Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
cfg.c
Go to the documentation of this file.
1 /*
2  * Implement cfg80211 ("iw") support.
3  *
4  * Copyright (C) 2009 M&N Solutions GmbH, 61191 Rosbach, Germany
5  * Holger Schurig <[email protected]>
6  *
7  */
8 
9 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
10 
11 #include <linux/hardirq.h>
12 #include <linux/sched.h>
13 #include <linux/wait.h>
14 #include <linux/slab.h>
15 #include <linux/ieee80211.h>
16 #include <net/cfg80211.h>
17 #include <asm/unaligned.h>
18 
19 #include "decl.h"
20 #include "cfg.h"
21 #include "cmd.h"
22 #include "mesh.h"
23 
24 
25 #define CHAN2G(_channel, _freq, _flags) { \
26  .band = IEEE80211_BAND_2GHZ, \
27  .center_freq = (_freq), \
28  .hw_value = (_channel), \
29  .flags = (_flags), \
30  .max_antenna_gain = 0, \
31  .max_power = 30, \
32 }
33 
34 static struct ieee80211_channel lbs_2ghz_channels[] = {
35  CHAN2G(1, 2412, 0),
36  CHAN2G(2, 2417, 0),
37  CHAN2G(3, 2422, 0),
38  CHAN2G(4, 2427, 0),
39  CHAN2G(5, 2432, 0),
40  CHAN2G(6, 2437, 0),
41  CHAN2G(7, 2442, 0),
42  CHAN2G(8, 2447, 0),
43  CHAN2G(9, 2452, 0),
44  CHAN2G(10, 2457, 0),
45  CHAN2G(11, 2462, 0),
46  CHAN2G(12, 2467, 0),
47  CHAN2G(13, 2472, 0),
48  CHAN2G(14, 2484, 0),
49 };
50 
51 #define RATETAB_ENT(_rate, _hw_value, _flags) { \
52  .bitrate = (_rate), \
53  .hw_value = (_hw_value), \
54  .flags = (_flags), \
55 }
56 
57 
58 /* Table 6 in section 3.2.1.1 */
59 static struct ieee80211_rate lbs_rates[] = {
60  RATETAB_ENT(10, 0, 0),
61  RATETAB_ENT(20, 1, 0),
62  RATETAB_ENT(55, 2, 0),
63  RATETAB_ENT(110, 3, 0),
64  RATETAB_ENT(60, 9, 0),
65  RATETAB_ENT(90, 6, 0),
66  RATETAB_ENT(120, 7, 0),
67  RATETAB_ENT(180, 8, 0),
68  RATETAB_ENT(240, 9, 0),
69  RATETAB_ENT(360, 10, 0),
70  RATETAB_ENT(480, 11, 0),
71  RATETAB_ENT(540, 12, 0),
72 };
73 
74 static struct ieee80211_supported_band lbs_band_2ghz = {
75  .channels = lbs_2ghz_channels,
76  .n_channels = ARRAY_SIZE(lbs_2ghz_channels),
77  .bitrates = lbs_rates,
78  .n_bitrates = ARRAY_SIZE(lbs_rates),
79 };
80 
81 
82 static const u32 cipher_suites[] = {
83  WLAN_CIPHER_SUITE_WEP40,
84  WLAN_CIPHER_SUITE_WEP104,
85  WLAN_CIPHER_SUITE_TKIP,
86  WLAN_CIPHER_SUITE_CCMP,
87 };
88 
89 /* Time to stay on the channel */
90 #define LBS_DWELL_PASSIVE 100
91 #define LBS_DWELL_ACTIVE 40
92 
93 
94 /***************************************************************************
95  * Misc utility functions
96  *
97  * TLVs are Marvell specific. They are very similar to IEs, they have the
98  * same structure: type, length, data*. The only difference: for IEs, the
99  * type and length are u8, but for TLVs they're __le16.
100  */
101 
102 /*
103  * Convert NL80211's auth_type to the one from Libertas, see chapter 5.9.1
104  * in the firmware spec
105  */
106 static int lbs_auth_to_authtype(enum nl80211_auth_type auth_type)
107 {
108  int ret = -ENOTSUPP;
109 
110  switch (auth_type) {
111  case NL80211_AUTHTYPE_OPEN_SYSTEM:
112  case NL80211_AUTHTYPE_SHARED_KEY:
113  ret = auth_type;
114  break;
115  case NL80211_AUTHTYPE_AUTOMATIC:
116  ret = NL80211_AUTHTYPE_OPEN_SYSTEM;
117  break;
118  case NL80211_AUTHTYPE_NETWORK_EAP:
119  ret = 0x80;
120  break;
121  default:
122  /* silence compiler */
123  break;
124  }
125  return ret;
126 }
127 
128 
129 /*
130  * Various firmware commands need the list of supported rates, but with
131  * the hight-bit set for basic rates
132  */
133 static int lbs_add_rates(u8 *rates)
134 {
135  size_t i;
136 
137  for (i = 0; i < ARRAY_SIZE(lbs_rates); i++) {
138  u8 rate = lbs_rates[i].bitrate / 5;
139  if (rate == 0x02 || rate == 0x04 ||
140  rate == 0x0b || rate == 0x16)
141  rate |= 0x80;
142  rates[i] = rate;
143  }
144  return ARRAY_SIZE(lbs_rates);
145 }
146 
147 
148 /***************************************************************************
149  * TLV utility functions
150  *
151  * TLVs are Marvell specific. They are very similar to IEs, they have the
152  * same structure: type, length, data*. The only difference: for IEs, the
153  * type and length are u8, but for TLVs they're __le16.
154  */
155 
156 
157 /*
158  * Add ssid TLV
159  */
160 #define LBS_MAX_SSID_TLV_SIZE \
161  (sizeof(struct mrvl_ie_header) \
162  + IEEE80211_MAX_SSID_LEN)
163 
164 static int lbs_add_ssid_tlv(u8 *tlv, const u8 *ssid, int ssid_len)
165 {
166  struct mrvl_ie_ssid_param_set *ssid_tlv = (void *)tlv;
167 
168  /*
169  * TLV-ID SSID 00 00
170  * length 06 00
171  * ssid 4d 4e 54 45 53 54
172  */
173  ssid_tlv->header.type = cpu_to_le16(TLV_TYPE_SSID);
174  ssid_tlv->header.len = cpu_to_le16(ssid_len);
175  memcpy(ssid_tlv->ssid, ssid, ssid_len);
176  return sizeof(ssid_tlv->header) + ssid_len;
177 }
178 
179 
180 /*
181  * Add channel list TLV (section 8.4.2)
182  *
183  * Actual channel data comes from priv->wdev->wiphy->channels.
184  */
185 #define LBS_MAX_CHANNEL_LIST_TLV_SIZE \
186  (sizeof(struct mrvl_ie_header) \
187  + (LBS_SCAN_BEFORE_NAP * sizeof(struct chanscanparamset)))
188 
189 static int lbs_add_channel_list_tlv(struct lbs_private *priv, u8 *tlv,
190  int last_channel, int active_scan)
191 {
192  int chanscanparamsize = sizeof(struct chanscanparamset) *
193  (last_channel - priv->scan_channel);
194 
195  struct mrvl_ie_header *header = (void *) tlv;
196 
197  /*
198  * TLV-ID CHANLIST 01 01
199  * length 0e 00
200  * channel 00 01 00 00 00 64 00
201  * radio type 00
202  * channel 01
203  * scan type 00
204  * min scan time 00 00
205  * max scan time 64 00
206  * channel 2 00 02 00 00 00 64 00
207  *
208  */
209 
210  header->type = cpu_to_le16(TLV_TYPE_CHANLIST);
211  header->len = cpu_to_le16(chanscanparamsize);
212  tlv += sizeof(struct mrvl_ie_header);
213 
214  /* lbs_deb_scan("scan: channels %d to %d\n", priv->scan_channel,
215  last_channel); */
216  memset(tlv, 0, chanscanparamsize);
217 
218  while (priv->scan_channel < last_channel) {
219  struct chanscanparamset *param = (void *) tlv;
220 
221  param->radiotype = CMD_SCAN_RADIO_TYPE_BG;
222  param->channumber =
223  priv->scan_req->channels[priv->scan_channel]->hw_value;
224  if (active_scan) {
225  param->maxscantime = cpu_to_le16(LBS_DWELL_ACTIVE);
226  } else {
227  param->chanscanmode.passivescan = 1;
228  param->maxscantime = cpu_to_le16(LBS_DWELL_PASSIVE);
229  }
230  tlv += sizeof(struct chanscanparamset);
231  priv->scan_channel++;
232  }
233  return sizeof(struct mrvl_ie_header) + chanscanparamsize;
234 }
235 
236 
237 /*
238  * Add rates TLV
239  *
240  * The rates are in lbs_bg_rates[], but for the 802.11b
241  * rates the high bit is set. We add this TLV only because
242  * there's a firmware which otherwise doesn't report all
243  * APs in range.
244  */
245 #define LBS_MAX_RATES_TLV_SIZE \
246  (sizeof(struct mrvl_ie_header) \
247  + (ARRAY_SIZE(lbs_rates)))
248 
249 /* Adds a TLV with all rates the hardware supports */
250 static int lbs_add_supported_rates_tlv(u8 *tlv)
251 {
252  size_t i;
253  struct mrvl_ie_rates_param_set *rate_tlv = (void *)tlv;
254 
255  /*
256  * TLV-ID RATES 01 00
257  * length 0e 00
258  * rates 82 84 8b 96 0c 12 18 24 30 48 60 6c
259  */
260  rate_tlv->header.type = cpu_to_le16(TLV_TYPE_RATES);
261  tlv += sizeof(rate_tlv->header);
262  i = lbs_add_rates(tlv);
263  tlv += i;
264  rate_tlv->header.len = cpu_to_le16(i);
265  return sizeof(rate_tlv->header) + i;
266 }
267 
268 /* Add common rates from a TLV and return the new end of the TLV */
269 static u8 *
270 add_ie_rates(u8 *tlv, const u8 *ie, int *nrates)
271 {
272  int hw, ap, ap_max = ie[1];
273  u8 hw_rate;
274 
275  /* Advance past IE header */
276  ie += 2;
277 
278  lbs_deb_hex(LBS_DEB_ASSOC, "AP IE Rates", (u8 *) ie, ap_max);
279 
280  for (hw = 0; hw < ARRAY_SIZE(lbs_rates); hw++) {
281  hw_rate = lbs_rates[hw].bitrate / 5;
282  for (ap = 0; ap < ap_max; ap++) {
283  if (hw_rate == (ie[ap] & 0x7f)) {
284  *tlv++ = ie[ap];
285  *nrates = *nrates + 1;
286  }
287  }
288  }
289  return tlv;
290 }
291 
292 /*
293  * Adds a TLV with all rates the hardware *and* BSS supports.
