc_sta(void *priv, gfp_t gfp)
321{
322 struct sta_rate_control *rctrl;
323
324 rctrl = kzalloc(sizeof(*rctrl), gfp);
325
326 return rctrl;
327}
328
329
330static void rate_control_simple_free_sta(void *priv, void *priv_sta)
331{
332 struct sta_rate_control *rctrl = priv_sta;
333 kfree(rctrl);
334}
335
336#ifdef CONFIG_MAC80211_DEBUGFS
337
338static int open_file_generic(struct inode *inode, struct file *file)
339{
340 file->private_data = inode->i_private;
341 return 0;
342}
343
344static ssize_t sta_tx_avg_rate_sum_read(struct file *file,
345 char __user *userbuf,
346 size_t count, loff_t *ppos)
347{
348 struct sta_rate_control *srctrl = file->private_data;
349 char buf[20];
350
351 sprintf(buf, "%d\n", srctrl->tx_avg_rate_sum);
352 return simple_read_from_buffer(userbuf, count, ppos, buf, strlen(buf));
353}
354
355static const struct file_operations sta_tx_avg_rate_sum_ops = {
356 .read = sta_tx_avg_rate_sum_read,
357 .open = open_file_generic,
358};
359
360static ssize_t sta_tx_avg_rate_num_read(struct file *file,
361 char __user *userbuf,
362 size_t count, loff_t *ppos)
363{
364 struct sta_rate_control *srctrl = file->private_data;
365 char buf[20];
366
367 sprintf(buf, "%d\n", srctrl->tx_avg_rate_num);
368 return simple_read_from_buffer(userbuf, count, ppos, buf, strlen(buf));
369}
370
371static const struct file_operations sta_tx_avg_rate_num_ops = {
372 .read = sta_tx_avg_rate_num_read,
373 .open = open_file_generic,
374};
375
376static void rate_control_simple_add_sta_debugfs(void *priv, void *priv_sta,
377 struct dentry *dir)
378{
379 struct sta_rate_control *srctrl = priv_sta;
380
381 srctrl->tx_avg_rate_num_dentry =
382 debugfs_create_file("rc_simple_sta_tx_avg_rate_num", 0400,
383 dir, srctrl, &sta_tx_avg_rate_num_ops);
384 srctrl->tx_avg_rate_sum_dentry =
385 debugfs_create_file("rc_simple_sta_tx_avg_rate_sum", 0400,
386 dir, srctrl, &sta_tx_avg_rate_sum_ops);
387}
388
389static void rate_control_simple_remove_sta_debugfs(void *priv, void *priv_sta)
390{
391 struct sta_rate_control *srctrl = priv_sta;
392
393 debugfs_remove(srctrl->tx_avg_rate_sum_dentry);
394 debugfs_remove(srctrl->tx_avg_rate_num_dentry);
395}
396#endif
397
398static struct rate_control_ops rate_control_simple = {
399 .module = THIS_MODULE,
400 .name = "simple",
401 .tx_status = rate_control_simple_tx_status,
402 .get_rate = rate_control_simple_get_rate,
403 .rate_init = rate_control_simple_rate_init,
404 .clear = rate_control_simple_clear,
405 .alloc = rate_control_simple_alloc,
406 .free = rate_control_simple_free,
407 .alloc_sta = rate_control_simple_alloc_sta,
408 .free_sta = rate_control_simple_free_sta,
409#ifdef CONFIG_MAC80211_DEBUGFS
410 .add_sta_debugfs = rate_control_simple_add_sta_debugfs,
411 .remove_sta_debugfs = rate_control_simple_remove_sta_debugfs,
412#endif
413};
414
415
416static int __init rate_control_simple_init(void)
417{
418 return ieee80211_rate_control_register(&rate_control_simple);
419}
420
421
422static void __exit rate_control_simple_exit(void)
423{
424 ieee80211_rate_control_unregister(&rate_control_simple);
425}
426
427
428module_init(rate_control_simple_init);
429module_exit(rate_control_simple_exit);
430
431MODULE_DESCRIPTION("Simple rate control algorithm for ieee80211");
432MODULE_LICENSE("GPL");
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
new file mode 100644
index 000000000000..ab7b1f067c6e
--- /dev/null
+++ b/net/mac80211/sta_info.c
@@ -0,0 +1,470 @@
1/*
2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <linux/module.h>
11#include <linux/init.h>
12#include <linux/netdevice.h>
13#include <linux/types.h>
14#include <linux/slab.h>
15#include <linux/skbuff.h>
16#include <linux/if_arp.h>
17
18#include <net/mac80211.h>
19#include "ieee80211_i.h"
20#include "ieee80211_rate.h"
21#include "sta_info.h"
22#include "debugfs_key.h"
23#include "debugfs_sta.h"
24
25/* Caller must hold local->sta_lock */
26static void sta_info_hash_add(struct ieee80211_local *local,
27 struct sta_info *sta)
28{
29 sta->hnext = local->sta_hash[STA_HASH(sta->addr)];
30 local->sta_hash[STA_HASH(sta->addr)] = sta;
31}
32
33
34/* Caller must hold local->sta_lock */
35static void sta_info_hash_del(struct ieee80211_local *local,
36 struct sta_info *sta)
37{
38 struct sta_info *s;
39
40 s = local->sta_hash[STA_HASH(sta->addr)];
41 if (!s)
42 return;
43 if (memcmp(s->addr, sta->addr, ETH_ALEN) == 0) {
44 local->sta_hash[STA_HASH(sta->addr)] = s->hnext;
45 return;
46 }
47
48 while (s->hnext && memcmp(s->hnext->addr, sta->addr, ETH_ALEN) != 0)
49 s = s->hnext;
50 if (s->hnext)
51 s->hnext = s->hnext->hnext;
52 else
53 printk(KERN_ERR "%s: could not remove STA " MAC_FMT " from "
54 "hash table\n", local->mdev->name, MAC_ARG(sta->addr));
55}
56
57static inline void __sta_info_get(struct sta_info *sta)
58{
59 kref_get(&sta->kref);
60}
61
62struct sta_info *sta_info_get(struct ieee80211_local *local, u8 *addr)
63{
64 struct sta_info *sta;
65
66 spin_lock_bh(&local->sta_lock);
67 sta = local->sta_hash[STA_HASH(addr)];
68 while (sta) {
69 if (memcmp(sta->addr, addr, ETH_ALEN) == 0) {
70 __sta_info_get(sta);
71 break;
72 }
73 sta = sta->hnext;
74 }
75 spin_unlock_bh(&local->sta_lock);
76
77 return sta;
78}
79EXPORT_SYMBOL(sta_info_get);
80
81int sta_info_min_txrate_get(struct ieee80211_local *local)
82{
83 struct sta_info *sta;
84 struct ieee80211_hw_mode *mode;
85 int min_txrate = 9999999;
86 int i;
87
88 spin_lock_bh(&local->sta_lock);
89 mode = local->oper_hw_mode;
90 for (i = 0; i < STA_HASH_SIZE; i++) {
91 sta = local->sta_hash[i];
92 while (sta) {
93 if (sta->txrate < min_txrate)
94 min_txrate = sta->txrate;
95 sta = sta->hnext;
96 }
97 }
98 spin_unlock_bh(&local->sta_lock);
99 if (min_txrate == 9999999)
100 min_txrate = 0;
101
102 return mode->rates[min_txrate].rate;
103}
104
105
106static void sta_info_release(struct kref *kref)
107{
108 struct sta_info *sta = container_of(kref, struct sta_info, kref);
109 struct ieee80211_local *local = sta->local;
110 struct sk_buff *skb;
111
112 /* free sta structure; it has already been removed from
113 * hash table etc. external structures. Make sure that all
114 * buffered frames are release (one might have been added
115 * after sta_info_free() was called). */
116 while ((skb = skb_dequeue(&sta->ps_tx_buf)) != NULL) {
117 local->total_ps_buffered--;
118 dev_kfree_skb_any(skb);
119 }
120 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) {
121 dev_kfree_skb_any(skb);
122 }
123 rate_control_free_sta(sta->rate_ctrl, sta->rate_ctrl_priv);
124 rate_control_put(sta->rate_ctrl);
125 if (sta->key)
126 ieee80211_debugfs_key_sta_del(sta->key, sta);
127 kfree(sta);
128}
129
130
131void sta_info_put(struct sta_info *sta)
132{
133 kref_put(&sta->kref, sta_info_release);
134}
135EXPORT_SYMBOL(sta_info_put);
136
137
138struct sta_info * sta_info_add(struct ieee80211_local *local,
139 struct net_device *dev, u8 *addr, gfp_t gfp)
140{
141 struct sta_info *sta;
142
143 sta = kzalloc(sizeof(*sta), gfp);
144 if (!sta)
145 return NULL;
146
147 kref_init(&sta->kref);
148
149 sta->rate_ctrl = rate_control_get(local->rate_ctrl);
150 sta->rate_ctrl_priv = rate_control_alloc_sta(sta->rate_ctrl, gfp);
151 if (!sta->rate_ctrl_priv) {
152 rate_control_put(sta->rate_ctrl);
153 kref_put(&sta->kref, sta_info_release);
154 kfree(sta);
155 return NULL;
156 }
157
158 memcpy(sta->addr, addr, ETH_ALEN);
159 sta->local = local;
160 sta->dev = dev;
161 skb_queue_head_init(&sta->ps_tx_buf);
162 skb_queue_head_init(&sta->tx_filtered);
163 __sta_info_get(sta); /* sta used by caller, decremented by
164 * sta_info_put() */
165 spin_lock_bh(&local->sta_lock);
166 list_add(&sta->list, &local->sta_list);
167 local->num_sta++;
168 sta_info_hash_add(local, sta);
169 spin_unlock_bh(&local->sta_lock);
170 if (local->ops->sta_table_notification)
171 local->ops->sta_table_notification(local_to_hw(local),
172 local->num_sta);
173 sta->key_idx_compression = HW_KEY_IDX_INVALID;
174
175#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
176 printk(KERN_DEBUG "%s: Added STA " MAC_FMT "\n",
177 local->mdev->name, MAC_ARG(addr));
178#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
179
180#ifdef CONFIG_MAC80211_DEBUGFS
181 if (!in_interrupt()) {
182 sta->debugfs_registered = 1;
183 ieee80211_sta_debugfs_add(sta);
184 rate_control_add_sta_debugfs(sta);
185 } else {
186 /* debugfs entry adding might sleep, so schedule process
187 * context task for adding entry for STAs that do not yet
188 * have one. */
189 queue_work(local->hw.workqueue, &local->sta_debugfs_add);
190 }
191#endif
192
193 return sta;
194}
195
196static void finish_sta_info_free(struct ieee80211_local *local,
197 struct sta_info *sta)
198{
199#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
200 printk(KERN_DEBUG "%s: Removed STA " MAC_FMT "\n",
201 local->mdev->name, MAC_ARG(sta->addr));
202#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
203
204 if (sta->key) {
205 ieee80211_debugfs_key_remove(sta->key);
206 ieee80211_key_free(sta->key);
207 sta->key = NULL;
208 }
209
210 rate_control_remove_sta_debugfs(sta);
211 ieee80211_sta_debugfs_remove(sta);
212
213 sta_info_put(sta);
214}
215
216static void sta_info_remove(struct sta_info *sta)
217{
218 struct ieee80211_local *local = sta->local;
219 struct ieee80211_sub_if_data *sdata;
220
221 sta_info_hash_del(local, sta);
222 list_del(&sta->list);
223 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
224 if (sta->flags & WLAN_STA_PS) {
225 sta->flags &= ~WLAN_STA_PS;
226 if (sdata->bss)
227 atomic_dec(&sdata->bss->num_sta_ps);
228 }
229 local->num_sta--;
230 sta_info_remove_aid_ptr(sta);
231}
232
233void sta_info_free(struct sta_info *sta, int locked)
234{
235 struct sk_buff *skb;
236 struct ieee80211_local *local = sta->local;
237
238 if (!locked) {
239 spin_lock_bh(&local->sta_lock);
240 sta_info_remove(sta);
241 spin_unlock_bh(&local->sta_lock);
242 } else {
243 sta_info_remove(sta);
244 }
245 if (local->ops->sta_table_notification)
246 local->ops->sta_table_notification(local_to_hw(local),
247 local->num_sta);
248
249 while ((skb = skb_dequeue(&sta->ps_tx_buf)) != NULL) {
250 local->total_ps_buffered--;
251 dev_kfree_skb_any(skb);
252 }
253 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) {
254 dev_kfree_skb_any(skb);
255 }
256
257 if (sta->key) {
258 if (local->ops->set_key) {
259 struct ieee80211_key_conf *key;
260 key = ieee80211_key_data2conf(local, sta->key);
261 if (key) {
262 local->ops->set_key(local_to_hw(local),
263 DISABLE_KEY,
264 sta->addr, key, sta->aid);
265 kfree(key);
266 }
267 }
268 } else if (sta->key_idx_compression != HW_KEY_IDX_INVALID) {
269 struct ieee80211_key_conf conf;
270 memset(&conf, 0, sizeof(conf));
271 conf.hw_key_idx = sta->key_idx_compression;
272 conf.alg = ALG_NULL;
273 conf.flags |= IEEE80211_KEY_FORCE_SW_ENCRYPT;
274 local->ops->set_key(local_to_hw(local), DISABLE_KEY,
275 sta->addr, &conf, sta->aid);
276 sta->key_idx_compression = HW_KEY_IDX_INVALID;
277 }
278
279#ifdef CONFIG_MAC80211_DEBUGFS
280 if (in_atomic()) {
281 list_add(&sta->list, &local->deleted_sta_list);
282 queue_work(local->hw.workqueue, &local->sta_debugfs_add);
283 } else
284#endif
285 finish_sta_info_free(local, sta);
286}
287
288
289static inline int sta_info_buffer_expired(struct ieee80211_local *local,
290 struct sta_info *sta,
291 struct sk_buff *skb)
292{
293 struct ieee80211_tx_packet_data *pkt_data;
294 int timeout;
295
296 if (!skb)
297 return 0;
298
299 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb;
300
301 /* Timeout: (2 * listen_interval * beacon_int * 1024 / 1000000) sec */
302 timeout = (sta->listen_interval * local->hw.conf.beacon_int * 32 /
303 15625) * HZ;
304 if (timeout < STA_TX_BUFFER_EXPIRE)
305 timeout = STA_TX_BUFFER_EXPIRE;
306 return time_after(jiffies, pkt_data->jiffies + timeout);
307}
308
309
310static void sta_info_cleanup_expire_buffered(struct ieee80211_local *local,
311 struct sta_info *sta)
312{
313 unsigned long flags;
314 struct sk_buff *skb;
315
316 if (skb_queue_empty(&sta->ps_tx_buf))
317 return;
318
319 for (;;) {
320 spin_lock_irqsave(&sta->ps_tx_buf.lock, flags);
321 skb = skb_peek(&sta->ps_tx_buf);
322 if (sta_info_buffer_expired(local, sta, skb)) {
323 skb = __skb_dequeue(&sta->ps_tx_buf);
324 if (skb_queue_empty(&sta->ps_tx_buf))
325 sta->flags &= ~WLAN_STA_TIM;
326 } else
327 skb = NULL;
328 spin_unlock_irqrestore(&sta->ps_tx_buf.lock, flags);
329
330 if (skb) {
331 local->total_ps_buffered--;
332 printk(KERN_DEBUG "Buffered frame expired (STA "
333 MAC_FMT ")\n", MAC_ARG(sta->addr));
334 dev_kfree_skb(skb);
335 } else
336 break;
337 }
338}
339
340
341static void sta_info_cleanup(unsigned long data)
342{
343 struct ieee80211_local *local = (struct ieee80211_local *) data;
344 struct sta_info *sta;
345
346 spin_lock_bh(&local->sta_lock);
347 list_for_each_entry(sta, &local->sta_list, list) {
348 __sta_info_get(sta);
349 sta_info_cleanup_expire_buffered(local, sta);
350 sta_info_put(sta);
351 }
352 spin_unlock_bh(&local->sta_lock);
353
354 local->sta_cleanup.expires = jiffies + STA_INFO_CLEANUP_INTERVAL;
355 add_timer(&local->sta_cleanup);
356}
357
358#ifdef CONFIG_MAC80211_DEBUGFS
359static void sta_info_debugfs_add_task(struct work_struct *work)
360{
361 struct ieee80211_local *local =
362 container_of(work, struct ieee80211_local, sta_debugfs_add);
363 struct sta_info *sta, *tmp;
364
365 while (1) {
366 spin_lock_bh(&local->sta_lock);
367 if (!list_empty(&local->deleted_sta_list)) {
368 sta = list_entry(local->deleted_sta_list.next,
369 struct sta_info, list);
370 list_del(local->deleted_sta_list.next);
371 } else
372 sta = NULL;
373 spin_unlock_bh(&local->sta_lock);
374 if (!sta)
375 break;
376 finish_sta_info_free(local, sta);
377 }
378
379 while (1) {
380 sta = NULL;
381 spin_lock_bh(&local->sta_lock);
382 list_for_each_entry(tmp, &local->sta_list, list) {
383 if (!tmp->debugfs_registered) {
384 sta = tmp;
385 __sta_info_get(sta);
386 break;
387 }
388 }
389 spin_unlock_bh(&local->sta_lock);
390
391 if (!sta)
392 break;
393
394 sta->debugfs_registered = 1;
395 ieee80211_sta_debugfs_add(sta);
396 rate_control_add_sta_debugfs(sta);
397 sta_info_put(sta);
398 }
399}
400#endif
401
402void sta_info_init(struct ieee80211_local *local)
403{
404 spin_lock_init(&local->sta_lock);
405 INIT_LIST_HEAD(&local->sta_list);
406 INIT_LIST_HEAD(&local->deleted_sta_list);
407
408 init_timer(&local->sta_cleanup);
409 local->sta_cleanup.expires = jiffies + STA_INFO_CLEANUP_INTERVAL;
410 local->sta_cleanup.data = (unsigned long) local;
411 local->sta_cleanup.function = sta_info_cleanup;
412
413#ifdef CONFIG_MAC80211_DEBUGFS
414 INIT_WORK(&local->sta_debugfs_add, sta_info_debugfs_add_task);
415#endif
416}
417
418int sta_info_start(struct ieee80211_local *local)
419{
420 add_timer(&local->sta_cleanup);
421 return 0;
422}
423
424void sta_info_stop(struct ieee80211_local *local)
425{
426 struct sta_info *sta, *tmp;
427
428 del_timer(&local->sta_cleanup);
429
430 list_for_each_entry_safe(sta, tmp, &local->sta_list, list) {
431 /* sta_info_free must be called with 0 as the last
432 * parameter to ensure all debugfs sta entries are
433 * unregistered. We don't need locking at this
434 * point. */
435 sta_info_free(sta, 0);
436 }
437}
438
439void sta_info_remove_aid_ptr(struct sta_info *sta)
440{
441 struct ieee80211_sub_if_data *sdata;
442
443 if (sta->aid <= 0)
444 return;
445
446 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
447
448 if (sdata->local->ops->set_tim)
449 sdata->local->ops->set_tim(local_to_hw(sdata->local),
450 sta->aid, 0);
451 if (sdata->bss)
452 __bss_tim_clear(sdata->bss, sta->aid);
453}
454
455
456/**
457 * sta_info_flush - flush matching STA entries from the STA table
458 * @local: local interface data
459 * @dev: matching rule for the net device (sta->dev) or %NULL to match all STAs
460 */
461void sta_info_flush(struct ieee80211_local *local, struct net_device *dev)
462{
463 struct sta_info *sta, *tmp;
464
465 spin_lock_bh(&local->sta_lock);
466 list_for_each_entry_safe(sta, tmp, &local->sta_list, list)
467 if (!dev || dev == sta->dev)
468 sta_info_free(sta, 1);
469 spin_unlock_bh(&local->sta_lock);
470}
diff --git a/net/mac80211/sta_info.h b/net/mac80211/sta_info.h
new file mode 100644
index 000000000000..b5591d2f60a4
--- /dev/null
+++ b/net/mac80211/sta_info.h
@@ -0,0 +1,164 @@
1/*
2 * Copyright 2002-2005, Devicescape Software, Inc.
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 */
8
9#ifndef STA_INFO_H
10#define STA_INFO_H
11
12#include <linux/list.h>
13#include <linux/types.h>
14#include <linux/if_ether.h>
15#include <linux/kref.h>
16#include "ieee80211_key.h"
17
18/* Stations flags (struct sta_info::flags) */
19#define WLAN_STA_AUTH BIT(0)
20#define WLAN_STA_ASSOC BIT(1)
21#define WLAN_STA_PS BIT(2)
22#define WLAN_STA_TIM BIT(3) /* TIM bit is on for PS stations */
23#define WLAN_STA_PERM BIT(4) /* permanent; do not remove entry on expiration */
24#define WLAN_STA_AUTHORIZED BIT(5) /* If 802.1X is used, this flag is
25 * controlling whether STA is authorized to
26 * send and receive non-IEEE 802.1X frames
27 */
28#define WLAN_STA_SHORT_PREAMBLE BIT(7)
29#define WLAN_STA_WME BIT(9)
30#define WLAN_STA_WDS BIT(27)
31
32
33struct sta_info {
34 struct kref kref;
35 struct list_head list;
36 struct sta_info *hnext; /* next entry in hash table list */
37
38 struct ieee80211_local *local;
39
40 u8 addr[ETH_ALEN];
41 u16 aid; /* STA's unique AID (1..2007), 0 = not yet assigned */
42 u32 flags; /* WLAN_STA_ */
43
44 struct sk_buff_head ps_tx_buf; /* buffer of TX frames for station in
45 * power saving state */
46 int pspoll; /* whether STA has send a PS Poll frame */
47 struct sk_buff_head tx_filtered; /* buffer of TX frames that were
48 * already given to low-level driver,
49 * but were filtered */
50 int clear_dst_mask;
51
52 unsigned long rx_packets, tx_packets; /* number of RX/TX MSDUs */
53 unsigned long rx_bytes, tx_bytes;
54 unsigned long tx_retry_failed, tx_retry_count;
55 unsigned long tx_filtered_count;
56
57 unsigned int wep_weak_iv_count; /* number of RX frames with weak IV */
58
59 unsigned long last_rx;
60 u32 supp_rates; /* bitmap of supported rates in local->curr_rates */
61 int txrate; /* index in local->curr_rates */
62 int last_txrate; /* last rate used to send a frame to this STA */
63 int last_nonerp_idx;
64
65 struct net_device *dev; /* which net device is this station associated
66 * to */
67
68 struct ieee80211_key *key;
69
70 u32 tx_num_consecutive_failures;
71 u32 tx_num_mpdu_ok;
72 u32 tx_num_mpdu_fail;
73
74 struct rate_control_ref *rate_ctrl;
75 void *rate_ctrl_priv;
76
77 /* last received seq/frag number from this STA (per RX queue) */
78 __le16 last_seq_ctrl[NUM_RX_DATA_QUEUES];
79 unsigned long num_duplicates; /* number of duplicate frames received
80 * from this STA */
81 unsigned long tx_fragments; /* number of transmitted MPDUs */
82 unsigned long rx_fragments; /* number of received MPDUs */
83 unsigned long rx_dropped; /* number of dropped MPDUs from this STA */
84
85 int last_rssi; /* RSSI of last received frame from this STA */
86 int last_signal; /* signal of last received frame from this STA */
87 int last_noise; /* noise of last received frame from this STA */
88 int last_ack_rssi[3]; /* RSSI of last received ACKs from this STA */
89 unsigned long last_ack;
90 int channel_use;
91 int channel_use_raw;
92
93 u8 antenna_sel_tx;
94 u8 antenna_sel_rx;
95
96
97 int key_idx_compression; /* key table index for compression and TX
98 * filtering; used only if sta->key is not
99 * set */
100
101#ifdef CONFIG_MAC80211_DEBUGFS
102 int debugfs_registered;
103#endif
104 int assoc_ap; /* whether this is an AP that we are
105 * associated with as a client */
106
107#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
108 unsigned int wme_rx_queue[NUM_RX_DATA_QUEUES];
109 unsigned int wme_tx_queue[NUM_RX_DATA_QUEUES];
110#endif /* CONFIG_MAC80211_DEBUG_COUNTERS */
111
112 int vlan_id;
113
114 u16 listen_interval;
115
116#ifdef CONFIG_MAC80211_DEBUGFS
117 struct sta_info_debugfsdentries {
118 struct dentry *dir;
119 struct dentry *flags;
120 struct dentry *num_ps_buf_frames;
121 struct dentry *last_ack_rssi;
122 struct dentry *last_ack_ms;
123 struct dentry *inactive_ms;
124 struct dentry *last_seq_ctrl;
125#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
126 struct dentry *wme_rx_queue;
127 struct dentry *wme_tx_queue;
128#endif
129 } debugfs;
130#endif
131};
132
133
134/* Maximum number of concurrently registered stations */
135#define MAX_STA_COUNT 2007
136
137#define STA_HASH_SIZE 256
138#define STA_HASH(sta) (sta[5])
139
140
141/* Maximum number of frames to buffer per power saving station */
142#define STA_MAX_TX_BUFFER 128
143
144/* Minimum buffered frame expiry time. If STA uses listen interval that is
145 * smaller than this value, the minimum value here is used instead. */
146#define STA_TX_BUFFER_EXPIRE (10 * HZ)
147
148/* How often station data is cleaned up (e.g., expiration of buffered frames)
149 */
150#define STA_INFO_CLEANUP_INTERVAL (10 * HZ)
151
152struct sta_info * sta_info_get(struct ieee80211_local *local, u8 *addr);
153int sta_info_min_txrate_get(struct ieee80211_local *local);
154void sta_info_put(struct sta_info *sta);
155struct sta_info * sta_info_add(struct ieee80211_local *local,
156 struct net_device *dev, u8 *addr, gfp_t gfp);
157void sta_info_free(struct sta_info *sta, int locked);
158void sta_info_init(struct ieee80211_local *local);
159int sta_info_start(struct ieee80211_local *local);
160void sta_info_stop(struct ieee80211_local *local);
161void sta_info_remove_aid_ptr(struct sta_info *sta);
162void sta_info_flush(struct ieee80211_local *local, struct net_device *dev);
163
164#endif /* STA_INFO_H */
diff --git a/net/mac80211/tkip.c b/net/mac80211/tkip.c
new file mode 100644
index 000000000000..41621720e560
--- /dev/null
+++ b/net/mac80211/tkip.c
@@ -0,0 +1,341 @@
1/*
2 * Copyright 2002-2004, Instant802 Networks, Inc.