294  */
295 static int lbs_add_common_rates_tlv(u8 *tlv, struct cfg80211_bss *bss)
296 {
297  struct mrvl_ie_rates_param_set *rate_tlv = (void *)tlv;
298  const u8 *rates_eid, *ext_rates_eid;
299  int n = 0;
300 
301  rates_eid = ieee80211_bss_get_ie(bss, WLAN_EID_SUPP_RATES);
302  ext_rates_eid = ieee80211_bss_get_ie(bss, WLAN_EID_EXT_SUPP_RATES);
303 
304  /*
305  * 01 00 TLV_TYPE_RATES
306  * 04 00 len
307  * 82 84 8b 96 rates
308  */
309  rate_tlv->header.type = cpu_to_le16(TLV_TYPE_RATES);
310  tlv += sizeof(rate_tlv->header);
311 
312  /* Add basic rates */
313  if (rates_eid) {
314  tlv = add_ie_rates(tlv, rates_eid, &n);
315 
316  /* Add extended rates, if any */
317  if (ext_rates_eid)
318  tlv = add_ie_rates(tlv, ext_rates_eid, &n);
319  } else {
320  lbs_deb_assoc("assoc: bss had no basic rate IE\n");
321  /* Fallback: add basic 802.11b rates */
322  *tlv++ = 0x82;
323  *tlv++ = 0x84;
324  *tlv++ = 0x8b;
325  *tlv++ = 0x96;
326  n = 4;
327  }
328 
329  rate_tlv->header.len = cpu_to_le16(n);
330  return sizeof(rate_tlv->header) + n;
331 }
332 
333 
334 /*
335  * Add auth type TLV.
336  *
337  * This is only needed for newer firmware (V9 and up).
338  */
339 #define LBS_MAX_AUTH_TYPE_TLV_SIZE \
340  sizeof(struct mrvl_ie_auth_type)
341 
342 static int lbs_add_auth_type_tlv(u8 *tlv, enum nl80211_auth_type auth_type)
343 {
344  struct mrvl_ie_auth_type *auth = (void *) tlv;
345 
346  /*
347  * 1f 01 TLV_TYPE_AUTH_TYPE
348  * 01 00 len
349  * 01 auth type
350  */
351  auth->header.type = cpu_to_le16(TLV_TYPE_AUTH_TYPE);
352  auth->header.len = cpu_to_le16(sizeof(*auth)-sizeof(auth->header));
353  auth->auth = cpu_to_le16(lbs_auth_to_authtype(auth_type));
354  return sizeof(*auth);
355 }
356 
357 
358 /*
359  * Add channel (phy ds) TLV
360  */
361 #define LBS_MAX_CHANNEL_TLV_SIZE \
362  sizeof(struct mrvl_ie_header)
363 
364 static int lbs_add_channel_tlv(u8 *tlv, u8 channel)
365 {
366  struct mrvl_ie_ds_param_set *ds = (void *) tlv;
367 
368  /*
369  * 03 00 TLV_TYPE_PHY_DS
370  * 01 00 len
371  * 06 channel
372  */
373  ds->header.type = cpu_to_le16(TLV_TYPE_PHY_DS);
374  ds->header.len = cpu_to_le16(sizeof(*ds)-sizeof(ds->header));
375  ds->channel = channel;
376  return sizeof(*ds);
377 }
378 
379 
380 /*
381  * Add (empty) CF param TLV of the form:
382  */
383 #define LBS_MAX_CF_PARAM_TLV_SIZE \
384  sizeof(struct mrvl_ie_header)
385 
386 static int lbs_add_cf_param_tlv(u8 *tlv)
387 {
388  struct mrvl_ie_cf_param_set *cf = (void *)tlv;
389 
390  /*
391  * 04 00 TLV_TYPE_CF
392  * 06 00 len
393  * 00 cfpcnt
394  * 00 cfpperiod
395  * 00 00 cfpmaxduration
396  * 00 00 cfpdurationremaining
397  */
398  cf->header.type = cpu_to_le16(TLV_TYPE_CF);
399  cf->header.len = cpu_to_le16(sizeof(*cf)-sizeof(cf->header));
400  return sizeof(*cf);
401 }
402 
403 /*
404  * Add WPA TLV
405  */
406 #define LBS_MAX_WPA_TLV_SIZE \
407  (sizeof(struct mrvl_ie_header) \
408  + 128 /* TODO: I guessed the size */)
409 
410 static int lbs_add_wpa_tlv(u8 *tlv, const u8 *ie, u8 ie_len)
411 {
412  size_t tlv_len;
413 
414  /*
415  * We need just convert an IE to an TLV. IEs use u8 for the header,
416  * u8 type
417  * u8 len
418  * u8[] data
419  * but TLVs use __le16 instead:
420  * __le16 type
421  * __le16 len
422  * u8[] data
423  */
424  *tlv++ = *ie++;
425  *tlv++ = 0;
426  tlv_len = *tlv++ = *ie++;
427  *tlv++ = 0;
428  while (tlv_len--)
429  *tlv++ = *ie++;
430  /* the TLV is two bytes larger than the IE */
431  return ie_len + 2;
432 }
433 
434 /*
435  * Set Channel
436  */
437 
438 static int lbs_cfg_set_monitor_channel(struct wiphy *wiphy,
439  struct ieee80211_channel *channel,
440  enum nl80211_channel_type channel_type)
441 {
442  struct lbs_private *priv = wiphy_priv(wiphy);
443  int ret = -ENOTSUPP;
444 
445  lbs_deb_enter_args(LBS_DEB_CFG80211, "freq %d, type %d",
446  channel->center_freq, channel_type);
447 
448  if (channel_type != NL80211_CHAN_NO_HT)
449  goto out;
450 
451  ret = lbs_set_channel(priv, channel->hw_value);
452 
453  out:
454  lbs_deb_leave_args(LBS_DEB_CFG80211, "ret %d", ret);
455  return ret;
456 }
457 
458 static int lbs_cfg_set_mesh_channel(struct wiphy *wiphy,
459  struct net_device *netdev,
460  struct ieee80211_channel *channel)
461 {
462  struct lbs_private *priv = wiphy_priv(wiphy);
463  int ret = -ENOTSUPP;
464 
465  lbs_deb_enter_args(LBS_DEB_CFG80211, "iface %s freq %d",
466  netdev_name(netdev), channel->center_freq);
467 
468  if (netdev != priv->mesh_dev)
469  goto out;
470 
471  ret = lbs_mesh_set_channel(priv, channel->hw_value);
472 
473  out:
474  lbs_deb_leave_args(LBS_DEB_CFG80211, "ret %d", ret);
475  return ret;
476 }
477 
478 
479 
480 /*
481  * Scanning
482  */
483 
484 /*
485  * When scanning, the firmware doesn't send a nul packet with the power-safe
486  * bit to the AP. So we cannot stay away from our current channel too long,
487  * otherwise we loose data. So take a "nap" while scanning every other
488  * while.
489  */
490 #define LBS_SCAN_BEFORE_NAP 4
491 
492 
493 /*
494  * When the firmware reports back a scan-result, it gives us an "u8 rssi",
495  * which isn't really an RSSI, as it becomes larger when moving away from
496  * the AP. Anyway, we need to convert that into mBm.
497  */
498 #define LBS_SCAN_RSSI_TO_MBM(rssi) \
499  ((-(int)rssi + 3)*100)
500 
501 static int lbs_ret_scan(struct lbs_private *priv, unsigned long dummy,
502  struct cmd_header *resp)
503 {
504  struct cfg80211_bss *bss;
505  struct cmd_ds_802_11_scan_rsp *scanresp = (void *)resp;
506  int bsssize;
507  const u8 *pos;
508  const u8 *tsfdesc;
509  int tsfsize;
510  int i;
511  int ret = -EILSEQ;
512 
513  lbs_deb_enter(LBS_DEB_CFG80211);
514 
515  bsssize = get_unaligned_le16(&scanresp->bssdescriptsize);
516 
517  lbs_deb_scan("scan response: %d BSSs (%d bytes); resp size %d bytes\n",
518  scanresp->nr_sets, bsssize, le16_to_cpu(resp->size));
519 
520  if (scanresp->nr_sets == 0) {
521  ret = 0;
522  goto done;
523  }
524 
525  /*
526  * The general layout of the scan response is described in chapter
527  * 5.7.1. Basically we have a common part, then any number of BSS
528  * descriptor sections. Finally we have section with the same number
529  * of TSFs.