3 * Copyright 2005, Devicescape Software, Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <linux/kernel.h>
11#include <linux/types.h>
12#include <linux/netdevice.h>
13
14#include <net/mac80211.h>
15#include "ieee80211_key.h"
16#include "tkip.h"
17#include "wep.h"
18
19
20/* TKIP key mixing functions */
21
22
23#define PHASE1_LOOP_COUNT 8
24
25
26/* 2-byte by 2-byte subset of the full AES S-box table; second part of this
27 * table is identical to first part but byte-swapped */
28static const u16 tkip_sbox[256] =
29{
30 0xC6A5, 0xF884, 0xEE99, 0xF68D, 0xFF0D, 0xD6BD, 0xDEB1, 0x9154,
31 0x6050, 0x0203, 0xCEA9, 0x567D, 0xE719, 0xB562, 0x4DE6, 0xEC9A,
32 0x8F45, 0x1F9D, 0x8940, 0xFA87, 0xEF15, 0xB2EB, 0x8EC9, 0xFB0B,
33 0x41EC, 0xB367, 0x5FFD, 0x45EA, 0x23BF, 0x53F7, 0xE496, 0x9B5B,
34 0x75C2, 0xE11C, 0x3DAE, 0x4C6A, 0x6C5A, 0x7E41, 0xF502, 0x834F,
35 0x685C, 0x51F4, 0xD134, 0xF908, 0xE293, 0xAB73, 0x6253, 0x2A3F,
36 0x080C, 0x9552, 0x4665, 0x9D5E, 0x3028, 0x37A1, 0x0A0F, 0x2FB5,
37 0x0E09, 0x2436, 0x1B9B, 0xDF3D, 0xCD26, 0x4E69, 0x7FCD, 0xEA9F,
38 0x121B, 0x1D9E, 0x5874, 0x342E, 0x362D, 0xDCB2, 0xB4EE, 0x5BFB,
39 0xA4F6, 0x764D, 0xB761, 0x7DCE, 0x527B, 0xDD3E, 0x5E71, 0x1397,
40 0xA6F5, 0xB968, 0x0000, 0xC12C, 0x4060, 0xE31F, 0x79C8, 0xB6ED,
41 0xD4BE, 0x8D46, 0x67D9, 0x724B, 0x94DE, 0x98D4, 0xB0E8, 0x854A,
42 0xBB6B, 0xC52A, 0x4FE5, 0xED16, 0x86C5, 0x9AD7, 0x6655, 0x1194,
43 0x8ACF, 0xE910, 0x0406, 0xFE81, 0xA0F0, 0x7844, 0x25BA, 0x4BE3,
44 0xA2F3, 0x5DFE, 0x80C0, 0x058A, 0x3FAD, 0x21BC, 0x7048, 0xF104,
45 0x63DF, 0x77C1, 0xAF75, 0x4263, 0x2030, 0xE51A, 0xFD0E, 0xBF6D,
46 0x814C, 0x1814, 0x2635, 0xC32F, 0xBEE1, 0x35A2, 0x88CC, 0x2E39,
47 0x9357, 0x55F2, 0xFC82, 0x7A47, 0xC8AC, 0xBAE7, 0x322B, 0xE695,
48 0xC0A0, 0x1998, 0x9ED1, 0xA37F, 0x4466, 0x547E, 0x3BAB, 0x0B83,
49 0x8CCA, 0xC729, 0x6BD3, 0x283C, 0xA779, 0xBCE2, 0x161D, 0xAD76,
50 0xDB3B, 0x6456, 0x744E, 0x141E, 0x92DB, 0x0C0A, 0x486C, 0xB8E4,
51 0x9F5D, 0xBD6E, 0x43EF, 0xC4A6, 0x39A8, 0x31A4, 0xD337, 0xF28B,
52 0xD532, 0x8B43, 0x6E59, 0xDAB7, 0x018C, 0xB164, 0x9CD2, 0x49E0,
53 0xD8B4, 0xACFA, 0xF307, 0xCF25, 0xCAAF, 0xF48E, 0x47E9, 0x1018,
54 0x6FD5, 0xF088, 0x4A6F, 0x5C72, 0x3824, 0x57F1, 0x73C7, 0x9751,
55 0xCB23, 0xA17C, 0xE89C, 0x3E21, 0x96DD, 0x61DC, 0x0D86, 0x0F85,
56 0xE090, 0x7C42, 0x71C4, 0xCCAA, 0x90D8, 0x0605, 0xF701, 0x1C12,
57 0xC2A3, 0x6A5F, 0xAEF9, 0x69D0, 0x1791, 0x9958, 0x3A27, 0x27B9,
58 0xD938, 0xEB13, 0x2BB3, 0x2233, 0xD2BB, 0xA970, 0x0789, 0x33A7,
59 0x2DB6, 0x3C22, 0x1592, 0xC920, 0x8749, 0xAAFF, 0x5078, 0xA57A,
60 0x038F, 0x59F8, 0x0980, 0x1A17, 0x65DA, 0xD731, 0x84C6, 0xD0B8,
61 0x82C3, 0x29B0, 0x5A77, 0x1E11, 0x7BCB, 0xA8FC, 0x6DD6, 0x2C3A,
62};
63
64
65static inline u16 Mk16(u8 x, u8 y)
66{
67 return ((u16) x << 8) | (u16) y;
68}
69
70
71static inline u8 Hi8(u16 v)
72{
73 return v >> 8;
74}
75
76
77static inline u8 Lo8(u16 v)
78{
79 return v & 0xff;
80}
81
82
83static inline u16 Hi16(u32 v)
84{
85 return v >> 16;
86}
87
88
89static inline u16 Lo16(u32 v)
90{
91 return v & 0xffff;
92}
93
94
95static inline u16 RotR1(u16 v)
96{
97 return (v >> 1) | ((v & 0x0001) << 15);
98}
99
100
101static inline u16 tkip_S(u16 val)
102{
103 u16 a = tkip_sbox[Hi8(val)];
104
105 return tkip_sbox[Lo8(val)] ^ Hi8(a) ^ (Lo8(a) << 8);
106}
107
108
109
110/* P1K := Phase1(TA, TK, TSC)
111 * TA = transmitter address (48 bits)
112 * TK = dot11DefaultKeyValue or dot11KeyMappingValue (128 bits)
113 * TSC = TKIP sequence counter (48 bits, only 32 msb bits used)
114 * P1K: 80 bits
115 */
116static void tkip_mixing_phase1(const u8 *ta, const u8 *tk, u32 tsc_IV32,
117 u16 *p1k)
118{
119 int i, j;
120
121 p1k[0] = Lo16(tsc_IV32);
122 p1k[1] = Hi16(tsc_IV32);
123 p1k[2] = Mk16(ta[1], ta[0]);
124 p1k[3] = Mk16(ta[3], ta[2]);
125 p1k[4] = Mk16(ta[5], ta[4]);
126
127 for (i = 0; i < PHASE1_LOOP_COUNT; i++) {
128 j = 2 * (i & 1);
129 p1k[0] += tkip_S(p1k[4] ^ Mk16(tk[ 1 + j], tk[ 0 + j]));
130 p1k[1] += tkip_S(p1k[0] ^ Mk16(tk[ 5 + j], tk[ 4 + j]));
131 p1k[2] += tkip_S(p1k[1] ^ Mk16(tk[ 9 + j], tk[ 8 + j]));
132 p1k[3] += tkip_S(p1k[2] ^ Mk16(tk[13 + j], tk[12 + j]));
133 p1k[4] += tkip_S(p1k[3] ^ Mk16(tk[ 1 + j], tk[ 0 + j])) + i;
134 }
135}
136
137
138static void tkip_mixing_phase2(const u16 *p1k, const u8 *tk, u16 tsc_IV16,
139 u8 *rc4key)
140{
141 u16 ppk[6];
142 int i;
143
144 ppk[0] = p1k[0];
145 ppk[1] = p1k[1];
146 ppk[2] = p1k[2];
147 ppk[3] = p1k[3];
148 ppk[4] = p1k[4];
149 ppk[5] = p1k[4] + tsc_IV16;
150
151 ppk[0] += tkip_S(ppk[5] ^ Mk16(tk[ 1], tk[ 0]));
152 ppk[1] += tkip_S(ppk[0] ^ Mk16(tk[ 3], tk[ 2]));
153 ppk[2] += tkip_S(ppk[1] ^ Mk16(tk[ 5], tk[ 4]));
154 ppk[3] += tkip_S(ppk[2] ^ Mk16(tk[ 7], tk[ 6]));
155 ppk[4] += tkip_S(ppk[3] ^ Mk16(tk[ 9], tk[ 8]));
156 ppk[5] += tkip_S(ppk[4] ^ Mk16(tk[11], tk[10]));
157 ppk[0] += RotR1(ppk[5] ^ Mk16(tk[13], tk[12]));
158 ppk[1] += RotR1(ppk[0] ^ Mk16(tk[15], tk[14]));
159 ppk[2] += RotR1(ppk[1]);
160 ppk[3] += RotR1(ppk[2]);
161 ppk[4] += RotR1(ppk[3]);
162 ppk[5] += RotR1(ppk[4]);
163
164 rc4key[0] = Hi8(tsc_IV16);
165 rc4key[1] = (Hi8(tsc_IV16) | 0x20) & 0x7f;
166 rc4key[2] = Lo8(tsc_IV16);
167 rc4key[3] = Lo8((ppk[5] ^ Mk16(tk[1], tk[0])) >> 1);
168
169 for (i = 0; i < 6; i++) {
170 rc4key[4 + 2 * i] = Lo8(ppk[i]);
171 rc4key[5 + 2 * i] = Hi8(ppk[i]);
172 }
173}
174
175
176/* Add TKIP IV and Ext. IV at @pos. @iv0, @iv1, and @iv2 are the first octets
177 * of the IV. Returns pointer to the octet following IVs (i.e., beginning of
178 * the packet payload). */
179u8 * ieee80211_tkip_add_iv(u8 *pos, struct ieee80211_key *key,
180 u8 iv0, u8 iv1, u8 iv2)
181{
182 *pos++ = iv0;
183 *pos++ = iv1;
184 *pos++ = iv2;
185 *pos++ = (key->keyidx << 6) | (1 << 5) /* Ext IV */;
186 *pos++ = key->u.tkip.iv32 & 0xff;
187 *pos++ = (key->u.tkip.iv32 >> 8) & 0xff;
188 *pos++ = (key->u.tkip.iv32 >> 16) & 0xff;
189 *pos++ = (key->u.tkip.iv32 >> 24) & 0xff;
190 return pos;
191}
192
193
194void ieee80211_tkip_gen_phase1key(struct ieee80211_key *key, u8 *ta,
195 u16 *phase1key)
196{
197 tkip_mixing_phase1(ta, &key->key[ALG_TKIP_TEMP_ENCR_KEY],
198 key->u.tkip.iv32, phase1key);
199}
200
201void ieee80211_tkip_gen_rc4key(struct ieee80211_key *key, u8 *ta,
202 u8 *rc4key)
203{
204 /* Calculate per-packet key */
205 if (key->u.tkip.iv16 == 0 || !key->u.tkip.tx_initialized) {
206 /* IV16 wrapped around - perform TKIP phase 1 */
207 tkip_mixing_phase1(ta, &key->key[ALG_TKIP_TEMP_ENCR_KEY],
208 key->u.tkip.iv32, key->u.tkip.p1k);
209 key->u.tkip.tx_initialized = 1;
210 }
211
212 tkip_mixing_phase2(key->u.tkip.p1k, &key->key[ALG_TKIP_TEMP_ENCR_KEY],
213 key->u.tkip.iv16, rc4key);
214}
215
216/* Encrypt packet payload with TKIP using @key. @pos is a pointer to the
217 * beginning of the buffer containing payload. This payload must include
218 * headroom of eight octets for IV and Ext. IV and taildroom of four octets
219 * for ICV. @payload_len is the length of payload (_not_ including extra
220 * headroom and tailroom). @ta is the transmitter addresses. */
221void ieee80211_tkip_encrypt_data(struct crypto_blkcipher *tfm,
222 struct ieee80211_key *key,
223 u8 *pos, size_t payload_len, u8 *ta)
224{
225 u8 rc4key[16];
226
227 ieee80211_tkip_gen_rc4key(key, ta, rc4key);
228 pos = ieee80211_tkip_add_iv(pos, key, rc4key[0], rc4key[1], rc4key[2]);
229 ieee80211_wep_encrypt_data(tfm, rc4key, 16, pos, payload_len);
230}
231
232
233/* Decrypt packet payload with TKIP using @key. @pos is a pointer to the
234 * beginning of the buffer containing IEEE 802.11 header payload, i.e.,
235 * including IV, Ext. IV, real data, Michael MIC, ICV. @payload_len is the
236 * length of payload, including IV, Ext. IV, MIC, ICV. */
237int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
238 struct ieee80211_key *key,
239 u8 *payload, size_t payload_len, u8 *ta,
240 int only_iv, int queue)
241{
242 u32 iv32;
243 u32 iv16;
244 u8 rc4key[16], keyid, *pos = payload;
245 int res;
246
247 if (payload_len < 12)
248 return -1;
249
250 iv16 = (pos[0] << 8) | pos[2];
251 keyid = pos[3];
252 iv32 = pos[4] | (pos[5] << 8) | (pos[6] << 16) | (pos[7] << 24);
253 pos += 8;
254#ifdef CONFIG_TKIP_DEBUG
255 {
256 int i;
257 printk(KERN_DEBUG "TKIP decrypt: data(len=%zd)", payload_len);
258 for (i = 0; i < payload_len; i++)
259 printk(" %02x", payload[i]);
260 printk("\n");
261 printk(KERN_DEBUG "TKIP decrypt: iv16=%04x iv32=%08x\n",
262 iv16, iv32);
263 }
264#endif /* CONFIG_TKIP_DEBUG */
265
266 if (!(keyid & (1 << 5)))
267 return TKIP_DECRYPT_NO_EXT_IV;
268
269 if ((keyid >> 6) != key->keyidx)
270 return TKIP_DECRYPT_INVALID_KEYIDX;
271
272 if (key->u.tkip.rx_initialized[queue] &&
273 (iv32 < key->u.tkip.iv32_rx[queue] ||
274 (iv32 == key->u.tkip.iv32_rx[queue] &&
275 iv16 <= key->u.tkip.iv16_rx[queue]))) {
276#ifdef CONFIG_TKIP_DEBUG
277 printk(KERN_DEBUG "TKIP replay detected for RX frame from "
278 MAC_FMT " (RX IV (%04x,%02x) <= prev. IV (%04x,%02x)\n",
279 MAC_ARG(ta),
280 iv32, iv16, key->u.tkip.iv32_rx[queue],
281 key->u.tkip.iv16_rx[queue]);
282#endif /* CONFIG_TKIP_DEBUG */
283 return TKIP_DECRYPT_REPLAY;
284 }
285
286 if (only_iv) {
287 res = TKIP_DECRYPT_OK;
288 key->u.tkip.rx_initialized[queue] = 1;
289 goto done;
290 }
291
292 if (!key->u.tkip.rx_initialized[queue] ||
293 key->u.tkip.iv32_rx[queue] != iv32) {
294 key->u.tkip.rx_initialized[queue] = 1;
295 /* IV16 wrapped around - perform TKIP phase 1 */
296 tkip_mixing_phase1(ta, &key->key[ALG_TKIP_TEMP_ENCR_KEY],
297 iv32, key->u.tkip.p1k_rx[queue]);
298#ifdef CONFIG_TKIP_DEBUG
299 {
300 int i;
301 printk(KERN_DEBUG "TKIP decrypt: Phase1 TA=" MAC_FMT
302 " TK=", MAC_ARG(ta));
303 for (i = 0; i < 16; i++)
304 printk("%02x ",
305 key->key[ALG_TKIP_TEMP_ENCR_KEY + i]);
306 printk("\n");
307 printk(KERN_DEBUG "TKIP decrypt: P1K=");
308 for (i = 0; i < 5; i++)
309 printk("%04x ", key->u.tkip.p1k_rx[queue][i]);
310 printk("\n");
311 }
312#endif /* CONFIG_TKIP_DEBUG */
313 }
314
315 tkip_mixing_phase2(key->u.tkip.p1k_rx[queue],
316 &key->key[ALG_TKIP_TEMP_ENCR_KEY],
317 iv16, rc4key);
318#ifdef CONFIG_TKIP_DEBUG
319 {
320 int i;
321 printk(KERN_DEBUG "TKIP decrypt: Phase2 rc4key=");
322 for (i = 0; i < 16; i++)
323 printk("%02x ", rc4key[i]);
324 printk("\n");
325 }
326#endif /* CONFIG_TKIP_DEBUG */
327
328 res = ieee80211_wep_decrypt_data(tfm, rc4key, 16, pos, payload_len - 12);
329 done:
330 if (res == TKIP_DECRYPT_OK) {
331 /* FIX: these should be updated only after Michael MIC has been
332 * verified */
333 /* Record previously received IV */
334 key->u.tkip.iv32_rx[queue] = iv32;
335 key->u.tkip.iv16_rx[queue] = iv16;
336 }
337
338 return res;
339}
340
341
diff --git a/net/mac80211/tkip.h b/net/mac80211/tkip.h
new file mode 100644
index 000000000000..a0d181a18049
--- /dev/null
+++ b/net/mac80211/tkip.h
@@ -0,0 +1,36 @@
1/*
2 * Copyright 2002-2004, Instant802 Networks, Inc.