530  *
531  * cmd_ds_802_11_scan_rsp
532  * cmd_header
533  * pos_size
534  * nr_sets
535  * bssdesc 1
536  * bssid
537  * rssi
538  * timestamp
539  * intvl
540  * capa
541  * IEs
542  * bssdesc 2
543  * bssdesc n
544  * MrvlIEtypes_TsfFimestamp_t
545  * TSF for BSS 1
546  * TSF for BSS 2
547  * TSF for BSS n
548  */
549 
550  pos = scanresp->bssdesc_and_tlvbuffer;
551 
552  lbs_deb_hex(LBS_DEB_SCAN, "SCAN_RSP", scanresp->bssdesc_and_tlvbuffer,
553  scanresp->bssdescriptsize);
554 
555  tsfdesc = pos + bsssize;
556  tsfsize = 4 + 8 * scanresp->nr_sets;
557  lbs_deb_hex(LBS_DEB_SCAN, "SCAN_TSF", (u8 *) tsfdesc, tsfsize);
558 
559  /* Validity check: we expect a Marvell-Local TLV */
560  i = get_unaligned_le16(tsfdesc);
561  tsfdesc += 2;
562  if (i != TLV_TYPE_TSFTIMESTAMP) {
563  lbs_deb_scan("scan response: invalid TSF Timestamp %d\n", i);
564  goto done;
565  }
566 
567  /*
568  * Validity check: the TLV holds TSF values with 8 bytes each, so
569  * the size in the TLV must match the nr_sets value
570  */
571  i = get_unaligned_le16(tsfdesc);
572  tsfdesc += 2;
573  if (i / 8 != scanresp->nr_sets) {
574  lbs_deb_scan("scan response: invalid number of TSF timestamp "
575  "sets (expected %d got %d)\n", scanresp->nr_sets,
576  i / 8);
577  goto done;
578  }
579 
580  for (i = 0; i < scanresp->nr_sets; i++) {
581  const u8 *bssid;
582  const u8 *ie;
583  int left;
584  int ielen;
585  int rssi;
586  u16 intvl;
587  u16 capa;
588  int chan_no = -1;
589  const u8 *ssid = NULL;
590  u8 ssid_len = 0;
591  DECLARE_SSID_BUF(ssid_buf);
592 
593  int len = get_unaligned_le16(pos);
594  pos += 2;
595 
596  /* BSSID */
597  bssid = pos;
598  pos += ETH_ALEN;
599  /* RSSI */
600  rssi = *pos++;
601  /* Packet time stamp */
602  pos += 8;
603  /* Beacon interval */
604  intvl = get_unaligned_le16(pos);
605  pos += 2;
606  /* Capabilities */
607  capa = get_unaligned_le16(pos);
608  pos += 2;
609 
610  /* To find out the channel, we must parse the IEs */
611  ie = pos;
612  /*
613  * 6+1+8+2+2: size of BSSID, RSSI, time stamp, beacon
614  * interval, capabilities
615  */
616  ielen = left = len - (6 + 1 + 8 + 2 + 2);
617  while (left >= 2) {
618  u8 id, elen;
619  id = *pos++;
620  elen = *pos++;
621  left -= 2;
622  if (elen > left || elen == 0) {
623  lbs_deb_scan("scan response: invalid IE fmt\n");
624  goto done;
625  }
626 
627  if (id == WLAN_EID_DS_PARAMS)
628  chan_no = *pos;
629  if (id == WLAN_EID_SSID) {
630  ssid = pos;
631  ssid_len = elen;
632  }
633  left -= elen;
634  pos += elen;
635  }
636 
637  /* No channel, no luck */
638  if (chan_no != -1) {
639  struct wiphy *wiphy = priv->wdev->wiphy;
640  int freq = ieee80211_channel_to_frequency(chan_no,
641  IEEE80211_BAND_2GHZ);
642  struct ieee80211_channel *channel =
643  ieee80211_get_channel(wiphy, freq);
644 
645  lbs_deb_scan("scan: %pM, capa %04x, chan %2d, %s, "
646  "%d dBm\n",
647  bssid, capa, chan_no,
648  print_ssid(ssid_buf, ssid, ssid_len),
649  LBS_SCAN_RSSI_TO_MBM(rssi)/100);
650 
651  if (channel &&
652  !(channel->flags & IEEE80211_CHAN_DISABLED)) {
653  bss = cfg80211_inform_bss(wiphy, channel,
654  bssid, get_unaligned_le64(tsfdesc),
655  capa, intvl, ie, ielen,
656  LBS_SCAN_RSSI_TO_MBM(rssi),
657  GFP_KERNEL);
658  cfg80211_put_bss(bss);
659  }
660  } else
661  lbs_deb_scan("scan response: missing BSS channel IE\n");
662 
663  tsfdesc += 8;
664  }
665  ret = 0;
666 
667  done:
668  lbs_deb_leave_args(LBS_DEB_SCAN, "ret %d", ret);
669  return ret;
670 }
671 
672 
673 /*
674  * Our scan command contains a TLV, consting of a SSID TLV, a channel list
675  * TLV and a rates TLV. Determine the maximum size of them:
676  */
677 #define LBS_SCAN_MAX_CMD_SIZE \
678  (sizeof(struct cmd_ds_802_11_scan) \
679  + LBS_MAX_SSID_TLV_SIZE \
680  + LBS_MAX_CHANNEL_LIST_TLV_SIZE \
681  + LBS_MAX_RATES_TLV_SIZE)
682 
683 /*
684  * Assumes priv->scan_req is initialized and valid
685  * Assumes priv->scan_channel is initialized
686  */
687 static void lbs_scan_worker(struct work_struct *work)
688 {
689  struct lbs_private *priv =
690  container_of(work, struct lbs_private, scan_work.work);
691  struct cmd_ds_802_11_scan *scan_cmd;
692  u8 *tlv; /* pointer into our current, growing TLV storage area */
693  int last_channel;
694  int running, carrier;
695 
696  lbs_deb_enter(LBS_DEB_SCAN);
697 
698  scan_cmd = kzalloc(LBS_SCAN_MAX_CMD_SIZE, GFP_KERNEL);
699  if (scan_cmd == NULL)
700  goto out_no_scan_cmd;
701 
702  /* prepare fixed part of scan command */
703  scan_cmd->bsstype = CMD_BSS_TYPE_ANY;
704 
705  /* stop network while we're away from our main channel */
706  running = !netif_queue_stopped(priv->dev);
707  carrier = netif_carrier_ok(priv->dev);
708  if (running)
709  netif_stop_queue(priv->dev);
710  if (carrier)
711  netif_carrier_off(priv->dev);
712 
713  /* prepare fixed part of scan command */
714  tlv = scan_cmd->tlvbuffer;
715 
716  /* add SSID TLV */
717  if (priv->scan_req->n_ssids && priv->scan_req->ssids[0].ssid_len > 0)
718  tlv += lbs_add_ssid_tlv(tlv,
719  priv->scan_req->ssids[0].ssid,
720  priv->scan_req->ssids[0].ssid_len);
721 
722  /* add channel TLVs */
723  last_channel = priv->scan_channel + LBS_SCAN_BEFORE_NAP;
724  if (last_channel > priv->scan_req->n_channels)
725  last_channel = priv->scan_req->n_channels;
726  tlv += lbs_add_channel_list_tlv(priv, tlv, last_channel,
727  priv->scan_req->n_ssids);
728 
729  /* add rates TLV */
730  tlv += lbs_add_supported_rates_tlv(tlv);
731 
732  if (priv->scan_channel < priv->scan_req->n_channels) {
733  cancel_delayed_work(&priv->scan_work);
734  if (netif_running(priv->dev))
735  queue_delayed_work(priv->work_thread, &priv->scan_work,
736  msecs_to_jiffies(300));
737  }
738 
739  /* This is the final data we are about to send */
740  scan_cmd->hdr.size = cpu_to_le16(tlv - (u8 *)scan_cmd);
741  lbs_deb_hex(LBS_DEB_SCAN, "SCAN_CMD", (void *)scan_cmd,
742  sizeof(*scan_cmd));
743  lbs_deb_hex(LBS_DEB_SCAN, "SCAN_TLV", scan_cmd->tlvbuffer,
744  tlv - scan_cmd->tlvbuffer);
745 
746  __lbs_cmd(priv, CMD_802_11_SCAN, &scan_cmd->hdr,
747  le16_to_cpu(scan_cmd->hdr.size),
748  lbs_ret_scan, 0);
749 
750  if (priv->scan_channel >= priv->scan_req->n_channels) {
751  /* Mark scan done */
752  cancel_delayed_work(&priv->scan_work);
753  lbs_scan_done(priv);
754  }
755 
756  /* Restart network */
757  if (carrier)
758  netif_carrier_on(priv->dev);
759  if (running && !priv->tx_pending_len)
760  netif_wake_queue(priv->dev);
761 
762  kfree(scan_cmd);
763 
764  /* Wake up anything waiting on scan completion */
765  if (priv->scan_req == NULL) {
766  lbs_deb_scan("scan: waking up waiters\n");
767  wake_up_all(&priv->scan_q);
768  }
769 
770  out_no_scan_cmd:
771  lbs_deb_leave(LBS_DEB_SCAN);
772 }
773 
774 static void _internal_start_scan(struct lbs_private *priv, bool internal,
775  struct cfg80211_scan_request *request)
776 {
777  lbs_deb_enter(LBS_DEB_CFG80211);
778 
779  lbs_deb_scan("scan: ssids %d, channels %d, ie_len %zd\n",
780  request->n_ssids, request->n_channels, request->ie_len);
781 
782  priv->scan_channel = 0;
783  priv->scan_req = request;
784  priv->internal_scan = internal;
785 
786  queue_delayed_work(priv->work_thread, &priv->scan_work,
787  msecs_to_jiffies(50));
788 
789  lbs_deb_leave(LBS_DEB_CFG80211);
790 }
791 
792 /*
793  * Clean up priv->scan_req. Should be used to handle the allocation details.
794  */
795 void lbs_scan_done(struct lbs_private *priv)
796 {
797  WARN_ON(!priv->scan_req);
798 
799  if (priv->internal_scan)
800  kfree(priv->scan_req);
801  else
802  cfg80211_scan_done(priv->scan_req, false);
803 
804  priv->scan_req = NULL;
805 }
806 
807 static int lbs_cfg_scan(struct wiphy *wiphy,
808  struct cfg80211_scan_request *request)
809 {
810  struct lbs_private *priv = wiphy_priv(wiphy);
811  int ret = 0;
812 
813  lbs_deb_enter(LBS_DEB_CFG80211);
814 
815  if (priv->scan_req || delayed_work_pending(&priv->scan_work)) {
816  /* old scan request not yet processed */
817  ret = -EAGAIN;
818  goto out;
819  }
820 
821  _internal_start_scan(priv, false, request);
822 
823  if (priv->surpriseremoved)
824  ret = -EIO;
825 
826  out:
827  lbs_deb_leave_args(LBS_DEB_CFG80211, "ret %d", ret);
828  return ret;
829 }
830 
831 
832 
833 
834 /*
835  * Events
836  */
837 
838 void lbs_send_disconnect_notification(struct lbs_private *priv)
839 {
840  lbs_deb_enter(LBS_DEB_CFG80211);
841 
842  cfg80211_disconnected(priv->dev,
843  0,
844  NULL, 0,
845  GFP_KERNEL);
846 
847  lbs_deb_leave(LBS_DEB_CFG80211);
848 }
849 
850 void lbs_send_mic_failureevent(struct lbs_private *priv, u32 event)
851 {
852  lbs_deb_enter(LBS_DEB_CFG80211);
853 
854  cfg80211_michael_mic_failure(priv->dev,
855  priv->assoc_bss,
856  event == MACREG_INT_CODE_MIC_ERR_MULTICAST ?
857  NL80211_KEYTYPE_GROUP :
858  NL80211_KEYTYPE_PAIRWISE,
859  -1,
860  NULL,
861  GFP_KERNEL);
862 
863  lbs_deb_leave(LBS_DEB_CFG80211);
864 }
865 
866 
867 
868 
869 /*
870  * Connect/disconnect
871  */
872 
873 
874 /*
875  * This removes all WEP keys
876  */
877 static int lbs_remove_wep_keys(struct lbs_private *priv)
878 {
879  struct cmd_ds_802_11_set_wep cmd;
880  int ret;
881 
882  lbs_deb_enter(LBS_DEB_CFG80211);
883 
884  memset(&cmd, 0, sizeof(cmd));
885  cmd.hdr.size = cpu_to_le16(sizeof(cmd));
886  cmd.keyindex = cpu_to_le16(priv->wep_tx_key);
887  cmd.action = cpu_to_le16(CMD_ACT_REMOVE);
888 
889  ret = lbs_cmd_with_response(priv, CMD_802_11_SET_WEP, &cmd);
890 
891  lbs_deb_leave(LBS_DEB_CFG80211);
892  return ret;
893 }
894 
895 /*
896  * Set WEP keys
897  */
898 static int lbs_set_wep_keys(struct lbs_private *priv)
899 {
900  struct cmd_ds_802_11_set_wep cmd;
901  int i;
902  int ret;
903 
904  lbs_deb_enter(LBS_DEB_CFG80211);
905 
906  /*
907  * command 13 00
908  * size 50 00
909  * sequence xx xx
910  * result 00 00
911  * action 02 00 ACT_ADD
912  * transmit key 00 00
913  * type for key 1 01 WEP40
914  * type for key 2 00
915  * type for key 3 00
916  * type for key 4 00
917  * key 1 39 39 39 39 39 00 00 00
918  * 00 00 00 00 00 00 00 00
919  * key 2 00 00 00 00 00 00 00 00
920  * 00 00 00 00 00 00 00 00
921  * key 3 00 00 00 00 00 00 00 00
922  * 00 00 00 00 00 00 00 00
923  * key 4 00 00 00 00 00 00 00 00
924  */
925  if (priv->wep_key_len[0] || priv->wep_key_len[1] ||
926  priv->wep_key_len[2] || priv->wep_key_len[3]) {
927  /* Only set wep keys if we have at least one of them */
928  memset(&cmd, 0, sizeof(cmd));
929  cmd.hdr.size = cpu_to_le16(sizeof(cmd));
930  cmd.keyindex = cpu_to_le16(priv->wep_tx_key);
931  cmd.action = cpu_to_le16(CMD_ACT_ADD);
932 
933  for (i = 0; i < 4; i++) {
934  switch (priv->wep_key_len[i]) {
935  case WLAN_KEY_LEN_WEP40:
936  cmd.keytype[i] = CMD_TYPE_WEP_40_BIT;
937  break;
938  case WLAN_KEY_LEN_WEP104:
939  cmd.keytype[i] = CMD_TYPE_WEP_104_BIT;
940  break;
941  default:
942  cmd.keytype[i] = 0;
943  break;
944  }
945  memcpy(cmd.keymaterial[i], priv->wep_key[i],
946  priv->wep_key_len[i]);
947  }
948 
949  ret = lbs_cmd_with_response(priv, CMD_802_11_SET_WEP, &cmd);
950  } else {
951  /* Otherwise remove all wep keys */
952  ret = lbs_remove_wep_keys(priv);
953  }
954 
955  lbs_deb_leave(LBS_DEB_CFG80211);
956  return ret;
957 }
958 
959 
960 /*
961  * Enable/Disable RSN status
962  */
963 static int lbs_enable_rsn(struct lbs_private *priv, int enable)
964 {
965  struct cmd_ds_802_11_enable_rsn cmd;
966  int ret;
967 
968  lbs_deb_enter_args(LBS_DEB_CFG80211, "%d", enable);
969 
970  /*
971  * cmd 2f 00
972  * size 0c 00
973  * sequence xx xx
974  * result 00 00
975  * action 01 00 ACT_SET
976  * enable 01 00
977  */
978  memset(&cmd, 0, sizeof(cmd));
979  cmd.hdr.size = cpu_to_le16(sizeof(cmd));
980  cmd.action = cpu_to_le16(CMD_ACT_SET);
981  cmd.enable = cpu_to_le16(enable);
982 
983  ret = lbs_cmd_with_response(priv, CMD_802_11_ENABLE_RSN, &cmd);
984 
985  lbs_deb_leave(LBS_DEB_CFG80211);
986  return ret;
987 }
988 
989 
990 /*
991  * Set WPA/WPA key material
992  */
993 
994 /*
995  * like "struct cmd_ds_802_11_key_material", but with cmd_header. Once we
996  * get rid of WEXT, this should go into host.h
997  */
998 
999 struct cmd_key_material {
1000  struct cmd_header hdr;
1001 
1002  __le16 action;
1003  struct MrvlIEtype_keyParamSet param;
1004 } __packed;
1005 
1006 static int lbs_set_key_material(struct lbs_private *priv,
1007  int key_type,
1008  int key_info,
1009  u8 *key, u16 key_len)
1010 {
1011  struct cmd_key_material cmd;
1012  int ret;
1013 
1014  lbs_deb_enter(LBS_DEB_CFG80211);
1015 
1016  /*
1017  * Example for WPA (TKIP):
1018  *
1019  * cmd 5e 00
1020  * size 34 00
1021  * sequence xx xx
1022  * result 00 00
1023  * action 01 00
1024  * TLV type 00 01 key param
1025  * length 00 26
1026  * key type 01 00 TKIP
1027  * key info 06 00 UNICAST | ENABLED
1028  * key len 20 00
1029  * key 32 bytes
1030  */
1031  memset(&cmd, 0, sizeof(cmd));
1032  cmd.hdr.size = cpu_to_le16(sizeof(cmd));
1033  cmd.action = cpu_to_le16(CMD_ACT_SET);
1034  cmd.param.type = cpu_to_le16(TLV_TYPE_KEY_MATERIAL);
1035  cmd.param.length = cpu_to_le16(sizeof(cmd.param) - 4);
1036  cmd.param.keytypeid = cpu_to_le16(key_type);
1037  cmd.param.keyinfo = cpu_to_le16(key_info);
1038  cmd.param.keylen = cpu_to_le16(key_len);
1039  if (key && key_len)
1040  memcpy(cmd.param.key, key, key_len);
1041 
1042  ret = lbs_cmd_with_response(priv, CMD_802_11_KEY_MATERIAL, &cmd);
1043 
1044  lbs_deb_leave(LBS_DEB_CFG80211);
1045  return ret;
1046 }
1047 
1048 
1049 /*
1050  * Sets the auth type (open, shared, etc) in the firmware. That
1051  * we use CMD_802_11_AUTHENTICATE is misleading, this firmware
1052  * command doesn't send an authentication frame at all, it just
1053  * stores the auth_type.
1054  */
1055 static int lbs_set_authtype(struct lbs_private *priv,
1056  struct cfg80211_connect_params *sme)
1057 {
1058  struct cmd_ds_802_11_authenticate cmd;
1059  int ret;
1060 
1061  lbs_deb_enter_args(LBS_DEB_CFG80211, "%d", sme->auth_type);
1062 
1063  /*
1064  * cmd 11 00
1065  * size 19 00
1066  * sequence xx xx
1067  * result 00 00
1068  * BSS id 00 13 19 80 da 30
1069  * auth type 00
1070  * reserved 00 00 00 00 00 00 00 00 00 00
1071  */
1072  memset(&cmd, 0, sizeof(cmd));
1073  cmd.hdr.size = cpu_to_le16(sizeof(cmd));
1074  if (sme->bssid)
1075  memcpy(cmd.bssid, sme->bssid, ETH_ALEN);
1076  /* convert auth_type */
1077  ret = lbs_auth_to_authtype(sme->auth_type);
1078  if (ret < 0)
1079  goto done;
1080 
1081  cmd.authtype = ret;
1082  ret = lbs_cmd_with_response(priv, CMD_802_11_AUTHENTICATE, &cmd);
1083 
1084  done:
1085  lbs_deb_leave_args(LBS_DEB_CFG80211, "ret %d", ret);
1086  return ret;
1087 }
1088 
1089 
1090 /*
1091  * Create association request
1092  */
1093 #define LBS_ASSOC_MAX_CMD_SIZE \
1094  (sizeof(struct cmd_ds_802_11_associate) \
1095  - 512 /* cmd_ds_802_11_associate.iebuf */ \
1096  + LBS_MAX_SSID_TLV_SIZE \
1097  + LBS_MAX_CHANNEL_TLV_SIZE \
1098  + LBS_MAX_CF_PARAM_TLV_SIZE \
1099  + LBS_MAX_AUTH_TYPE_TLV_SIZE \
1100  + LBS_MAX_WPA_TLV_SIZE)
1101 
1102 static int lbs_associate(struct lbs_private *priv,
1103  struct cfg80211_bss *bss,
1104  struct cfg80211_connect_params *sme)
1105 {
1106  struct cmd_ds_802_11_associate_response *resp;
1107  struct cmd_ds_802_11_associate *cmd = kzalloc(LBS_ASSOC_MAX_CMD_SIZE,
1108  GFP_KERNEL);
1109  const u8 *ssid_eid;
1110  size_t len, resp_ie_len;
1111  int status;
1112  int ret;
1113  u8 *pos = &(cmd->iebuf[0]);
1114  u8 *tmp;
1115 
1116  lbs_deb_enter(LBS_DEB_CFG80211);
1117 
1118  if (!cmd) {
1119  ret = -ENOMEM;
1120  goto done;
1121  }
1122 
1123  /*
1124  * cmd 50 00
1125  * length 34 00
1126  * sequence xx xx
1127  * result 00 00
1128  * BSS id 00 13 19 80 da 30
1129  * capabilities 11 00
1130  * listen interval 0a 00
1131  * beacon interval 00 00
1132  * DTIM period 00
1133  * TLVs xx (up to 512 bytes)
1134  */
1135  cmd->hdr.command = cpu_to_le16(CMD_802_11_ASSOCIATE);
1136 
1137  /* Fill in static fields */
1138  memcpy(cmd->bssid, bss->bssid, ETH_ALEN);
1139  cmd->listeninterval = cpu_to_le16(MRVDRV_DEFAULT_LISTEN_INTERVAL);
1140  cmd->capability = cpu_to_le16(bss->capability);
1141 
1142  /* add SSID TLV */
1143  ssid_eid = ieee80211_bss_get_ie(bss, WLAN_EID_SSID);
1144  if (ssid_eid)
1145  pos += lbs_add_ssid_tlv(pos, ssid_eid + 2, ssid_eid[1]);
1146  else
1147  lbs_deb_assoc("no SSID\n");
1148 
1149  /* add DS param TLV */
1150  if (bss->channel)
1151  pos += lbs_add_channel_tlv(pos, bss->channel->hw_value);
1152  else
1153  lbs_deb_assoc("no channel\n");
1154 
1155  /* add (empty) CF param TLV */
1156  pos += lbs_add_cf_param_tlv(pos);
1157 
1158  /* add rates TLV */
1159  tmp = pos + 4; /* skip Marvell IE header */
1160  pos += lbs_add_common_rates_tlv(pos, bss);
1161  lbs_deb_hex(LBS_DEB_ASSOC, "Common Rates", tmp, pos - tmp);
1162 
1163  /* add auth type TLV */
1164  if (MRVL_FW_MAJOR_REV(priv->fwrelease) >= 9)
1165  pos += lbs_add_auth_type_tlv(pos, sme->auth_type);
1166 
1167  /* add WPA/WPA2 TLV */
1168  if (sme->ie && sme->ie_len)
1169  pos += lbs_add_wpa_tlv(pos, sme->ie, sme->ie_len);
1170 
1171  len = (sizeof(*cmd) - sizeof(cmd->iebuf)) +
1172  (u16)(pos - (u8 *) &cmd->iebuf);
1173  cmd->hdr.size = cpu_to_le16(len);
1174 
1175  lbs_deb_hex(LBS_DEB_ASSOC, "ASSOC_CMD", (u8 *) cmd,
1176  le16_to_cpu(cmd->hdr.size));
1177 
1178  /* store for later use */
1179  memcpy(priv->assoc_bss, bss->bssid, ETH_ALEN);
1180 
1181  ret = lbs_cmd_with_response(priv, CMD_802_11_ASSOCIATE, cmd);
1182  if (ret)
1183  goto done;
1184 
1185  /* generate connect message to cfg80211 */
1186 
1187  resp = (void *) cmd; /* recast for easier field access */
1188  status = le16_to_cpu(resp->statuscode);
1189 
1190  /* Older FW versions map the IEEE 802.11 Status Code in the association
1191  * response to the following values returned in resp->statuscode:
1192  *
1193  * IEEE Status Code Marvell Status Code
1194  * 0 -> 0x0000 ASSOC_RESULT_SUCCESS
1195  * 13 -> 0x0004 ASSOC_RESULT_AUTH_REFUSED
1196  * 14 -> 0x0004 ASSOC_RESULT_AUTH_REFUSED
1197  * 15 -> 0x0004 ASSOC_RESULT_AUTH_REFUSED
1198  * 16 -> 0x0004 ASSOC_RESULT_AUTH_REFUSED
1199  * others -> 0x0003 ASSOC_RESULT_REFUSED
1200  *
1201  * Other response codes:
1202  * 0x0001 -> ASSOC_RESULT_INVALID_PARAMETERS (unused)
1203  * 0x0002 -> ASSOC_RESULT_TIMEOUT (internal timer expired waiting for
1204  * association response from the AP)
1205  */
1206  if (MRVL_FW_MAJOR_REV(priv->fwrelease) <= 8) {
1207  switch (status) {
1208  case 0:
1209  break;
1210  case 1:
1211  lbs_deb_assoc("invalid association parameters\n");
1212  status = WLAN_STATUS_CAPS_UNSUPPORTED;
1213  break;
1214  case 2:
1215  lbs_deb_assoc("timer expired while waiting for AP\n");
1216  status = WLAN_STATUS_AUTH_TIMEOUT;
1217  break;
1218  case 3:
1219  lbs_deb_assoc("association refused by AP\n");
1220  status = WLAN_STATUS_ASSOC_DENIED_UNSPEC;
1221  break;
1222  case 4:
1223  lbs_deb_assoc("authentication refused by AP\n");
1224  status = WLAN_STATUS_UNKNOWN_AUTH_TRANSACTION;
1225  break;
1226  default:
1227  lbs_deb_assoc("association failure %d\n", status);
1228  /* v5 OLPC firmware does return the AP status code if
1229  * it's not one of the values above. Let that through.