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 */
8
9#ifndef TKIP_H
10#define TKIP_H
11
12#include <linux/types.h>
13#include <linux/crypto.h>
14#include "ieee80211_key.h"
15
16u8 * ieee80211_tkip_add_iv(u8 *pos, struct ieee80211_key *key,
17 u8 iv0, u8 iv1, u8 iv2);
18void ieee80211_tkip_gen_phase1key(struct ieee80211_key *key, u8 *ta,
19 u16 *phase1key);
20void ieee80211_tkip_gen_rc4key(struct ieee80211_key *key, u8 *ta,
21 u8 *rc4key);
22void ieee80211_tkip_encrypt_data(struct crypto_blkcipher *tfm,
23 struct ieee80211_key *key,
24 u8 *pos, size_t payload_len, u8 *ta);
25enum {
26 TKIP_DECRYPT_OK = 0,
27 TKIP_DECRYPT_NO_EXT_IV = -1,
28 TKIP_DECRYPT_INVALID_KEYIDX = -2,
29 TKIP_DECRYPT_REPLAY = -3,
30};
31int ieee80211_tkip_decrypt_data(struct crypto_blkcipher *tfm,
32 struct ieee80211_key *key,
33 u8 *payload, size_t payload_len, u8 *ta,
34 int only_iv, int queue);
35
36#endif /* TKIP_H */
diff --git a/net/mac80211/wep.c b/net/mac80211/wep.c
new file mode 100644
index 000000000000..1ad3d75281cc
--- /dev/null
+++ b/net/mac80211/wep.c
@@ -0,0 +1,328 @@
1/*
2 * Software WEP encryption implementation
3 * Copyright 2002, Jouni Malinen <jkmaline@cc.hut.fi>
4 * Copyright 2003, Instant802 Networks, Inc.
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#include <linux/netdevice.h>
12#include <linux/types.h>
13#include <linux/random.h>
14#include <linux/compiler.h>
15#include <linux/crc32.h>
16#include <linux/crypto.h>
17#include <linux/err.h>
18#include <linux/mm.h>
19#include <asm/scatterlist.h>
20
21#include <net/mac80211.h>
22#include "ieee80211_i.h"
23#include "wep.h"
24
25
26int ieee80211_wep_init(struct ieee80211_local *local)
27{
28 /* start WEP IV from a random value */
29 get_random_bytes(&local->wep_iv, WEP_IV_LEN);
30
31 local->wep_tx_tfm = crypto_alloc_blkcipher("ecb(arc4)", 0,
32 CRYPTO_ALG_ASYNC);
33 if (IS_ERR(local->wep_tx_tfm))
34 return -ENOMEM;
35
36 local->wep_rx_tfm = crypto_alloc_blkcipher("ecb(arc4)", 0,
37 CRYPTO_ALG_ASYNC);
38 if (IS_ERR(local->wep_rx_tfm)) {
39 crypto_free_blkcipher(local->wep_tx_tfm);
40 return -ENOMEM;
41 }
42
43 return 0;
44}
45
46void ieee80211_wep_free(struct ieee80211_local *local)
47{
48 crypto_free_blkcipher(local->wep_tx_tfm);
49 crypto_free_blkcipher(local->wep_rx_tfm);
50}
51
52static inline int ieee80211_wep_weak_iv(u32 iv, int keylen)
53{
54 /* Fluhrer, Mantin, and Shamir have reported weaknesses in the
55 * key scheduling algorithm of RC4. At least IVs (KeyByte + 3,
56 * 0xff, N) can be used to speedup attacks, so avoid using them. */
57 if ((iv & 0xff00) == 0xff00) {
58 u8 B = (iv >> 16) & 0xff;
59 if (B >= 3 && B < 3 + keylen)
60 return 1;
61 }
62 return 0;
63}
64
65
66void ieee80211_wep_get_iv(struct ieee80211_local *local,
67 struct ieee80211_key *key, u8 *iv)
68{
69 local->wep_iv++;
70 if (ieee80211_wep_weak_iv(local->wep_iv, key->keylen))
71 local->wep_iv += 0x0100;
72
73 if (!iv)
74 return;
75
76 *iv++ = (local->wep_iv >> 16) & 0xff;
77 *iv++ = (local->wep_iv >> 8) & 0xff;
78 *iv++ = local->wep_iv & 0xff;
79 *iv++ = key->keyidx << 6;
80}
81
82
83u8 * ieee80211_wep_add_iv(struct ieee80211_local *local,
84 struct sk_buff *skb,
85 struct ieee80211_key *key)
86{
87 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
88 u16 fc;
89 int hdrlen;
90 u8 *newhdr;
91
92 fc = le16_to_cpu(hdr->frame_control);
93 fc |= IEEE80211_FCTL_PROTECTED;
94 hdr->frame_control = cpu_to_le16(fc);
95
96 if ((skb_headroom(skb) < WEP_IV_LEN ||
97 skb_tailroom(skb) < WEP_ICV_LEN)) {
98 I802_DEBUG_INC(local->tx_expand_skb_head);
99 if (unlikely(pskb_expand_head(skb, WEP_IV_LEN, WEP_ICV_LEN,
100 GFP_ATOMIC)))
101 return NULL;
102 }
103
104 hdrlen = ieee80211_get_hdrlen(fc);
105 newhdr = skb_push(skb, WEP_IV_LEN);
106 memmove(newhdr, newhdr + WEP_IV_LEN, hdrlen);
107 ieee80211_wep_get_iv(local, key, newhdr + hdrlen);
108 return newhdr + hdrlen;
109}
110
111
112void ieee80211_wep_remove_iv(struct ieee80211_local *local,
113 struct sk_buff *skb,
114 struct ieee80211_key *key)
115{
116 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
117 u16 fc;
118 int hdrlen;
119
120 fc = le16_to_cpu(hdr->frame_control);
121 hdrlen = ieee80211_get_hdrlen(fc);
122 memmove(skb->data + WEP_IV_LEN, skb->data, hdrlen);
123 skb_pull(skb, WEP_IV_LEN);
124}
125
126
127/* Perform WEP encryption using given key. data buffer must have tailroom
128 * for 4-byte ICV. data_len must not include this ICV. Note: this function
129 * does _not_ add IV. data = RC4(data | CRC32(data)) */
130void ieee80211_wep_encrypt_data(struct crypto_blkcipher *tfm, u8 *rc4key,
131 size_t klen, u8 *data, size_t data_len)
132{
133 struct blkcipher_desc desc = { .tfm = tfm };
134 struct scatterlist sg;
135 __le32 *icv;
136
137 icv = (__le32 *)(data + data_len);
138 *icv = cpu_to_le32(~crc32_le(~0, data, data_len));
139
140 crypto_blkcipher_setkey(tfm, rc4key, klen);
141 sg.page = virt_to_page(data);
142 sg.offset = offset_in_page(data);
143 sg.length = data_len + WEP_ICV_LEN;
144 crypto_blkcipher_encrypt(&desc, &sg, &sg, sg.length);
145}
146
147
148/* Perform WEP encryption on given skb. 4 bytes of extra space (IV) in the
149 * beginning of the buffer 4 bytes of extra space (ICV) in the end of the
150 * buffer will be added. Both IV and ICV will be transmitted, so the
151 * payload length increases with 8 bytes.
152 *
153 * WEP frame payload: IV + TX key idx, RC4(data), ICV = RC4(CRC32(data))
154 */
155int ieee80211_wep_encrypt(struct ieee80211_local *local, struct sk_buff *skb,
156 struct ieee80211_key *key)
157{
158 u32 klen;
159 u8 *rc4key, *iv;
160 size_t len;
161
162 if (!key || key->alg != ALG_WEP)
163 return -1;
164
165 klen = 3 + key->keylen;
166 rc4key = kmalloc(klen, GFP_ATOMIC);
167 if (!rc4key)
168 return -1;
169
170 iv = ieee80211_wep_add_iv(local, skb, key);
171 if (!iv) {
172 kfree(rc4key);
173 return -1;
174 }
175
176 len = skb->len - (iv + WEP_IV_LEN - skb->data);
177
178 /* Prepend 24-bit IV to RC4 key */
179 memcpy(rc4key, iv, 3);
180
181 /* Copy rest of the WEP key (the secret part) */
182 memcpy(rc4key + 3, key->key, key->keylen);
183
184 /* Add room for ICV */
185 skb_put(skb, WEP_ICV_LEN);
186
187 ieee80211_wep_encrypt_data(local->wep_tx_tfm, rc4key, klen,
188 iv + WEP_IV_LEN, len);
189
190 kfree(rc4key);
191
192 return 0;
193}
194
195
196/* Perform WEP decryption using given key. data buffer includes encrypted
197 * payload, including 4-byte ICV, but _not_ IV. data_len must not include ICV.
198 * Return 0 on success and -1 on ICV mismatch. */
199int ieee80211_wep_decrypt_data(struct crypto_blkcipher *tfm, u8 *rc4key,
200 size_t klen, u8 *data, size_t data_len)
201{
202 struct blkcipher_desc desc = { .tfm = tfm };
203 struct scatterlist sg;
204 __le32 crc;
205
206 crypto_blkcipher_setkey(tfm, rc4key, klen);
207 sg.page = virt_to_page(data);
208 sg.offset = offset_in_page(data);
209 sg.length = data_len + WEP_ICV_LEN;
210 crypto_blkcipher_decrypt(&desc, &sg, &sg, sg.length);
211
212 crc = cpu_to_le32(~crc32_le(~0, data, data_len));
213 if (memcmp(&crc, data + data_len, WEP_ICV_LEN) != 0)
214 /* ICV mismatch */
215 return -1;
216
217 return 0;
218}
219
220
221/* Perform WEP decryption on given skb. Buffer includes whole WEP part of
222 * the frame: IV (4 bytes), encrypted payload (including SNAP header),
223 * ICV (4 bytes). skb->len includes both IV and ICV.
224 *
225 * Returns 0 if frame was decrypted successfully and ICV was correct and -1 on
226 * failure. If frame is OK, IV and ICV will be removed, i.e., decrypted payload
227 * is moved to the beginning of the skb and skb length will be reduced.