1230  */
1231  break;
1232  }
1233  }
1234 
1235  lbs_deb_assoc("status %d, statuscode 0x%04x, capability 0x%04x, "
1236  "aid 0x%04x\n", status, le16_to_cpu(resp->statuscode),
1237  le16_to_cpu(resp->capability), le16_to_cpu(resp->aid));
1238 
1239  resp_ie_len = le16_to_cpu(resp->hdr.size)
1240  - sizeof(resp->hdr)
1241  - 6;
1242  cfg80211_connect_result(priv->dev,
1243  priv->assoc_bss,
1244  sme->ie, sme->ie_len,
1245  resp->iebuf, resp_ie_len,
1246  status,
1247  GFP_KERNEL);
1248 
1249  if (status == 0) {
1250  /* TODO: get rid of priv->connect_status */
1251  priv->connect_status = LBS_CONNECTED;
1252  netif_carrier_on(priv->dev);
1253  if (!priv->tx_pending_len)
1254  netif_tx_wake_all_queues(priv->dev);
1255  }
1256 
1257  kfree(cmd);
1258 done:
1259  lbs_deb_leave_args(LBS_DEB_CFG80211, "ret %d", ret);
1260  return ret;
1261 }
1262 
1263 static struct cfg80211_scan_request *
1264 _new_connect_scan_req(struct wiphy *wiphy, struct cfg80211_connect_params *sme)
1265 {
1266  struct cfg80211_scan_request *creq = NULL;
1267  int i, n_channels = 0;
1268  enum ieee80211_band band;
1269 
1270  for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
1271  if (wiphy->bands[band])
1272  n_channels += wiphy->bands[band]->n_channels;
1273  }
1274 
1275  creq = kzalloc(sizeof(*creq) + sizeof(struct cfg80211_ssid) +
1276  n_channels * sizeof(void *),
1277  GFP_ATOMIC);
1278  if (!creq)
1279  return NULL;
1280 
1281  /* SSIDs come after channels */
1282  creq->ssids = (void *)&creq->channels[n_channels];
1283  creq->n_channels = n_channels;
1284  creq->n_ssids = 1;
1285 
1286  /* Scan all available channels */
1287  i = 0;
1288  for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
1289  int j;
1290 
1291  if (!wiphy->bands[band])
1292  continue;
1293 
1294  for (j = 0; j < wiphy->bands[band]->n_channels; j++) {
1295  /* ignore disabled channels */
1296  if (wiphy->bands[band]->channels[j].flags &
1297  IEEE80211_CHAN_DISABLED)
1298  continue;
1299 
1300  creq->channels[i] = &wiphy->bands[band]->channels[j];
1301  i++;
1302  }
1303  }
1304  if (i) {
1305  /* Set real number of channels specified in creq->channels[] */
1306  creq->n_channels = i;
1307 
1308  /* Scan for the SSID we're going to connect to */
1309  memcpy(creq->ssids[0].ssid, sme->ssid, sme->ssid_len);
1310  creq->ssids[0].ssid_len = sme->ssid_len;
1311  } else {
1312  /* No channels found... */
1313  kfree(creq);
1314  creq = NULL;
1315  }
1316 
1317  return creq;
1318 }
1319 
1320 static int lbs_cfg_connect(struct wiphy *wiphy, struct net_device *dev,
1321  struct cfg80211_connect_params *sme)
1322 {
1323  struct lbs_private *priv = wiphy_priv(wiphy);
1324  struct cfg80211_bss *bss = NULL;
1325  int ret = 0;
1326  u8 preamble = RADIO_PREAMBLE_SHORT;
1327 
1328  if (dev == priv->mesh_dev)
1329  return -EOPNOTSUPP;
1330 
1331  lbs_deb_enter(LBS_DEB_CFG80211);
1332 
1333  if (!sme->bssid) {
1334  struct cfg80211_scan_request *creq;
1335 
1336  /*
1337  * Scan for the requested network after waiting for existing
1338  * scans to finish.
1339  */
1340  lbs_deb_assoc("assoc: waiting for existing scans\n");
1341  wait_event_interruptible_timeout(priv->scan_q,
1342  (priv->scan_req == NULL),
1343  (15 * HZ));
1344 
1345  creq = _new_connect_scan_req(wiphy, sme);
1346  if (!creq) {
1347  ret = -EINVAL;
1348  goto done;
1349  }
1350 
1351  lbs_deb_assoc("assoc: scanning for compatible AP\n");
1352  _internal_start_scan(priv, true, creq);
1353 
1354  lbs_deb_assoc("assoc: waiting for scan to complete\n");
1355  wait_event_interruptible_timeout(priv->scan_q,
1356  (priv->scan_req == NULL),
1357  (15 * HZ));
1358  lbs_deb_assoc("assoc: scanning competed\n");
1359  }
1360 
1361  /* Find the BSS we want using available scan results */
1362  bss = cfg80211_get_bss(wiphy, sme->channel, sme->bssid,
1363  sme->ssid, sme->ssid_len,
1364  WLAN_CAPABILITY_ESS, WLAN_CAPABILITY_ESS);
1365  if (!bss) {
1366  wiphy_err(wiphy, "assoc: bss %pM not in scan results\n",
1367  sme->bssid);
1368  ret = -ENOENT;
1369  goto done;
1370  }
1371  lbs_deb_assoc("trying %pM\n", bss->bssid);
1372  lbs_deb_assoc("cipher 0x%x, key index %d, key len %d\n",
1373  sme->crypto.cipher_group,
1374  sme->key_idx, sme->key_len);
1375 
1376  /* As this is a new connection, clear locally stored WEP keys */
1377  priv->wep_tx_key = 0;
1378  memset(priv->wep_key, 0, sizeof(priv->wep_key));
1379  memset(priv->wep_key_len, 0, sizeof(priv->wep_key_len));
1380 
1381  /* set/remove WEP keys */
1382  switch (sme->crypto.cipher_group) {
1383  case WLAN_CIPHER_SUITE_WEP40:
1384  case WLAN_CIPHER_SUITE_WEP104:
1385  /* Store provided WEP keys in priv-> */
1386  priv->wep_tx_key = sme->key_idx;
1387  priv->wep_key_len[sme->key_idx] = sme->key_len;
1388  memcpy(priv->wep_key[sme->key_idx], sme->key, sme->key_len);
1389  /* Set WEP keys and WEP mode */
1390  lbs_set_wep_keys(priv);
1391  priv->mac_control |= CMD_ACT_MAC_WEP_ENABLE;
1392  lbs_set_mac_control(priv);
1393  /* No RSN mode for WEP */
1394  lbs_enable_rsn(priv, 0);
1395  break;
1396  case 0: /* there's no WLAN_CIPHER_SUITE_NONE definition */
1397  /*
1398  * If we don't have no WEP, no WPA and no WPA2,
1399  * we remove all keys like in the WPA/WPA2 setup,
1400  * we just don't set RSN.