228 */
229int ieee80211_wep_decrypt(struct ieee80211_local *local, struct sk_buff *skb,
230 struct ieee80211_key *key)
231{
232 u32 klen;
233 u8 *rc4key;
234 u8 keyidx;
235 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
236 u16 fc;
237 int hdrlen;
238 size_t len;
239 int ret = 0;
240
241 fc = le16_to_cpu(hdr->frame_control);
242 if (!(fc & IEEE80211_FCTL_PROTECTED))
243 return -1;
244
245 hdrlen = ieee80211_get_hdrlen(fc);
246
247 if (skb->len < 8 + hdrlen)
248 return -1;
249
250 len = skb->len - hdrlen - 8;
251
252 keyidx = skb->data[hdrlen + 3] >> 6;
253
254 if (!key || keyidx != key->keyidx || key->alg != ALG_WEP)
255 return -1;
256
257 klen = 3 + key->keylen;
258
259 rc4key = kmalloc(klen, GFP_ATOMIC);
260 if (!rc4key)
261 return -1;
262
263 /* Prepend 24-bit IV to RC4 key */
264 memcpy(rc4key, skb->data + hdrlen, 3);
265
266 /* Copy rest of the WEP key (the secret part) */
267 memcpy(rc4key + 3, key->key, key->keylen);
268
269 if (ieee80211_wep_decrypt_data(local->wep_rx_tfm, rc4key, klen,
270 skb->data + hdrlen + WEP_IV_LEN,
271 len)) {
272 printk(KERN_DEBUG "WEP decrypt failed (ICV)\n");
273 ret = -1;
274 }
275
276 kfree(rc4key);
277
278 /* Trim ICV */
279 skb_trim(skb, skb->len - WEP_ICV_LEN);
280
281 /* Remove IV */
282 memmove(skb->data + WEP_IV_LEN, skb->data, hdrlen);
283 skb_pull(skb, WEP_IV_LEN);
284
285 return ret;
286}
287
288
289int ieee80211_wep_get_keyidx(struct sk_buff *skb)
290{
291 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
292 u16 fc;
293 int hdrlen;
294
295 fc = le16_to_cpu(hdr->frame_control);
296 if (!(fc & IEEE80211_FCTL_PROTECTED))
297 return -1;
298
299 hdrlen = ieee80211_get_hdrlen(fc);
300
301 if (skb->len < 8 + hdrlen)
302 return -1;
303
304 return skb->data[hdrlen + 3] >> 6;
305}
306
307
308u8 * ieee80211_wep_is_weak_iv(struct sk_buff *skb, struct ieee80211_key *key)
309{
310 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
311 u16 fc;
312 int hdrlen;
313 u8 *ivpos;
314 u32 iv;
315
316 fc = le16_to_cpu(hdr->frame_control);
317 if (!(fc & IEEE80211_FCTL_PROTECTED))
318 return NULL;
319
320 hdrlen = ieee80211_get_hdrlen(fc);
321 ivpos = skb->data + hdrlen;
322 iv = (ivpos[0] << 16) | (ivpos[1] << 8) | ivpos[2];
323
324 if (ieee80211_wep_weak_iv(iv, key->keylen))
325 return ivpos;
326
327 return NULL;
328}
diff --git a/net/mac80211/wep.h b/net/mac80211/wep.h
new file mode 100644
index 000000000000..bfe29e8e10aa
--- /dev/null
+++ b/net/mac80211/wep.h
@@ -0,0 +1,40 @@
1/*
2 * Software WEP encryption implementation
3 * Copyright 2002, Jouni Malinen <jkmaline@cc.hut.fi>
4 * Copyright 2003, Instant802 Networks, Inc.
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#ifndef WEP_H
12#define WEP_H
13
14#include <linux/skbuff.h>
15#include <linux/types.h>
16#include "ieee80211_i.h"
17#include "ieee80211_key.h"
18
19int ieee80211_wep_init(struct ieee80211_local *local);
20void ieee80211_wep_free(struct ieee80211_local *local);
21void ieee80211_wep_get_iv(struct ieee80211_local *local,
22 struct ieee80211_key *key, u8 *iv);
23u8 * ieee80211_wep_add_iv(struct ieee80211_local *local,
24 struct sk_buff *skb,
25 struct ieee80211_key *key);
26void ieee80211_wep_remove_iv(struct ieee80211_local *local,
27 struct sk_buff *skb,
28 struct ieee80211_key *key);
29void ieee80211_wep_encrypt_data(struct crypto_blkcipher *tfm, u8 *rc4key,
30 size_t klen, u8 *data, size_t data_len);
31int ieee80211_wep_decrypt_data(struct crypto_blkcipher *tfm, u8 *rc4key,
32 size_t klen, u8 *data, size_t data_len);
33int ieee80211_wep_encrypt(struct ieee80211_local *local, struct sk_buff *skb,
34 struct ieee80211_key *key);
35int ieee80211_wep_decrypt(struct ieee80211_local *local, struct sk_buff *skb,
36 struct ieee80211_key *key);
37int ieee80211_wep_get_keyidx(struct sk_buff *skb);
38u8 * ieee80211_wep_is_weak_iv(struct sk_buff *skb, struct ieee80211_key *key);
39
40#endif /* WEP_H */
diff --git a/net/mac80211/wme.c b/net/mac80211/wme.c
new file mode 100644
index 000000000000..89ce81529694
--- /dev/null
+++ b/net/mac80211/wme.c
@@ -0,0 +1,678 @@
1/*
2 * Copyright 2004, Instant802 Networks, Inc.
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 */
8
9#include <linux/netdevice.h>
10#include <linux/skbuff.h>
11#include <linux/module.h>
12#include <linux/if_arp.h>
13#include <linux/types.h>
14#include <net/ip.h>
15#include <net/pkt_sched.h>
16
17#include <net/mac80211.h>
18#include "ieee80211_i.h"
19#include "wme.h"
20
21static inline int WLAN_FC_IS_QOS_DATA(u16 fc)
22{
23 return (fc & 0x8C) == 0x88;
24}
25
26
27ieee80211_txrx_result
28ieee80211_rx_h_parse_qos(struct ieee80211_txrx_data *rx)
29{
30 u8 *data = rx->skb->data;
31 int tid;
32
33 /* does the frame have a qos control field? */
34 if (WLAN_FC_IS_QOS_DATA(rx->fc)) {
35 u8 *qc = data + ieee80211_get_hdrlen(rx->fc) - QOS_CONTROL_LEN;
36 /* frame has qos control */
37 tid = qc[0] & QOS_CONTROL_TID_MASK;
38 } else {
39 if (unlikely((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT)) {
40 /* Separate TID for management frames */
41 tid = NUM_RX_DATA_QUEUES - 1;
42 } else {
43 /* no qos control present */
44 tid = 0; /* 802.1d - Best Effort */
45 }
46 }
47#ifdef CONFIG_MAC80211_DEBUG_COUNTERS
48 I802_DEBUG_INC(rx->local->wme_rx_queue[tid]);
49 if (rx->sta) {
50 I802_DEBUG_INC(rx->sta->wme_rx_queue[tid]);
51 }
52#endif /* CONFIG_MAC80211_DEBUG_COUNTERS */
53
54 rx->u.rx.queue = tid;
55 /* Set skb->priority to 1d tag if highest order bit of TID is not set.
56 * For now, set skb->priority to 0 for other cases. */
57 rx->skb->priority = (tid > 7) ? 0 : tid;
58
59 return TXRX_CONTINUE;
60}
61
62
63ieee80211_txrx_result
64ieee80211_rx_h_remove_qos_control(struct ieee80211_txrx_data *rx)
65{
66 u16 fc = rx->fc;
67 u8 *data = rx->skb->data;
68 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) data;
69
70 if (!WLAN_FC_IS_QOS_DATA(fc))
71 return TXRX_CONTINUE;
72
73 /* remove the qos control field, update frame type and meta-data */
74 memmove(data + 2, data, ieee80211_get_hdrlen(fc) - 2);
75 hdr = (struct ieee80211_hdr *) skb_pull(rx->skb, 2);
76 /* change frame type to non QOS */
77 rx->fc = fc &= ~IEEE80211_STYPE_QOS_DATA;
78 hdr->frame_control = cpu_to_le16(fc);
79
80 return TXRX_CONTINUE;
81}
82
83
84#ifdef CONFIG_NET_SCHED
85/* maximum number of hardware queues we support. */
86#define TC_80211_MAX_QUEUES 8
87
88struct ieee80211_sched_data
89{
90 struct tcf_proto *filter_list;
91 struct Qdisc *queues[TC_80211_MAX_QUEUES];
92 struct sk_buff_head requeued[TC_80211_MAX_QUEUES];
93};
94
95
96/* given a data frame determine the 802.1p/1d tag to use */
97static inline unsigned classify_1d(struct sk_buff *skb, struct Qdisc *qd)
98{
99 struct iphdr *ip;
100 int dscp;
101 int offset;
102
103 struct ieee80211_sched_data *q = qdisc_priv(qd);
104 struct tcf_result res = { -1, 0 };
105
106 /* if there is a user set filter list, call out to that */
107 if (q->filter_list) {
108 tc_classify(skb, q->filter_list, &res);
109 if (res.class != -1)
110 return res.class;
111 }
112
113 /* skb->priority values from 256->263 are magic values to
114 * directly indicate a specific 802.1d priority.
115 * This is used to allow 802.1d priority to be passed directly in
116 * from VLAN tags, etc. */
117 if (skb->priority >= 256 && skb->priority <= 263)
118 return skb->priority - 256;
119
120 /* check there is a valid IP header present */
121 offset = ieee80211_get_hdrlen_from_skb(skb) + 8 /* LLC + proto */;
122 if (skb->protocol != __constant_htons(ETH_P_IP) ||
123 skb->len < offset + sizeof(*ip))
124 return 0;
125
126 ip = (struct iphdr *) (skb->data + offset);
127
128 dscp = ip->tos & 0xfc;
129 if (dscp & 0x1c)
130 return 0;
131 return dscp >> 5;
132}
133
134
135static inline int wme_downgrade_ac(struct sk_buff *skb)
136{
137 switch (skb->priority) {
138 case 6:
139 case 7:
140 skb->priority = 5; /* VO -> VI */
141 return 0;
142 case 4:
143 case 5:
144 skb->priority = 3; /* VI -> BE */
145 return 0;
146 case 0:
147 case 3:
148 skb->priority = 2; /* BE -> BK */
149 return 0;
150 default:
151 return -1;
152 }
153}
154
155
156/* positive return value indicates which queue to use
157 * negative return value indicates to drop the frame */
158static inline int classify80211(struct sk_buff *skb, struct Qdisc *qd)
159{
160 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
161 struct ieee80211_tx_packet_data *pkt_data =
162 (struct ieee80211_tx_packet_data *) skb->cb;
163 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
164 unsigned short fc = le16_to_cpu(hdr->frame_control);
165 int qos;
166 const int ieee802_1d_to_ac[8] = { 2, 3, 3, 2, 1, 1, 0, 0 };
167
168 /* see if frame is data or non data frame */
169 if (unlikely((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)) {
170 /* management frames go on AC_VO queue, but are sent
171 * without QoS control fields */
172 return IEEE80211_TX_QUEUE_DATA0;
173 }
174
175 if (unlikely(pkt_data->mgmt_iface)) {
176 /* Data frames from hostapd (mainly, EAPOL) use AC_VO
177 * and they will include QoS control fields if
178 * the target STA is using WME. */
179 skb->priority = 7;
180 return ieee802_1d_to_ac[skb->priority];
181 }
182
183 /* is this a QoS frame? */
184 qos = fc & IEEE80211_STYPE_QOS_DATA;
185
186 if (!qos) {
187 skb->priority = 0; /* required for correct WPA/11i MIC */
188 return ieee802_1d_to_ac[skb->priority];
189 }
190
191 /* use the data classifier to determine what 802.1d tag the
192 * data frame has */
193 skb->priority = classify_1d(skb, qd);
194
195 /* incase we are a client verify acm is not set for this ac */
196 while (unlikely(local->wmm_acm & BIT(skb->priority))) {
197 if (wme_downgrade_ac(skb)) {
198 /* No AC with lower priority has acm=0,
199 * drop packet. */
200 return -1;
201 }
202 }
203
204 /* look up which queue to use for frames with this 1d tag */
205 return ieee802_1d_to_ac[skb->priority];
206}
207
208
209static int wme_qdiscop_enqueue(struct sk_buff *skb, struct Qdisc* qd)
210{
211 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
212 struct ieee80211_sched_data *q = qdisc_priv(qd);
213 struct ieee80211_tx_packet_data *pkt_data =
214 (struct ieee80211_tx_packet_data *) skb->cb;
215 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
216 unsigned short fc = le16_to_cpu(hdr->frame_control);
217 struct Qdisc *qdisc;
218 int err, queue;
219
220 if (pkt_data->requeue) {
221 skb_queue_tail(&q->requeued[pkt_data->queue], skb);
222 qd->q.qlen++;
223 return 0;
224 }
225
226 queue = classify80211(skb, qd);
227
228 /* now we know the 1d priority, fill in the QoS header if there is one
229 */
230 if (WLAN_FC_IS_QOS_DATA(fc)) {
231 u8 *p = skb->data + ieee80211_get_hdrlen(fc) - 2;
232 u8 qos_hdr = skb->priority & QOS_CONTROL_TAG1D_MASK;
233 if (local->wifi_wme_noack_test)
234 qos_hdr |= QOS_CONTROL_ACK_POLICY_NOACK <<
235 QOS_CONTROL_ACK_POLICY_SHIFT;
236 /* qos header is 2 bytes, second reserved */
237 *p = qos_hdr;
238 p++;
239 *p = 0;
240 }
241
242 if (unlikely(queue >= local->hw.queues)) {
243#if 0
244 if (net_ratelimit()) {
245 printk(KERN_DEBUG "%s - queue=%d (hw does not "
246 "support) -> %d\n",
247 __func__, queue, local->hw.queues - 1);
248 }
249#endif
250 queue = local->hw.queues - 1;
251 }
252
253 if (unlikely(queue < 0)) {
254 kfree_skb(skb);
255 err = NET_XMIT_DROP;
256 } else {
257 pkt_data->queue = (unsigned int) queue;
258 qdisc = q->queues[queue];
259 err = qdisc->enqueue(skb, qdisc);
260 if (err == NET_XMIT_SUCCESS) {
261 qd->q.qlen++;
262 qd->bstats.bytes += skb->len;
263 qd->bstats.packets++;
264 return NET_XMIT_SUCCESS;
265 }
266 }
267 qd->qstats.drops++;
268 return err;
269}
270
271
272/* TODO: clean up the cases where master_hard_start_xmit
273 * returns non 0 - it shouldn't ever do that. Once done we
274 * can remove this function */
275static int wme_qdiscop_requeue(struct sk_buff *skb, struct Qdisc* qd)
276{
277 struct ieee80211_sched_data *q = qdisc_priv(qd);
278 struct ieee80211_tx_packet_data *pkt_data =
279 (struct ieee80211_tx_packet_data *) skb->cb;
280 struct Qdisc *qdisc;
281 int err;
282
283 /* we recorded which queue to use earlier! */
284 qdisc = q->queues[pkt_data->queue];
285
286 if ((err = qdisc->ops->requeue(skb, qdisc)) == 0) {
287 qd->q.qlen++;
288 return 0;
289 }
290 qd->qstats.drops++;
291 return err;
292}
293
294
295static struct sk_buff *wme_qdiscop_dequeue(struct Qdisc* qd)
296{
297 struct ieee80211_sched_data *q = qdisc_priv(qd);
298 struct net_device *dev = qd->dev;
299 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
300 struct ieee80211_hw *hw = &local->hw;
301 struct sk_buff *skb;
302 struct Qdisc *qdisc;
303 int queue;
304
305 /* check all the h/w queues in numeric/priority order */
306 for (queue = 0; queue < hw->queues; queue++) {
307 /* see if there is room in this hardware queue */
308 if (test_bit(IEEE80211_LINK_STATE_XOFF,
309 &local->state[queue]) ||
310 test_bit(IEEE80211_LINK_STATE_PENDING,
311 &local->state[queue]))
312 continue;
313
314 /* there is space - try and get a frame */
315 skb = skb_dequeue(&q->requeued[queue]);
316 if (skb) {
317 qd->q.qlen--;
318 return skb;
319 }
320
321 qdisc = q->queues[queue];
322 skb = qdisc->dequeue(qdisc);
323 if (skb) {
324 qd->q.qlen--;
325 return skb;
326 }
327 }
328 /* returning a NULL here when all the h/w queues are full means we
329 * never need to call netif_stop_queue in the driver */
330 return NULL;
331}
332
333
334static void wme_qdiscop_reset(struct Qdisc* qd)
335{
336 struct ieee80211_sched_data *q = qdisc_priv(qd);
337 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
338 struct ieee80211_hw *hw = &local->hw;
339 int queue;
340
341 /* QUESTION: should we have some hardware flush functionality here? */
342
343 for (queue = 0; queue < hw->queues; queue++) {
344 skb_queue_purge(&q->requeued[queue]);
345 qdisc_reset(q->queues[queue]);
346 }
347 qd->q.qlen = 0;
348}
349
350
351static void wme_qdiscop_destroy(struct Qdisc* qd)
352{
353 struct ieee80211_sched_data *q = qdisc_priv(qd);
354 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
355 struct ieee80211_hw *hw = &local->hw;
356 int queue;
357
358 tcf_destroy_chain(q->filter_list);
359 q->filter_list = NULL;
360
361 for (queue=0; queue < hw->queues; queue++) {
362 skb_queue_purge(&q->requeued[queue]);
363 qdisc_destroy(q->queues[queue]);
364 q->queues[queue] = &noop_qdisc;
365 }
366}
367
368
369/* called whenever parameters are updated on existing qdisc */
370static int wme_qdiscop_tune(struct Qdisc *qd, struct rtattr *opt)
371{
372/* struct ieee80211_sched_data *q = qdisc_priv(qd);
373*/
374 /* check our options block is the right size */
375 /* copy any options to our local structure */
376/* Ignore options block for now - always use static mapping
377 struct tc_ieee80211_qopt *qopt = RTA_DATA(opt);
378
379 if (opt->rta_len < RTA_LENGTH(sizeof(*qopt)))
380 return -EINVAL;
381 memcpy(q->tag2queue, qopt->tag2queue, sizeof(qopt->tag2queue));
382*/
383 return 0;
384}
385
386
387/* called during initial creation of qdisc on device */
388static int wme_qdiscop_init(struct Qdisc *qd, struct rtattr *opt)
389{
390 struct ieee80211_sched_data *q = qdisc_priv(qd);
391 struct net_device *dev = qd->dev;
392 struct ieee80211_local *local;
393 int queues;
394 int err = 0, i;
395
396 /* check that device is a mac80211 device */
397 if (!dev->ieee80211_ptr ||
398 dev->ieee80211_ptr->wiphy->privid != mac80211_wiphy_privid)
399 return -EINVAL;
400
401 /* check this device is an ieee80211 master type device */
402 if (dev->type != ARPHRD_IEEE80211)
403 return -EINVAL;
404
405 /* check that there is no qdisc currently attached to device
406 * this ensures that we will be the root qdisc. (I can't find a better
407 * way to test this explicitly) */
408 if (dev->qdisc_sleeping != &noop_qdisc)
409 return -EINVAL;
410
411 if (qd->flags & TCQ_F_INGRESS)
412 return -EINVAL;
413
414 local = wdev_priv(dev->ieee80211_ptr);
415 queues = local->hw.queues;
416
417 /* if options were passed in, set them */
418 if (opt) {
419 err = wme_qdiscop_tune(qd, opt);
420 }
421
422 /* create child queues */
423 for (i = 0; i < queues; i++) {
424 skb_queue_head_init(&q->requeued[i]);
425 q->queues[i] = qdisc_create_dflt(qd->dev, &pfifo_qdisc_ops,
426 qd->handle);
427 if (q->queues[i] == 0) {
428 q->queues[i] = &noop_qdisc;
429 printk(KERN_ERR "%s child qdisc %i creation failed", dev->name, i);
430 }
431 }
432
433 return err;
434}
435
436static int wme_qdiscop_dump(struct Qdisc *qd, struct sk_buff *skb)
437{
438/* struct ieee80211_sched_data *q = qdisc_priv(qd);
439 unsigned char *p = skb->tail;
440 struct tc_ieee80211_qopt opt;
441
442 memcpy(&opt.tag2queue, q->tag2queue, TC_80211_MAX_TAG + 1);
443 RTA_PUT(skb, TCA_OPTIONS, sizeof(opt), &opt);
444*/ return skb->len;
445/*
446rtattr_failure:
447 skb_trim(skb, p - skb->data);*/
448 return -1;
449}
450
451
452static int wme_classop_graft(struct Qdisc *qd, unsigned long arg,
453 struct Qdisc *new, struct Qdisc **old)
454{
455 struct ieee80211_sched_data *q = qdisc_priv(qd);
456 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
457 struct ieee80211_hw *hw = &local->hw;
458 unsigned long queue = arg - 1;
459
460 if (queue >= hw->queues)
461 return -EINVAL;
462
463 if (!new)
464 new = &noop_qdisc;
465
466 sch_tree_lock(qd);
467 *old = q->queues[queue];
468 q->queues[queue] = new;
469 qdisc_reset(*old);
470 sch_tree_unlock(qd);
471
472 return 0;
473}
474
475
476static struct Qdisc *
477wme_classop_leaf(struct Qdisc *qd, unsigned long arg)
478{
479 struct ieee80211_sched_data *q = qdisc_priv(qd);
480 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
481 struct ieee80211_hw *hw = &local->hw;
482 unsigned long queue = arg - 1;
483
484 if (queue >= hw->queues)
485 return NULL;
486
487 return q->queues[queue];
488}
489
490
491static unsigned long wme_classop_get(struct Qdisc *qd, u32 classid)
492{
493 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
494 struct ieee80211_hw *hw = &local->hw;
495 unsigned long queue = TC_H_MIN(classid);
496
497 if (queue - 1 >= hw->queues)
498 return 0;
499
500 return queue;
501}
502
503
504static unsigned long wme_classop_bind(struct Qdisc *qd, unsigned long parent,
505 u32 classid)
506{
507 return wme_classop_get(qd, classid);
508}
509
510
511static void wme_classop_put(struct Qdisc *q, unsigned long cl)
512{
513}
514
515
516static int wme_classop_change(struct Qdisc *qd, u32 handle, u32 parent,
517 struct rtattr **tca, unsigned long *arg)
518{
519 unsigned long cl = *arg;
520 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
521 struct ieee80211_hw *hw = &local->hw;
522
523 if (cl - 1 > hw->queues)
524 return -ENOENT;
525
526 /* TODO: put code to program hardware queue parameters here,
527 * to allow programming from tc command line */
528
529 return 0;
530}
531
532
533/* we don't support deleting hardware queues
534 * when we add WMM-SA support - TSPECs may be deleted here */
535static int wme_classop_delete(struct Qdisc *qd, unsigned long cl)
536{
537 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
538 struct ieee80211_hw *hw = &local->hw;
539
540 if (cl - 1 > hw->queues)
541 return -ENOENT;
542 return 0;
543}
544
545
546static int wme_classop_dump_class(struct Qdisc *qd, unsigned long cl,
547 struct sk_buff *skb, struct tcmsg *tcm)
548{
549 struct ieee80211_sched_data *q = qdisc_priv(qd);
550 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
551 struct ieee80211_hw *hw = &local->hw;
552
553 if (cl - 1 > hw->queues)
554 return -ENOENT;
555 tcm->tcm_handle = TC_H_MIN(cl);
556 tcm->tcm_parent = qd->handle;
557 tcm->tcm_info = q->queues[cl-1]->handle; /* do we need this? */
558 return 0;
559}
560
561
562static void wme_classop_walk(struct Qdisc *qd, struct qdisc_walker *arg)
563{
564 struct ieee80211_local *local = wdev_priv(qd->dev->ieee80211_ptr);
565 struct ieee80211_hw *hw = &local->hw;
566 int queue;
567
568 if (arg->stop)
569 return;
570
571 for (queue = 0; queue < hw->queues; queue++) {
572 if (arg->count < arg->skip) {
573 arg->count++;
574 continue;
575 }
576 /* we should return classids for our internal queues here
577 * as well as the external ones */
578 if (arg->fn(qd, queue+1, arg) < 0) {
579 arg->stop = 1;
580 break;
581 }
582 arg->count++;
583 }
584}
585
586
587static struct tcf_proto ** wme_classop_find_tcf(struct Qdisc *qd,
588 unsigned long cl)
589{
590 struct ieee80211_sched_data *q = qdisc_priv(qd);
591
592 if (cl)
593 return NULL;
594
595 return &q->filter_list;
596}
597
598
599/* this qdisc is classful (i.e. has classes, some of which may have leaf qdiscs attached)
600 * - these are the operations on the classes */
601static struct Qdisc_class_ops class_ops =
602{
603 .graft = wme_classop_graft,
604 .leaf = wme_classop_leaf,
605
606 .get = wme_classop_get,
607 .put = wme_classop_put,
608 .change = wme_classop_change,
609 .delete = wme_classop_delete,
610 .walk = wme_classop_walk,
611
612 .tcf_chain = wme_classop_find_tcf,
613 .bind_tcf = wme_classop_bind,
614 .unbind_tcf = wme_classop_put,
615
616 .dump = wme_classop_dump_class,
617};
618
619
620/* queueing discipline operations */
621static struct Qdisc_ops wme_qdisc_ops =
622{
623 .next = NULL,
624 .cl_ops = &class_ops,
625 .id = "ieee80211",
626 .priv_size = sizeof(struct ieee80211_sched_data),
627
628 .enqueue = wme_qdiscop_enqueue,
629 .dequeue = wme_qdiscop_dequeue,
630 .requeue = wme_qdiscop_requeue,
631 .drop = NULL, /* drop not needed since we are always the root qdisc */
632
633 .init = wme_qdiscop_init,
634 .reset = wme_qdiscop_reset,
635 .destroy = wme_qdiscop_destroy,
636 .change = wme_qdiscop_tune,
637
638 .dump = wme_qdiscop_dump,
639};
640
641
642void ieee80211_install_qdisc(struct net_device *dev)
643{
644 struct Qdisc *qdisc;
645
646 qdisc = qdisc_create_dflt(dev, &wme_qdisc_ops, TC_H_ROOT);
647 if (!qdisc) {
648 printk(KERN_ERR "%s: qdisc installation failed\n", dev->name);
649 return;
650 }
651
652 /* same handle as would be allocated by qdisc_alloc_handle() */
653 qdisc->handle = 0x80010000;
654
655 qdisc_lock_tree(dev);
656 list_add_tail(&qdisc->list, &dev->qdisc_list);
657 dev->qdisc_sleeping = qdisc;
658 qdisc_unlock_tree(dev);
659}
660
661
662int ieee80211_qdisc_installed(struct net_device *dev)
663{
664 return dev->qdisc_sleeping->ops == &wme_qdisc_ops;
665}
666
667
668int ieee80211_wme_register(void)
669{
670 return register_qdisc(&wme_qdisc_ops);
671}
672
673
674void ieee80211_wme_unregister(void)
675{
676 unregister_qdisc(&wme_qdisc_ops);
677}
678#endif /* CONFIG_NET_SCHED */
diff --git a/net/mac80211/wme.h b/net/mac80211/wme.h
new file mode 100644
index 000000000000..f0bff10f0e08
--- /dev/null
+++ b/net/mac80211/wme.h
@@ -0,0 +1,57 @@
1/*
2 * IEEE 802.11 driver (80211.o) - QoS datatypes
3 * Copyright 2004, Instant802 Networks, Inc.
4 * Copyright 2005, Devicescape Software, Inc.
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#ifndef _WME_H
12#define _WME_H
13
14#include <linux/netdevice.h>
15#include "ieee80211_i.h"
16
17#define QOS_CONTROL_LEN 2
18
19#define QOS_CONTROL_ACK_POLICY_NORMAL 0
20#define QOS_CONTROL_ACK_POLICY_NOACK 1
21
22#define QOS_CONTROL_TID_MASK 0x0f
23#define QOS_CONTROL_ACK_POLICY_SHIFT 5
24
25#define QOS_CONTROL_TAG1D_MASK 0x07
26
27ieee80211_txrx_result
28ieee80211_rx_h_parse_qos(struct ieee80211_txrx_data *rx);
29
30ieee80211_txrx_result
31ieee80211_rx_h_remove_qos_control(struct ieee80211_txrx_data *rx);
32
33#ifdef CONFIG_NET_SCHED
34void ieee80211_install_qdisc(struct net_device *dev);
35int ieee80211_qdisc_installed(struct net_device *dev);
36
37int ieee80211_wme_register(void);
38void ieee80211_wme_unregister(void);
39#else
40static inline void ieee80211_install_qdisc(struct net_device *dev)
41{
42}
43static inline int ieee80211_qdisc_installed(struct net_device *dev)
44{
45 return 0;
46}
47
48static inline int ieee80211_wme_register(void)
49{
50 return 0;
51}
52static inline void ieee80211_wme_unregister(void)
53{
54}
55#endif /* CONFIG_NET_SCHED */
56
57#endif /* _WME_H */
diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c
new file mode 100644
index 000000000000..783af32c6911
--- /dev/null
+++ b/net/mac80211/wpa.c
@@ -0,0 +1,660 @@
1/*
2 * Copyright 2002-2004, Instant802 Networks, Inc.