1401  *
1402  * Therefore: fall-through
1403  */
1404  case WLAN_CIPHER_SUITE_TKIP:
1405  case WLAN_CIPHER_SUITE_CCMP:
1406  /* Remove WEP keys and WEP mode */
1407  lbs_remove_wep_keys(priv);
1408  priv->mac_control &= ~CMD_ACT_MAC_WEP_ENABLE;
1409  lbs_set_mac_control(priv);
1410 
1411  /* clear the WPA/WPA2 keys */
1412  lbs_set_key_material(priv,
1413  KEY_TYPE_ID_WEP, /* doesn't matter */
1414  KEY_INFO_WPA_UNICAST,
1415  NULL, 0);
1416  lbs_set_key_material(priv,
1417  KEY_TYPE_ID_WEP, /* doesn't matter */
1418  KEY_INFO_WPA_MCAST,
1419  NULL, 0);
1420  /* RSN mode for WPA/WPA2 */
1421  lbs_enable_rsn(priv, sme->crypto.cipher_group != 0);
1422  break;
1423  default:
1424  wiphy_err(wiphy, "unsupported cipher group 0x%x\n",
1425  sme->crypto.cipher_group);
1426  ret = -ENOTSUPP;
1427  goto done;
1428  }
1429 
1430  ret = lbs_set_authtype(priv, sme);
1431  if (ret == -ENOTSUPP) {
1432  wiphy_err(wiphy, "unsupported authtype 0x%x\n", sme->auth_type);
1433  goto done;
1434  }
1435 
1436  lbs_set_radio(priv, preamble, 1);
1437 
1438  /* Do the actual association */
1439  ret = lbs_associate(priv, bss, sme);
1440 
1441  done:
1442  if (bss)
1443  cfg80211_put_bss(bss);
1444  lbs_deb_leave_args(LBS_DEB_CFG80211, "ret %d", ret);
1445  return ret;
1446 }
1447 
1448 int lbs_disconnect(struct lbs_private *priv, u16 reason)
1449 {
1450  struct cmd_ds_802_11_deauthenticate cmd;
1451  int ret;
1452 
1453  memset(&cmd, 0, sizeof(cmd));
1454  cmd.hdr.size = cpu_to_le16(sizeof(cmd));
1455  /* Mildly ugly to use a locally store my own BSSID ... */
1456  memcpy(cmd.macaddr, &priv->assoc_bss, ETH_ALEN);
1457  cmd.reasoncode = cpu_to_le16(reason);
1458 
1459  ret = lbs_cmd_with_response(priv, CMD_802_11_DEAUTHENTICATE, &cmd);
1460  if (ret)
1461  return ret;
1462 
1463  cfg80211_disconnected(priv->dev,
1464  reason,
1465  NULL, 0,
1466  GFP_KERNEL);
1467  priv->connect_status = LBS_DISCONNECTED;
1468 
1469  return 0;
1470 }
1471 
1472 static int lbs_cfg_disconnect(struct wiphy *wiphy, struct net_device *dev,
1473  u16 reason_code)
1474 {
1475  struct lbs_private *priv = wiphy_priv(wiphy);
1476 
1477  if (dev == priv->mesh_dev)
1478  return -EOPNOTSUPP;
1479 
1480  lbs_deb_enter_args(LBS_DEB_CFG80211, "reason_code %d", reason_code);
1481 
1482  /* store for lbs_cfg_ret_disconnect() */
1483  priv->disassoc_reason = reason_code;
1484 
1485  return lbs_disconnect(priv, reason_code);
1486 }
1487 
1488 static int lbs_cfg_set_default_key(struct wiphy *wiphy,
1489  struct net_device *netdev,
1490  u8 key_index, bool unicast,
1491  bool multicast)
1492 {
1493  struct lbs_private *priv = wiphy_priv(wiphy);
1494 
1495  if (netdev == priv->mesh_dev)
1496  return -EOPNOTSUPP;
1497 
1498  lbs_deb_enter(LBS_DEB_CFG80211);
1499 
1500  if (key_index != priv->wep_tx_key) {
1501  lbs_deb_assoc("set_default_key: to %d\n", key_index);
1502  priv->wep_tx_key = key_index;
1503  lbs_set_wep_keys(priv);
1504  }
1505 
1506  return 0;
1507 }
1508 
1509 
1510 static int lbs_cfg_add_key(struct wiphy *wiphy, struct net_device *netdev,
1511  u8 idx, bool pairwise, const u8 *mac_addr,
1512  struct key_params *params)
1513 {
1514  struct lbs_private *priv = wiphy_priv(wiphy);
1515  u16 key_info;
1516  u16 key_type;
1517  int ret = 0;
1518 
1519  if (netdev == priv->mesh_dev)
1520  return -EOPNOTSUPP;
1521 
1522  lbs_deb_enter(LBS_DEB_CFG80211);
1523 
1524  lbs_deb_assoc("add_key: cipher 0x%x, mac_addr %pM\n",
1525  params->cipher, mac_addr);
1526  lbs_deb_assoc("add_key: key index %d, key len %d\n",
1527  idx, params->key_len);
1528  if (params->key_len)
1529  lbs_deb_hex(LBS_DEB_CFG80211, "KEY",
1530  params->key, params->key_len);
1531 
1532  lbs_deb_assoc("add_key: seq len %d\n", params->seq_len);
1533  if (params->seq_len)
1534  lbs_deb_hex(LBS_DEB_CFG80211, "SEQ",
1535  params->seq, params->seq_len);
1536 
1537  switch (params->cipher) {
1538  case WLAN_CIPHER_SUITE_WEP40:
1539  case WLAN_CIPHER_SUITE_WEP104:
1540  /* actually compare if something has changed ... */
1541  if ((priv->wep_key_len[idx] != params->key_len) ||
1542  memcmp(priv->wep_key[idx],
1543  params->key, params->key_len) != 0) {
1544  priv->wep_key_len[idx] = params->key_len;
1545  memcpy(priv->wep_key[idx],
1546  params->key, params->key_len);
1547  lbs_set_wep_keys(priv);
1548  }
1549  break;
1550  case WLAN_CIPHER_SUITE_TKIP:
1551  case WLAN_CIPHER_SUITE_CCMP:
1552  key_info = KEY_INFO_WPA_ENABLED | ((idx == 0)
1553  ? KEY_INFO_WPA_UNICAST
1554  : KEY_INFO_WPA_MCAST);
1555  key_type = (params->cipher == WLAN_CIPHER_SUITE_TKIP)
1556  ? KEY_TYPE_ID_TKIP
1557  : KEY_TYPE_ID_AES;
1558  lbs_set_key_material(priv,
1559  key_type,
1560  key_info,
1561  params->key, params->key_len);
1562  break;
1563  default:
1564  wiphy_err(wiphy, "unhandled cipher 0x%x\n", params->cipher);
1565  ret = -ENOTSUPP;
1566  break;
1567  }
1568 
1569  return ret;
1570 }
1571 
1572 
1573 static int lbs_cfg_del_key(struct wiphy *wiphy, struct net_device *netdev,
1574  u8 key_index, bool pairwise, const u8 *mac_addr)
1575 {
1576 
1577  lbs_deb_enter(LBS_DEB_CFG80211);
1578 
1579  lbs_deb_assoc("del_key: key_idx %d, mac_addr %pM\n",
1580  key_index, mac_addr);
1581 
1582 #ifdef TODO
1583  struct lbs_private *priv = wiphy_priv(wiphy);
1584  /*
1585  * I think can keep this a NO-OP, because:
1586 
1587  * - we clear all keys whenever we do lbs_cfg_connect() anyway
1588  * - neither "iw" nor "wpa_supplicant" won't call this during
1589  * an ongoing connection
1590  * - TODO: but I have to check if this is still true when
1591  * I set the AP to periodic re-keying
1592  * - we've not kzallec() something when we've added a key at
1593  * lbs_cfg_connect() or lbs_cfg_add_key().
1594  *
1595  * This causes lbs_cfg_del_key() only called at disconnect time,
1596  * where we'd just waste time deleting a key that is not going
1597  * to be used anyway.
1598  */
1599  if (key_index < 3 && priv->wep_key_len[key_index]) {
1600  priv->wep_key_len[key_index] = 0;
1601  lbs_set_wep_keys(priv);
1602  }
1603 #endif
1604 
1605  return 0;
1606 }
1607 
1608 
1609 /*
1610  * Get station
1611  */
1612 
1613 static int lbs_cfg_get_station(struct wiphy *wiphy, struct net_device *dev,
1614  u8 *mac, struct station_info *sinfo)
1615 {
1616  struct lbs_private *priv = wiphy_priv(wiphy);
1617  s8 signal, noise;
1618  int ret;
1619  size_t i;
1620 
1621  lbs_deb_enter(LBS_DEB_CFG80211);
1622 
1623  sinfo->filled |= STATION_INFO_TX_BYTES |
1624  STATION_INFO_TX_PACKETS |
1625  STATION_INFO_RX_BYTES |
1626  STATION_INFO_RX_PACKETS;
1627  sinfo->tx_bytes = priv->dev->stats.tx_bytes;
1628  sinfo->tx_packets = priv->dev->stats.tx_packets;
1629  sinfo->rx_bytes = priv->dev->stats.rx_bytes;
1630  sinfo->rx_packets = priv->dev->stats.rx_packets;
1631 
1632  /* Get current RSSI */
1633  ret = lbs_get_rssi(priv, &signal, &noise);
1634  if (ret == 0) {
1635  sinfo->signal = signal;
1636  sinfo->filled |= STATION_INFO_SIGNAL;
1637  }
1638 
1639  /* Convert priv->cur_rate from hw_value to NL80211 value */
1640  for (i = 0; i < ARRAY_SIZE(lbs_rates); i++) {
1641  if (priv->cur_rate == lbs_rates[i].hw_value) {
1642  sinfo->txrate.legacy = lbs_rates[i].bitrate;
1643  sinfo->filled |= STATION_INFO_TX_BITRATE;
1644  break;
1645  }
1646  }
1647 
1648  return 0;
1649 }
1650 
1651 
1652 
1653 
1654 /*
1655  * Change interface
1656  */
1657 
1658 static int lbs_change_intf(struct wiphy *wiphy, struct net_device *dev,
1659  enum nl80211_iftype type, u32 *flags,
1660  struct vif_params *params)
1661 {
1662  struct lbs_private *priv = wiphy_priv(wiphy);
1663  int ret = 0;
1664 
1665  if (dev == priv->mesh_dev)
1666  return -EOPNOTSUPP;
1667 
1668  switch (type) {
1669  case NL80211_IFTYPE_MONITOR:
1670  case NL80211_IFTYPE_STATION:
1671  case NL80211_IFTYPE_ADHOC:
1672  break;
1673  default:
1674  return -EOPNOTSUPP;
1675  }
1676 
1677  lbs_deb_enter(LBS_DEB_CFG80211);
1678 
1679  if (priv->iface_running)
1680  ret = lbs_set_iface_type(priv, type);
1681 
1682  if (!ret)
1683  priv->wdev->iftype = type;
1684 
1685  lbs_deb_leave_args(LBS_DEB_CFG80211, "ret %d", ret);
1686  return ret;
1687 }
1688 
1689 
1690 
1691 /*
1692  * IBSS (Ad-Hoc)
1693  */
1694 
1695 /*
1696  * The firmware needs the following bits masked out of the beacon-derived
1697  * capability field when associating/joining to a BSS:
1698  * 9 (QoS), 11 (APSD), 12 (unused), 14 (unused), 15 (unused)
1699  */
1700 #define CAPINFO_MASK (~(0xda00))
1701 
1702 
1703 static void lbs_join_post(struct lbs_private *priv,
1704  struct cfg80211_ibss_params *params,
1705  u8 *bssid, u16 capability)
1706 {
1707  u8 fake_ie[2 + IEEE80211_MAX_SSID_LEN + /* ssid */
1708  2 + 4 + /* basic rates */
1709  2 + 1 + /* DS parameter */
1710  2 + 2 + /* atim */
1711  2 + 8]; /* extended rates */
1712  u8 *fake = fake_ie;
1713  struct cfg80211_bss *bss;
1714 
1715  lbs_deb_enter(LBS_DEB_CFG80211);
1716 
1717  /*
1718  * For cfg80211_inform_bss, we'll need a fake IE, as we can't get
1719  * the real IE from the firmware. So we fabricate a fake IE based on
1720  * what the firmware actually sends (sniffed with wireshark).