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 */
8
9#include <linux/netdevice.h>
10#include <linux/types.h>
11#include <linux/slab.h>
12#include <linux/skbuff.h>
13#include <linux/compiler.h>
14#include <net/iw_handler.h>
15
16#include <net/mac80211.h>
17#include "ieee80211_common.h"
18#include "ieee80211_i.h"
19#include "michael.h"
20#include "tkip.h"
21#include "aes_ccm.h"
22#include "wpa.h"
23
24static int ieee80211_get_hdr_info(const struct sk_buff *skb, u8 **sa, u8 **da,
25 u8 *qos_tid, u8 **data, size_t *data_len)
26{
27 struct ieee80211_hdr *hdr;
28 size_t hdrlen;
29 u16 fc;
30 int a4_included;
31 u8 *pos;
32
33 hdr = (struct ieee80211_hdr *) skb->data;
34 fc = le16_to_cpu(hdr->frame_control);
35
36 hdrlen = 24;
37 if ((fc & (IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS)) ==
38 (IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS)) {
39 hdrlen += ETH_ALEN;
40 *sa = hdr->addr4;
41 *da = hdr->addr3;
42 } else if (fc & IEEE80211_FCTL_FROMDS) {
43 *sa = hdr->addr3;
44 *da = hdr->addr1;
45 } else if (fc & IEEE80211_FCTL_TODS) {
46 *sa = hdr->addr2;
47 *da = hdr->addr3;
48 } else {
49 *sa = hdr->addr2;
50 *da = hdr->addr1;
51 }
52
53 if (fc & 0x80)
54 hdrlen += 2;
55
56 *data = skb->data + hdrlen;
57 *data_len = skb->len - hdrlen;
58
59 a4_included = (fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) ==
60 (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS);
61 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
62 fc & IEEE80211_STYPE_QOS_DATA) {
63 pos = (u8 *) &hdr->addr4;
64 if (a4_included)
65 pos += 6;
66 *qos_tid = pos[0] & 0x0f;
67 *qos_tid |= 0x80; /* qos_included flag */
68 } else
69 *qos_tid = 0;
70
71 return skb->len < hdrlen ? -1 : 0;
72}
73
74
75ieee80211_txrx_result
76ieee80211_tx_h_michael_mic_add(struct ieee80211_txrx_data *tx)
77{
78 u8 *data, *sa, *da, *key, *mic, qos_tid;
79 size_t data_len;
80 u16 fc;
81 struct sk_buff *skb = tx->skb;
82 int authenticator;
83 int wpa_test = 0;
84
85 fc = tx->fc;
86
87 if (!tx->key || tx->key->alg != ALG_TKIP || skb->len < 24 ||
88 !WLAN_FC_DATA_PRESENT(fc))
89 return TXRX_CONTINUE;
90
91 if (ieee80211_get_hdr_info(skb, &sa, &da, &qos_tid, &data, &data_len))
92 return TXRX_DROP;
93
94 if (!tx->key->force_sw_encrypt &&
95 !tx->fragmented &&
96 !(tx->local->hw.flags & IEEE80211_HW_TKIP_INCLUDE_MMIC) &&
97 !wpa_test) {
98 /* hwaccel - with no need for preallocated room for Michael MIC
99 */
100 return TXRX_CONTINUE;
101 }
102
103 if (skb_tailroom(skb) < MICHAEL_MIC_LEN) {
104 I802_DEBUG_INC(tx->local->tx_expand_skb_head);
105 if (unlikely(pskb_expand_head(skb, TKIP_IV_LEN,
106 MICHAEL_MIC_LEN + TKIP_ICV_LEN,
107 GFP_ATOMIC))) {
108 printk(KERN_DEBUG "%s: failed to allocate more memory "
109 "for Michael MIC\n", tx->dev->name);
110 return TXRX_DROP;
111 }
112 }
113
114#if 0
115 authenticator = fc & IEEE80211_FCTL_FROMDS; /* FIX */
116#else
117 authenticator = 1;
118#endif
119 key = &tx->key->key[authenticator ? ALG_TKIP_TEMP_AUTH_TX_MIC_KEY :
120 ALG_TKIP_TEMP_AUTH_RX_MIC_KEY];
121 mic = skb_put(skb, MICHAEL_MIC_LEN);
122 michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic);
123
124 return TXRX_CONTINUE;
125}
126
127
128ieee80211_txrx_result
129ieee80211_rx_h_michael_mic_verify(struct ieee80211_txrx_data *rx)
130{
131 u8 *data, *sa, *da, *key = NULL, qos_tid;
132 size_t data_len;
133 u16 fc;
134 u8 mic[MICHAEL_MIC_LEN];
135 struct sk_buff *skb = rx->skb;
136 int authenticator = 1, wpa_test = 0;
137
138 fc = rx->fc;
139
140 /* If device handles decryption totally, skip this check */
141 if ((rx->local->hw.flags & IEEE80211_HW_DEVICE_HIDES_WEP) ||
142 (rx->local->hw.flags & IEEE80211_HW_DEVICE_STRIPS_MIC))
143 return TXRX_CONTINUE;
144
145 if (!rx->key || rx->key->alg != ALG_TKIP ||
146 !(rx->fc & IEEE80211_FCTL_PROTECTED) || !WLAN_FC_DATA_PRESENT(fc))
147 return TXRX_CONTINUE;
148
149 if ((rx->u.rx.status->flag & RX_FLAG_DECRYPTED) &&
150 !rx->key->force_sw_encrypt) {
151 if (rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) {
152 if (skb->len < MICHAEL_MIC_LEN)
153 return TXRX_DROP;
154 }
155 /* Need to verify Michael MIC sometimes in software even when
156 * hwaccel is used. Atheros ar5212: fragmented frames and QoS
157 * frames. */
158 if (!rx->fragmented && !wpa_test)
159 goto remove_mic;
160 }
161
162 if (ieee80211_get_hdr_info(skb, &sa, &da, &qos_tid, &data, &data_len)
163 || data_len < MICHAEL_MIC_LEN)
164 return TXRX_DROP;
165
166 data_len -= MICHAEL_MIC_LEN;
167
168#if 0
169 authenticator = fc & IEEE80211_FCTL_TODS; /* FIX */
170#else
171 authenticator = 1;
172#endif
173 key = &rx->key->key[authenticator ? ALG_TKIP_TEMP_AUTH_RX_MIC_KEY :
174 ALG_TKIP_TEMP_AUTH_TX_MIC_KEY];
175 michael_mic(key, da, sa, qos_tid & 0x0f, data, data_len, mic);
176 if (memcmp(mic, data + data_len, MICHAEL_MIC_LEN) != 0 || wpa_test) {
177 if (!rx->u.rx.ra_match)
178 return TXRX_DROP;
179
180 printk(KERN_DEBUG "%s: invalid Michael MIC in data frame from "
181 MAC_FMT "\n", rx->dev->name, MAC_ARG(sa));
182
183 do {
184 struct ieee80211_hdr *hdr;
185 union iwreq_data wrqu;
186 char *buf = kmalloc(128, GFP_ATOMIC);
187 if (!buf)
188 break;
189
190 /* TODO: needed parameters: count, key type, TSC */
191 hdr = (struct ieee80211_hdr *) skb->data;
192 sprintf(buf, "MLME-MICHAELMICFAILURE.indication("
193 "keyid=%d %scast addr=" MAC_FMT ")",
194 rx->key->keyidx,
195 hdr->addr1[0] & 0x01 ? "broad" : "uni",
196 MAC_ARG(hdr->addr2));
197 memset(&wrqu, 0, sizeof(wrqu));
198 wrqu.data.length = strlen(buf);
199 wireless_send_event(rx->dev, IWEVCUSTOM, &wrqu, buf);
200 kfree(buf);
201 } while (0);
202
203 if (!rx->local->apdev)
204 return TXRX_DROP;
205
206 ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status,
207 ieee80211_msg_michael_mic_failure);
208
209 return TXRX_QUEUED;
210 }
211
212 remove_mic:
213 /* remove Michael MIC from payload */
214 skb_trim(skb, skb->len - MICHAEL_MIC_LEN);
215
216 return TXRX_CONTINUE;
217}
218
219
220static int tkip_encrypt_skb(struct ieee80211_txrx_data *tx,
221 struct sk_buff *skb, int test)
222{
223 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
224 struct ieee80211_key *key = tx->key;
225 int hdrlen, len, tailneed;
226 u16 fc;
227 u8 *pos;
228
229 fc = le16_to_cpu(hdr->frame_control);
230 hdrlen = ieee80211_get_hdrlen(fc);
231 len = skb->len - hdrlen;
232
233 tailneed = !tx->key->force_sw_encrypt ? 0 : TKIP_ICV_LEN;
234 if ((skb_headroom(skb) < TKIP_IV_LEN ||
235 skb_tailroom(skb) < tailneed)) {
236 I802_DEBUG_INC(tx->local->tx_expand_skb_head);
237 if (unlikely(pskb_expand_head(skb, TKIP_IV_LEN, tailneed,
238 GFP_ATOMIC)))
239 return -1;
240 }
241
242 pos = skb_push(skb, TKIP_IV_LEN);
243 memmove(pos, pos + TKIP_IV_LEN, hdrlen);
244 pos += hdrlen;
245
246 /* Increase IV for the frame */
247 key->u.tkip.iv16++;
248 if (key->u.tkip.iv16 == 0)
249 key->u.tkip.iv32++;
250
251 if (!tx->key->force_sw_encrypt) {
252 u32 flags = tx->local->hw.flags;
253 hdr = (struct ieee80211_hdr *)skb->data;
254
255 /* hwaccel - with preallocated room for IV */
256 ieee80211_tkip_add_iv(pos, key,
257 (u8) (key->u.tkip.iv16 >> 8),
258 (u8) (((key->u.tkip.iv16 >> 8) | 0x20) &
259 0x7f),
260 (u8) key->u.tkip.iv16);
261
262 if (flags & IEEE80211_HW_TKIP_REQ_PHASE2_KEY)
263 ieee80211_tkip_gen_rc4key(key, hdr->addr2,
264 tx->u.tx.control->tkip_key);
265 else if (flags & IEEE80211_HW_TKIP_REQ_PHASE1_KEY) {
266 if (key->u.tkip.iv16 == 0 ||
267 !key->u.tkip.tx_initialized) {
268 ieee80211_tkip_gen_phase1key(key, hdr->addr2,
269 (u16 *)tx->u.tx.control->tkip_key);
270 key->u.tkip.tx_initialized = 1;
271 tx->u.tx.control->flags |=
272 IEEE80211_TXCTL_TKIP_NEW_PHASE1_KEY;
273 } else
274 tx->u.tx.control->flags &=
275 ~IEEE80211_TXCTL_TKIP_NEW_PHASE1_KEY;
276 }
277
278 tx->u.tx.control->key_idx = tx->key->hw_key_idx;
279 return 0;
280 }
281
282 /* Add room for ICV */
283 skb_put(skb, TKIP_ICV_LEN);
284
285 hdr = (struct ieee80211_hdr *) skb->data;
286 ieee80211_tkip_encrypt_data(tx->local->wep_tx_tfm,
287 key, pos, len, hdr->addr2);
288 return 0;
289}
290
291
292ieee80211_txrx_result
293ieee80211_tx_h_tkip_encrypt(struct ieee80211_txrx_data *tx)
294{
295 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
296 u16 fc;
297 struct ieee80211_key *key = tx->key;
298 struct sk_buff *skb = tx->skb;
299 int wpa_test = 0, test = 0;
300
301 fc = le16_to_cpu(hdr->frame_control);
302
303 if (!key || key->alg != ALG_TKIP || !WLAN_FC_DATA_PRESENT(fc))
304 return TXRX_CONTINUE;
305
306 tx->u.tx.control->icv_len = TKIP_ICV_LEN;
307 tx->u.tx.control->iv_len = TKIP_IV_LEN;
308 ieee80211_tx_set_iswep(tx);
309
310 if (!tx->key->force_sw_encrypt &&
311 !(tx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) &&
312 !wpa_test) {
313 /* hwaccel - with no need for preallocated room for IV/ICV */
314 tx->u.tx.control->key_idx = tx->key->hw_key_idx;
315 return TXRX_CONTINUE;
316 }
317
318 if (tkip_encrypt_skb(tx, skb, test) < 0)
319 return TXRX_DROP;
320
321 if (tx->u.tx.extra_frag) {
322 int i;
323 for (i = 0; i < tx->u.tx.num_extra_frag; i++) {
324 if (tkip_encrypt_skb(tx, tx->u.tx.extra_frag[i], test)
325 < 0)
326 return TXRX_DROP;
327 }
328 }
329
330 return TXRX_CONTINUE;
331}
332
333
334ieee80211_txrx_result
335ieee80211_rx_h_tkip_decrypt(struct ieee80211_txrx_data *rx)
336{
337 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
338 u16 fc;
339 int hdrlen, res, hwaccel = 0, wpa_test = 0;
340 struct ieee80211_key *key = rx->key;
341 struct sk_buff *skb = rx->skb;
342
343 fc = le16_to_cpu(hdr->frame_control);
344 hdrlen = ieee80211_get_hdrlen(fc);
345
346 if (!rx->key || rx->key->alg != ALG_TKIP ||
347 !(rx->fc & IEEE80211_FCTL_PROTECTED) ||
348 (rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)
349 return TXRX_CONTINUE;
350
351 if (!rx->sta || skb->len - hdrlen < 12)
352 return TXRX_DROP;
353
354 if ((rx->u.rx.status->flag & RX_FLAG_DECRYPTED) &&
355 !rx->key->force_sw_encrypt) {
356 if (!(rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV)) {
357 /* Hardware takes care of all processing, including
358 * replay protection, so no need to continue here. */
359 return TXRX_CONTINUE;
360 }
361
362 /* let TKIP code verify IV, but skip decryption */
363 hwaccel = 1;
364 }
365
366 res = ieee80211_tkip_decrypt_data(rx->local->wep_rx_tfm,
367 key, skb->data + hdrlen,
368 skb->len - hdrlen, rx->sta->addr,
369 hwaccel, rx->u.rx.queue);
370 if (res != TKIP_DECRYPT_OK || wpa_test) {
371 printk(KERN_DEBUG "%s: TKIP decrypt failed for RX frame from "
372 MAC_FMT " (res=%d)\n",
373 rx->dev->name, MAC_ARG(rx->sta->addr), res);
374 return TXRX_DROP;
375 }
376
377 /* Trim ICV */
378 skb_trim(skb, skb->len - TKIP_ICV_LEN);
379
380 /* Remove IV */
381 memmove(skb->data + TKIP_IV_LEN, skb->data, hdrlen);
382 skb_pull(skb, TKIP_IV_LEN);
383
384 return TXRX_CONTINUE;
385}
386
387
388static void ccmp_special_blocks(struct sk_buff *skb, u8 *pn, u8 *b_0, u8 *aad,
389 int encrypted)
390{
391 u16 fc;
392 int a4_included, qos_included;
393 u8 qos_tid, *fc_pos, *data, *sa, *da;
394 int len_a;
395 size_t data_len;
396 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
397
398 fc_pos = (u8 *) &hdr->frame_control;
399 fc = fc_pos[0] ^ (fc_pos[1] << 8);
400 a4_included = (fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) ==
401 (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS);
402
403 ieee80211_get_hdr_info(skb, &sa, &da, &qos_tid, &data, &data_len);
404 data_len -= CCMP_HDR_LEN + (encrypted ? CCMP_MIC_LEN : 0);
405 if (qos_tid & 0x80) {
406 qos_included = 1;
407 qos_tid &= 0x0f;
408 } else
409 qos_included = 0;
410 /* First block, b_0 */
411
412 b_0[0] = 0x59; /* flags: Adata: 1, M: 011, L: 001 */
413 /* Nonce: QoS Priority | A2 | PN */
414 b_0[1] = qos_tid;
415 memcpy(&b_0[2], hdr->addr2, 6);
416 memcpy(&b_0[8], pn, CCMP_PN_LEN);
417 /* l(m) */
418 b_0[14] = (data_len >> 8) & 0xff;
419 b_0[15] = data_len & 0xff;
420
421
422 /* AAD (extra authenticate-only data) / masked 802.11 header
423 * FC | A1 | A2 | A3 | SC | [A4] | [QC] */
424
425 len_a = a4_included ? 28 : 22;
426 if (qos_included)
427 len_a += 2;
428
429 aad[0] = 0; /* (len_a >> 8) & 0xff; */
430 aad[1] = len_a & 0xff;
431 /* Mask FC: zero subtype b4 b5 b6 */
432 aad[2] = fc_pos[0] & ~(BIT(4) | BIT(5) | BIT(6));
433 /* Retry, PwrMgt, MoreData; set Protected */
434 aad[3] = (fc_pos[1] & ~(BIT(3) | BIT(4) | BIT(5))) | BIT(6);
435 memcpy(&aad[4], &hdr->addr1, 18);
436
437 /* Mask Seq#, leave Frag# */
438 aad[22] = *((u8 *) &hdr->seq_ctrl) & 0x0f;
439 aad[23] = 0;
440 if (a4_included) {
441 memcpy(&aad[24], hdr->addr4, 6);
442 aad[30] = 0;
443 aad[31] = 0;
444 } else
445 memset(&aad[24], 0, 8);
446 if (qos_included) {
447 u8 *dpos = &aad[a4_included ? 30 : 24];
448
449 /* Mask QoS Control field */
450 dpos[0] = qos_tid;
451 dpos[1] = 0;
452 }
453}
454
455
456static inline void ccmp_pn2hdr(u8 *hdr, u8 *pn, int key_id)
457{
458 hdr[0] = pn[5];
459 hdr[1] = pn[4];
460 hdr[2] = 0;
461 hdr[3] = 0x20 | (key_id << 6);
462 hdr[4] = pn[3];
463 hdr[5] = pn[2];
464 hdr[6] = pn[1];
465 hdr[7] = pn[0];
466}
467
468
469static inline int ccmp_hdr2pn(u8 *pn, u8 *hdr)
470{
471 pn[0] = hdr[7];
472 pn[1] = hdr[6];
473 pn[2] = hdr[5];
474 pn[3] = hdr[4];
475 pn[4] = hdr[1];
476 pn[5] = hdr[0];
477 return (hdr[3] >> 6) & 0x03;
478}
479
480
481static int ccmp_encrypt_skb(struct ieee80211_txrx_data *tx,
482 struct sk_buff *skb, int test)
483{
484 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
485 struct ieee80211_key *key = tx->key;
486 int hdrlen, len, tailneed;
487 u16 fc;
488 u8 *pos, *pn, *b_0, *aad, *scratch;
489 int i;
490
491 scratch = key->u.ccmp.tx_crypto_buf;
492 b_0 = scratch + 3 * AES_BLOCK_LEN;
493 aad = scratch + 4 * AES_BLOCK_LEN;
494
495 fc = le16_to_cpu(hdr->frame_control);
496 hdrlen = ieee80211_get_hdrlen(fc);
497 len = skb->len - hdrlen;
498
499 tailneed = !key->force_sw_encrypt ? 0 : CCMP_MIC_LEN;
500
501 if ((skb_headroom(skb) < CCMP_HDR_LEN ||
502 skb_tailroom(skb) < tailneed)) {
503 I802_DEBUG_INC(tx->local->tx_expand_skb_head);
504 if (unlikely(pskb_expand_head(skb, CCMP_HDR_LEN, tailneed,
505 GFP_ATOMIC)))
506 return -1;
507 }
508
509 pos = skb_push(skb, CCMP_HDR_LEN);
510 memmove(pos, pos + CCMP_HDR_LEN, hdrlen);
511 hdr = (struct ieee80211_hdr *) pos;
512 pos += hdrlen;
513
514 /* PN = PN + 1 */
515 pn = key->u.ccmp.tx_pn;
516
517 for (i = CCMP_PN_LEN - 1; i >= 0; i--) {
518 pn[i]++;
519 if (pn[i])
520 break;
521 }
522
523 ccmp_pn2hdr(pos, pn, key->keyidx);
524
525 if (!key->force_sw_encrypt) {
526 /* hwaccel - with preallocated room for CCMP header */
527 tx->u.tx.control->key_idx = key->hw_key_idx;
528 return 0;
529 }
530
531 pos += CCMP_HDR_LEN;
532 ccmp_special_blocks(skb, pn, b_0, aad, 0);
533 ieee80211_aes_ccm_encrypt(key->u.ccmp.tfm, scratch, b_0, aad, pos, len,
534 pos, skb_put(skb, CCMP_MIC_LEN));
535
536 return 0;
537}
538
539
540ieee80211_txrx_result
541ieee80211_tx_h_ccmp_encrypt(struct ieee80211_txrx_data *tx)
542{
543 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
544 struct ieee80211_key *key = tx->key;
545 u16 fc;
546 struct sk_buff *skb = tx->skb;
547 int test = 0;
548
549 fc = le16_to_cpu(hdr->frame_control);
550
551 if (!key || key->alg != ALG_CCMP || !WLAN_FC_DATA_PRESENT(fc))
552 return TXRX_CONTINUE;
553
554 tx->u.tx.control->icv_len = CCMP_MIC_LEN;
555 tx->u.tx.control->iv_len = CCMP_HDR_LEN;
556 ieee80211_tx_set_iswep(tx);
557
558 if (!tx->key->force_sw_encrypt &&
559 !(tx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV)) {
560 /* hwaccel - with no need for preallocated room for CCMP "
561 * header or MIC fields */
562 tx->u.tx.control->key_idx = tx->key->hw_key_idx;
563 return TXRX_CONTINUE;
564 }
565
566 if (ccmp_encrypt_skb(tx, skb, test) < 0)
567 return TXRX_DROP;
568
569 if (tx->u.tx.extra_frag) {
570 int i;
571
572 for (i = 0; i < tx->u.tx.num_extra_frag; i++) {
573 if (ccmp_encrypt_skb(tx, tx->u.tx.extra_frag[i], test)
574 < 0)
575 return TXRX_DROP;
576 }
577 }
578
579 return TXRX_CONTINUE;
580}
581
582
583ieee80211_txrx_result
584ieee80211_rx_h_ccmp_decrypt(struct ieee80211_txrx_data *rx)
585{
586 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
587 u16 fc;
588 int hdrlen;
589 struct ieee80211_key *key = rx->key;
590 struct sk_buff *skb = rx->skb;
591 u8 pn[CCMP_PN_LEN];
592 int data_len;
593
594 fc = le16_to_cpu(hdr->frame_control);
595 hdrlen = ieee80211_get_hdrlen(fc);
596
597 if (!key || key->alg != ALG_CCMP ||
598 !(rx->fc & IEEE80211_FCTL_PROTECTED) ||
599 (rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)
600 return TXRX_CONTINUE;
601
602 data_len = skb->len - hdrlen - CCMP_HDR_LEN - CCMP_MIC_LEN;
603 if (!rx->sta || data_len < 0)
604 return TXRX_DROP;
605
606 if ((rx->u.rx.status->flag & RX_FLAG_DECRYPTED) &&
607 !key->force_sw_encrypt &&
608 !(rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV))
609 return TXRX_CONTINUE;
610
611 (void) ccmp_hdr2pn(pn, skb->data + hdrlen);
612
613 if (memcmp(pn, key->u.ccmp.rx_pn[rx->u.rx.queue], CCMP_PN_LEN) <= 0) {
614#ifdef CONFIG_MAC80211_DEBUG
615 u8 *ppn = key->u.ccmp.rx_pn[rx->u.rx.queue];
616 printk(KERN_DEBUG "%s: CCMP replay detected for RX frame from "
617 MAC_FMT " (RX PN %02x%02x%02x%02x%02x%02x <= prev. PN "
618 "%02x%02x%02x%02x%02x%02x)\n", rx->dev->name,
619 MAC_ARG(rx->sta->addr),
620 pn[0], pn[1], pn[2], pn[3], pn[4], pn[5],
621 ppn[0], ppn[1], ppn[2], ppn[3], ppn[4], ppn[5]);
622#endif /* CONFIG_MAC80211_DEBUG */
623 key->u.ccmp.replays++;
624 return TXRX_DROP;
625 }
626
627 if ((rx->u.rx.status->flag & RX_FLAG_DECRYPTED) &&
628 !key->force_sw_encrypt) {
629 /* hwaccel has already decrypted frame and verified MIC */
630 } else {
631 u8 *scratch, *b_0, *aad;
632
633 scratch = key->u.ccmp.rx_crypto_buf;
634 b_0 = scratch + 3 * AES_BLOCK_LEN;
635 aad = scratch + 4 * AES_BLOCK_LEN;
636
637 ccmp_special_blocks(skb, pn, b_0, aad, 1);
638
639 if (ieee80211_aes_ccm_decrypt(
640 key->u.ccmp.tfm, scratch, b_0, aad,
641 skb->data + hdrlen + CCMP_HDR_LEN, data_len,
642 skb->data + skb->len - CCMP_MIC_LEN,
643 skb->data + hdrlen + CCMP_HDR_LEN)) {
644 printk(KERN_DEBUG "%s: CCMP decrypt failed for RX "
645 "frame from " MAC_FMT "\n", rx->dev->name,
646 MAC_ARG(rx->sta->addr));
647 return TXRX_DROP;
648 }
649 }
650
651 memcpy(key->u.ccmp.rx_pn[rx->u.rx.queue], pn, CCMP_PN_LEN);
652
653 /* Remove CCMP header and MIC */
654 skb_trim(skb, skb->len - CCMP_MIC_LEN);
655 memmove(skb->data + CCMP_HDR_LEN, skb->data, hdrlen);
656 skb_pull(skb, CCMP_HDR_LEN);
657
658 return TXRX_CONTINUE;
659}
660
diff --git a/net/mac80211/wpa.h b/net/mac80211/wpa.h
new file mode 100644
index 000000000000..da3b9594f9c3
--- /dev/null
+++ b/net/mac80211/wpa.h
@@ -0,0 +1,31 @@
1/*
2 * Copyright 2002-2004, Instant802 Networks, Inc.
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 */
8
9#ifndef WPA_H
10#define WPA_H
11
12#include <linux/skbuff.h>
13#include <linux/types.h>
14#include "ieee80211_i.h"
15
16ieee80211_txrx_result
17ieee80211_tx_h_michael_mic_add(struct ieee80211_txrx_data *tx);
18ieee80211_txrx_result
19ieee80211_rx_h_michael_mic_verify(struct ieee80211_txrx_data *rx);
20
21ieee80211_txrx_result
22ieee80211_tx_h_tkip_encrypt(struct ieee80211_txrx_data *tx);
23ieee80211_txrx_result
24ieee80211_rx_h_tkip_decrypt(struct ieee80211_txrx_data *rx);
25
26ieee80211_txrx_result
27ieee80211_tx_h_ccmp_encrypt(struct ieee80211_txrx_data *tx);
28ieee80211_txrx_result
29ieee80211_rx_h_ccmp_decrypt(struct ieee80211_txrx_data *rx);
30
31#endif /* WPA_H */
generated by cgit v1.2.2 (git 2.25.0) at 2024-10-25 17:39:44 -0400