1721  */
1722  /* Fake SSID IE */
1723  *fake++ = WLAN_EID_SSID;
1724  *fake++ = params->ssid_len;
1725  memcpy(fake, params->ssid, params->ssid_len);
1726  fake += params->ssid_len;
1727  /* Fake supported basic rates IE */
1728  *fake++ = WLAN_EID_SUPP_RATES;
1729  *fake++ = 4;
1730  *fake++ = 0x82;
1731  *fake++ = 0x84;
1732  *fake++ = 0x8b;
1733  *fake++ = 0x96;
1734  /* Fake DS channel IE */
1735  *fake++ = WLAN_EID_DS_PARAMS;
1736  *fake++ = 1;
1737  *fake++ = params->channel->hw_value;
1738  /* Fake IBSS params IE */
1739  *fake++ = WLAN_EID_IBSS_PARAMS;
1740  *fake++ = 2;
1741  *fake++ = 0; /* ATIM=0 */
1742  *fake++ = 0;
1743  /* Fake extended rates IE, TODO: don't add this for 802.11b only,
1744  * but I don't know how this could be checked */
1745  *fake++ = WLAN_EID_EXT_SUPP_RATES;
1746  *fake++ = 8;
1747  *fake++ = 0x0c;
1748  *fake++ = 0x12;
1749  *fake++ = 0x18;
1750  *fake++ = 0x24;
1751  *fake++ = 0x30;
1752  *fake++ = 0x48;
1753  *fake++ = 0x60;
1754  *fake++ = 0x6c;
1755  lbs_deb_hex(LBS_DEB_CFG80211, "IE", fake_ie, fake - fake_ie);
1756 
1757  bss = cfg80211_inform_bss(priv->wdev->wiphy,
1758  params->channel,
1759  bssid,
1760  0,
1761  capability,
1762  params->beacon_interval,
1763  fake_ie, fake - fake_ie,
1764  0, GFP_KERNEL);
1765  cfg80211_put_bss(bss);
1766 
1767  memcpy(priv->wdev->ssid, params->ssid, params->ssid_len);
1768  priv->wdev->ssid_len = params->ssid_len;
1769 
1770  cfg80211_ibss_joined(priv->dev, bssid, GFP_KERNEL);
1771 
1772  /* TODO: consider doing this at MACREG_INT_CODE_LINK_SENSED time */
1773  priv->connect_status = LBS_CONNECTED;
1774  netif_carrier_on(priv->dev);
1775  if (!priv->tx_pending_len)
1776  netif_wake_queue(priv->dev);
1777 
1778  lbs_deb_leave(LBS_DEB_CFG80211);
1779 }
1780 
1781 static int lbs_ibss_join_existing(struct lbs_private *priv,
1782  struct cfg80211_ibss_params *params,
1783  struct cfg80211_bss *bss)
1784 {
1785  const u8 *rates_eid = ieee80211_bss_get_ie(bss, WLAN_EID_SUPP_RATES);
1786  struct cmd_ds_802_11_ad_hoc_join cmd;
1787  u8 preamble = RADIO_PREAMBLE_SHORT;
1788  int ret = 0;
1789 
1790  lbs_deb_enter(LBS_DEB_CFG80211);
1791 
1792  /* TODO: set preamble based on scan result */
1793  ret = lbs_set_radio(priv, preamble, 1);
1794  if (ret)
1795  goto out;
1796 
1797  /*
1798  * Example CMD_802_11_AD_HOC_JOIN command:
1799  *
1800  * command 2c 00 CMD_802_11_AD_HOC_JOIN
1801  * size 65 00
1802  * sequence xx xx
1803  * result 00 00
1804  * bssid 02 27 27 97 2f 96
1805  * ssid 49 42 53 53 00 00 00 00
1806  * 00 00 00 00 00 00 00 00
1807  * 00 00 00 00 00 00 00 00
1808  * 00 00 00 00 00 00 00 00
1809  * type 02 CMD_BSS_TYPE_IBSS
1810  * beacon period 64 00
1811  * dtim period 00
1812  * timestamp 00 00 00 00 00 00 00 00
1813  * localtime 00 00 00 00 00 00 00 00
1814  * IE DS 03
1815  * IE DS len 01
1816  * IE DS channel 01
1817  * reserveed 00 00 00 00
1818  * IE IBSS 06
1819  * IE IBSS len 02
1820  * IE IBSS atim 00 00
1821  * reserved 00 00 00 00
1822  * capability 02 00
1823  * rates 82 84 8b 96 0c 12 18 24 30 48 60 6c 00
1824  * fail timeout ff 00
1825  * probe delay 00 00
1826  */
1827  memset(&cmd, 0, sizeof(cmd));
1828  cmd.hdr.size = cpu_to_le16(sizeof(cmd));
1829 
1830  memcpy(cmd.bss.bssid, bss->bssid, ETH_ALEN);
1831  memcpy(cmd.bss.ssid, params->ssid, params->ssid_len);
1832  cmd.bss.type = CMD_BSS_TYPE_IBSS;
1833  cmd.bss.beaconperiod = cpu_to_le16(params->beacon_interval);
1834  cmd.bss.ds.header.id = WLAN_EID_DS_PARAMS;
1835  cmd.bss.ds.header.len = 1;
1836  cmd.bss.ds.channel = params->channel->hw_value;
1837  cmd.bss.ibss.header.id = WLAN_EID_IBSS_PARAMS;
1838  cmd.bss.ibss.header.len = 2;
1839  cmd.bss.ibss.atimwindow = 0;
1840  cmd.bss.capability = cpu_to_le16(bss->capability & CAPINFO_MASK);
1841 
1842  /* set rates to the intersection of our rates and the rates in the
1843  bss */
1844  if (!rates_eid) {
1845  lbs_add_rates(cmd.bss.rates);
1846  } else {
1847  int hw, i;
1848  u8 rates_max = rates_eid[1];
1849  u8 *rates = cmd.bss.rates;
1850  for (hw = 0; hw < ARRAY_SIZE(lbs_rates); hw++) {
1851  u8 hw_rate = lbs_rates[hw].bitrate / 5;
1852  for (i = 0; i < rates_max; i++) {
1853  if (hw_rate == (rates_eid[i+2] & 0x7f)) {
1854  u8 rate = rates_eid[i+2];
1855  if (rate == 0x02 || rate == 0x04 ||
1856  rate == 0x0b || rate == 0x16)
1857  rate |= 0x80;
1858  *rates++ = rate;
1859  }
1860  }
1861  }
1862  }
1863 
1864  /* Only v8 and below support setting this */
1865  if (MRVL_FW_MAJOR_REV(priv->fwrelease) <= 8) {
1866  cmd.failtimeout = cpu_to_le16(MRVDRV_ASSOCIATION_TIME_OUT);
1867  cmd.probedelay = cpu_to_le16(CMD_SCAN_PROBE_DELAY_TIME);
1868  }
1869  ret = lbs_cmd_with_response(priv, CMD_802_11_AD_HOC_JOIN, &cmd);
1870  if (ret)
1871  goto out;
1872 
1873  /*
1874  * This is a sample response to CMD_802_11_AD_HOC_JOIN:
1875  *
1876  * response 2c 80
1877  * size 09 00
1878  * sequence xx xx
1879  * result 00 00
1880  * reserved 00
1881  */
1882  lbs_join_post(priv, params, bss->bssid, bss->capability);
1883 
1884  out:
1885  lbs_deb_leave_args(LBS_DEB_CFG80211, "ret %d", ret);
1886  return ret;
1887 }
1888 
1889 
1890 
1891 static int lbs_ibss_start_new(struct lbs_private *priv,
1892  struct cfg80211_ibss_params *params)
1893 {
1894  struct cmd_ds_802_11_ad_hoc_start cmd;
1895  struct cmd_ds_802_11_ad_hoc_result *resp =
1896  (struct cmd_ds_802_11_ad_hoc_result *) &cmd;
1897  u8 preamble = RADIO_PREAMBLE_SHORT;
1898  int ret = 0;
1899  u16 capability;
1900 
1901  lbs_deb_enter(LBS_DEB_CFG80211);
1902 
1903  ret = lbs_set_radio(priv, preamble, 1);
1904  if (ret)
1905  goto out;
1906 
1907  /*
1908  * Example CMD_802_11_AD_HOC_START command:
1909  *
1910  * command 2b 00 CMD_802_11_AD_HOC_START
1911  * size b1 00
1912  * sequence xx xx
1913  * result 00 00
1914  * ssid 54 45 53 54 00 00 00 00
1915  * 00 00 00 00 00 00 00 00
1916  * 00 00 00 00 00 00 00 00
1917  * 00 00 00 00 00 00 00 00
1918  * bss type 02
1919  * beacon period 64 00
1920  * dtim period 00
1921  * IE IBSS 06
1922  * IE IBSS len 02
1923  * IE IBSS atim 00 00
1924  * reserved 00 00 00 00
1925  * IE DS 03
1926  * IE DS len 01
1927  * IE DS channel 01
1928  * reserved 00 00 00 00
1929  * probe delay 00 00
1930  * capability 02 00
1931  * rates 82 84 8b 96 (basic rates with have bit 7 set)
1932  * 0c 12 18 24 30 48 60 6c
1933  * padding 100 bytes
1934  */
1935  memset(&cmd, 0, sizeof(cmd));
1936  cmd.hdr.size = cpu_to_le16(sizeof(cmd));
1937  memcpy(cmd.ssid, params->ssid, params->ssid_len);
1938  cmd.bsstype = CMD_BSS_TYPE_IBSS;
1939  cmd.beaconperiod = cpu_to_le16(params->beacon_interval);
1940  cmd.ibss.header.id = WLAN_EID_IBSS_PARAMS;
1941  cmd.ibss.header.len = 2;
1942  cmd.ibss.atimwindow = 0;
1943  cmd.ds.header.id = WLAN_EID_DS_PARAMS;
1944  cmd.ds.header.len = 1;
1945  cmd.ds.channel = params->channel->hw_value;
1946  /* Only v8 and below support setting probe delay */
1947  if (MRVL_FW_MAJOR_REV(priv->fwrelease) <= 8)
1948  cmd.probedelay = cpu_to_le16(CMD_SCAN_PROBE_DELAY_TIME);
1949  /* TODO: mix in WLAN_CAPABILITY_PRIVACY */
1950  capability = WLAN_CAPABILITY_IBSS;
1951  cmd.capability = cpu_to_le16(capability);
1952  lbs_add_rates(cmd.rates);
1953 
1954 
1955  ret = lbs_cmd_with_response(priv, CMD_802_11_AD_HOC_START, &cmd);
1956  if (ret)
1957  goto out;
1958 
1959  /*
1960  * This is a sample response to CMD_802_11_AD_HOC_JOIN:
1961  *
1962  * response 2b 80
1963  * size 14 00
1964  * sequence xx xx
1965  * result 00 00
1966  * reserved 00
1967  * bssid 02 2b 7b 0f 86 0e
1968  */
1969  lbs_join_post(priv, params, resp->bssid, capability);
1970 
1971  out:
1972  lbs_deb_leave_args(LBS_DEB_CFG80211, "ret %d", ret);
1973  return ret;
1974 }
1975 
1976 
1977 static int lbs_join_ibss(struct wiphy *wiphy, struct net_device *dev,
1978  struct cfg80211_ibss_params *params)
1979 {
1980  struct lbs_private *priv = wiphy_priv(wiphy);
1981  int ret = 0;
1982  struct cfg80211_bss *bss;
1983  DECLARE_SSID_BUF(ssid_buf);
1984 
1985  if (dev == priv->mesh_dev)
1986  return -EOPNOTSUPP;
1987 
1988  lbs_deb_enter(LBS_DEB_CFG80211);
1989 
1990  if (!params->channel) {
1991  ret = -ENOTSUPP;
1992  goto out;
1993  }
1994 
1995  ret = lbs_set_channel(priv, params->channel->hw_value);
1996  if (ret)
1997  goto out;
1998 
1999  /* Search if someone is beaconing. This assumes that the
2000  * bss list is populated already */
2001  bss = cfg80211_get_bss(wiphy, params->channel, params->bssid,
2002  params->ssid, params->ssid_len,
2003  WLAN_CAPABILITY_IBSS, WLAN_CAPABILITY_IBSS);
2004 
2005  if (bss) {
2006  ret = lbs_ibss_join_existing(priv, params, bss);
2007  cfg80211_put_bss(bss);
2008  } else
2009  ret = lbs_ibss_start_new(priv, params);
2010 
2011 
2012  out:
2013  lbs_deb_leave_args(LBS_DEB_CFG80211, "ret %d", ret);
2014  return ret;
2015 }
2016 
2017 
2018 static int lbs_leave_ibss(struct wiphy *wiphy, struct net_device *dev)
2019 {
2020  struct lbs_private *priv = wiphy_priv(wiphy);
2021  struct cmd_ds_802_11_ad_hoc_stop cmd;
2022  int ret = 0;
2023 
2024  if (dev == priv->mesh_dev)
2025  return -EOPNOTSUPP;
2026 
2027  lbs_deb_enter(LBS_DEB_CFG80211);
2028 
2029  memset(&cmd, 0, sizeof(cmd));
2030  cmd.hdr.size = cpu_to_le16(sizeof(cmd));
2031  ret = lbs_cmd_with_response(priv, CMD_802_11_AD_HOC_STOP, &cmd);
2032 
2033  /* TODO: consider doing this at MACREG_INT_CODE_ADHOC_BCN_LOST time */
2034  lbs_mac_event_disconnected(priv);
2035 
2036  lbs_deb_leave_args(LBS_DEB_CFG80211, "ret %d", ret);
2037  return ret;
2038 }
2039 
2040 
2041 
2042 
2043 /*
2044  * Initialization
2045  */
2046 
2047 static struct cfg80211_ops lbs_cfg80211_ops = {
2048  .set_monitor_channel = lbs_cfg_set_monitor_channel,
2049  .libertas_set_mesh_channel = lbs_cfg_set_mesh_channel,
2050  .scan = lbs_cfg_scan,
2051  .connect = lbs_cfg_connect,
2052  .disconnect = lbs_cfg_disconnect,
2053  .add_key = lbs_cfg_add_key,
2054  .del_key = lbs_cfg_del_key,
2055  .set_default_key = lbs_cfg_set_default_key,
2056  .get_station = lbs_cfg_get_station,
2057  .change_virtual_intf = lbs_change_intf,
2058  .join_ibss = lbs_join_ibss,
2059  .leave_ibss = lbs_leave_ibss,
2060 };
2061 
2062 
2063 /*
2064  * At this time lbs_private *priv doesn't even exist, so we just allocate
2065  * memory and don't initialize the wiphy further. This is postponed until we
2066  * can talk to the firmware and happens at registration time in
2067  * lbs_cfg_wiphy_register().
2068  */
2069 struct wireless_dev *lbs_cfg_alloc(struct device *dev)
2070 {
2071  int ret = 0;
2072  struct wireless_dev *wdev;
2073 
2074  lbs_deb_enter(LBS_DEB_CFG80211);
2075 
2076  wdev = kzalloc(sizeof(struct wireless_dev), GFP_KERNEL);
2077  if (!wdev) {
2078  dev_err(dev, "cannot allocate wireless device\n");
2079  return ERR_PTR(-ENOMEM);
2080  }
2081 
2082  wdev->wiphy = wiphy_new(&lbs_cfg80211_ops, sizeof(struct lbs_private));
2083  if (!wdev->wiphy) {
2084  dev_err(dev, "cannot allocate wiphy\n");
2085  ret = -ENOMEM;
2086  goto err_wiphy_new;
2087  }
2088 
2089  lbs_deb_leave(LBS_DEB_CFG80211);
2090  return wdev;
2091 
2092  err_wiphy_new:
2093  kfree(wdev);
2094  lbs_deb_leave_args(LBS_DEB_CFG80211, "ret %d", ret);
2095  return ERR_PTR(ret);
2096 }
2097 
2098 
2099 static void lbs_cfg_set_regulatory_hint(struct lbs_private *priv)
2100 {
2101  struct region_code_mapping {
2102  const char *cn;
2103  int code;
2104  };
2105 
2106  /* Section 5.17.2 */
2107  static const struct region_code_mapping regmap[] = {
2108  {"US ", 0x10}, /* US FCC */
2109  {"CA ", 0x20}, /* Canada */
2110  {"EU ", 0x30}, /* ETSI */
2111  {"ES ", 0x31}, /* Spain */
2112  {"FR ", 0x32}, /* France */
2113  {"JP ", 0x40}, /* Japan */
2114  };
2115  size_t i;
2116 
2117  lbs_deb_enter(LBS_DEB_CFG80211);
2118 
2119  for (i = 0; i < ARRAY_SIZE(regmap); i++)
2120  if (regmap[i].code == priv->regioncode) {
2121  regulatory_hint(priv->wdev->wiphy, regmap[i].cn);
2122  break;
2123  }
2124 
2125  lbs_deb_leave(LBS_DEB_CFG80211);
2126 }
2127 
2128 
2129 /*
2130  * This function get's called after lbs_setup_firmware() determined the
2131  * firmware capabities. So we can setup the wiphy according to our
2132  * hardware/firmware.
2133  */
2134 int lbs_cfg_register(struct lbs_private *priv)
2135 {
2136  struct wireless_dev *wdev = priv->wdev;
2137  int ret;
2138 
2139  lbs_deb_enter(LBS_DEB_CFG80211);
2140 
2141  wdev->wiphy->max_scan_ssids = 1;
2142  wdev->wiphy->signal_type = CFG80211_SIGNAL_TYPE_MBM;
2143 
2144  wdev->wiphy->interface_modes =
2145  BIT(NL80211_IFTYPE_STATION) |
2146  BIT(NL80211_IFTYPE_ADHOC);
2147  if (lbs_rtap_supported(priv))
2148  wdev->wiphy->interface_modes |= BIT(NL80211_IFTYPE_MONITOR);
2149  if (lbs_mesh_activated(priv))
2150  wdev->wiphy->interface_modes |= BIT(NL80211_IFTYPE_MESH_POINT);
2151 
2152  wdev->wiphy->bands[IEEE80211_BAND_2GHZ] = &lbs_band_2ghz;
2153 
2154  /*
2155  * We could check priv->fwcapinfo && FW_CAPINFO_WPA, but I have
2156  * never seen a firmware without WPA
2157  */
2158  wdev->wiphy->cipher_suites = cipher_suites;
2159  wdev->wiphy->n_cipher_suites = ARRAY_SIZE(cipher_suites);
2160  wdev->wiphy->reg_notifier = lbs_reg_notifier;
2161 
2162  ret = wiphy_register(wdev->wiphy);
2163  if (ret < 0)
2164  pr_err("cannot register wiphy device\n");
2165 
2166  priv->wiphy_registered = true;
2167 
2168  ret = register_netdev(priv->dev);
2169  if (ret)
2170  pr_err("cannot register network device\n");
2171 
2172  INIT_DELAYED_WORK(&priv->scan_work, lbs_scan_worker);
2173 
2174  lbs_cfg_set_regulatory_hint(priv);
2175 
2176  lbs_deb_leave_args(LBS_DEB_CFG80211, "ret %d", ret);
2177  return ret;
2178 }
2179 
2180 int lbs_reg_notifier(struct wiphy *wiphy,
2181  struct regulatory_request *request)
2182 {
2183  struct lbs_private *priv = wiphy_priv(wiphy);
2184  int ret = 0;
2185 
2186  lbs_deb_enter_args(LBS_DEB_CFG80211, "cfg80211 regulatory domain "
2187  "callback for domain %c%c\n", request->alpha2[0],
2188  request->alpha2[1]);
2189 
2190  memcpy(priv->country_code, request->alpha2, sizeof(request->alpha2));
2191  if (lbs_iface_active(priv))
2192  ret = lbs_set_11d_domain_info(priv);
2193 
2194  lbs_deb_leave(LBS_DEB_CFG80211);
2195  return ret;
2196 }
2197 
2198 void lbs_scan_deinit(struct lbs_private *priv)
2199 {
2200  lbs_deb_enter(LBS_DEB_CFG80211);
2201  cancel_delayed_work_sync(&priv->scan_work);
2202 }
2203 
2204 
2205 void lbs_cfg_free(struct lbs_private *priv)
2206 {
2207  struct wireless_dev *wdev = priv->wdev;
2208 
2209  lbs_deb_enter(LBS_DEB_CFG80211);
2210 
2211  if (!wdev)
2212  return;
2213 
2214  if (priv->wiphy_registered)
2215  wiphy_unregister(wdev->wiphy);
2216 
2217  if (wdev->wiphy)
2218  wiphy_free(wdev->wiphy);
2219 
2220  kfree(wdev);
2221 }
Generated on Thu Jan 10 2013 14:11:53 for Linux Kernel by   doxygen 1.8.2